Media Thumbnail
00:00
00:00
1x
  • 0.5
  • 1
  • 1.25
  • 1.5
  • 1.75
  • 2

Cybersecurity Compliance Buzzwords with Marie Joseph and Christina Annechino, Trava

This is a podcast episode titled, Cybersecurity Compliance Buzzwords with Marie Joseph and Christina Annechino, Trava. The summary for this episode is: <p>“It's hard to have privacy without security and to have effective security that requires strong protection of personal identifiable information, or PII. So security, privacy, and compliance really must go hand in hand. If one is prioritized over the other, it can have an adverse effect.” - Christina Annechino</p><p><br></p><p>On this episode, we welcome back both Christina Annechino and Marie Joseph to bring us back to a little more 101 on Cybersecurity. With host Jara Rowe, the team breaks down terms and buzzwords that you need to know to keep you and your company’s data safe.&nbsp;</p><p>Find out the difference between a breach and an incident, the nuances of security, privacy, and compliance, and gain insights into the crucial importance of cyber hygiene. We'll also explore the key differences between data security and data protection, understanding acronyms like GDPR, CCPA, HIPAA, and PIPEDA, and grasping the significance of maintaining asset inventories.</p><p><br></p><p>In this episode, you’ll learn:&nbsp;</p><ul><li>The difference between a breach, when a threat actor gains unauthorized access, and an incident, where data is compromised, is crucial for proactive security measures.</li><li>Understand frameworks vs. standards: Frameworks provide an overview of requirements for compliance and certification, while standards outline specific criteria that must be met, forming the foundation of cybersecurity best practices.</li><li>The importance of cyber hygiene or the tools, processes, and policies you need to maintain a strong security posture, enabling constant improvement in cybersecurity health within organizations.</li></ul><p><br></p><p>Things to listen for:</p><p>[00:24 - 02:47] Introduction to episode and compliance series</p><p>[02:57 - 04:25] The difference between security and privacy and compliance</p><p>[04:28 - 06:08] The challenges in balancing security, privacy and compliance</p><p>[06:26 - 07:24]&nbsp; The difference between risk and control</p><p>[07:31 - 09:46] The difference between a breach and an incident</p><p>[09:58 - 11:03] The difference between data security and protection</p><p>[11:03 - 12:18] The most common data protection regulations</p><p>[12:31 - 13:10] The difference between frameworks and standards</p><p>[13:22 - 14:50] What is RBAC and how it relates to cybersecurity</p><p>[14:50 - 16:45] The meaning of IoT and maintaining inventory assets</p><p>[16:50 - 18:00] What does Cyber Hygiene mean</p><p>[18:01 - 20:37] Jara’s receipts</p><p><br></p><p><strong>Resources:</strong></p><p><a href="https://travasecurity.com/learn-with-trava/resources/conquer-compliance-jargon-download-the-free-cybersecurity-compliance-glossary?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">Conquer Compliance Jargon: Download the Free Cybersecurity Compliance Glossary</a></p><p><a href="https://travasecurity.com/learn-with-trava/blog/data-security-101-decoding-incidents-and-breaches" rel="noopener noreferrer" target="_blank">Data Security 101: Decoding Incidents and Breaches</a></p><p><a href="https://travasecurity.com/learn-with-trava/blog/safeguarding-your-connected-devices-a-practical-approach-to-iot-security?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">Safeguarding Your Connected Devices: A Practical Approach to IoT Security</a></p><p><br></p><p><strong>Connect with the Guest:</strong></p><p><a href="https://www.linkedin.com/in/marie-joseph-a81394143/" rel="noopener noreferrer" target="_blank">Marie Joseph's LinkedIn</a></p><p><a href="https://www.linkedin.com/in/christina-annechino/" rel="noopener noreferrer" target="_blank">Christina Annechino's LinkedIn</a></p><p><br></p><p><strong>Connect with the host:</strong></p><p><a href="https://www.linkedin.com/in/jararowe/" rel="noopener noreferrer" target="_blank">Jara Rowe’s LinkedIn</a></p><p><br></p><p><strong>Connect with Trava:</strong></p><p>Website<a href="http://www.travasecurity.com/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> www.travasecurity.com&nbsp;</a></p><p>Blog<a href="https://travasecurity.com/learn-with-trava/blog?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> www.travasecurity.com/blog</a></p><p>LinkedIn<a href="https://www.linkedin.com/company/travasecurity/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> @travasecurity</a></p><p>YouTube<a href="https://www.youtube.com/@travasecurity?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> @travasecurity</a></p>
The difference between security and privacy and compliance
01:30 MIN
The challenges in balancing security, privacy and compliance
01:42 MIN
The difference between risk and control
00:58 MIN
The difference between a breach and an incident
02:19 MIN
The difference between data security and protection
01:05 MIN
The most common data protection regulations
01:14 MIN
The difference between frameworks and standards
00:40 MIN
What is RBAC and how it relates to cybersecurity
01:29 MIN
The meaning of IoT and maintaining inventory assets
01:54 MIN
What does Cyber Hygiene mean
01:05 MIN
Jara's Receipts
02:10 MIN

Today's Host

Guest Thumbnail

Jara Rowe

|Content Marketing Specialist

Today's Guest

Guest Thumbnail

Marie Joseph

|Sr. Security Solutions Engineer at Trava
Currently, as a Senior Security Solutions Engineer at Trava, I work on different compliance projects which include both security and privacy-driven frameworks with clients. I have helped with conducting annual risk assessments on clients and used that knowledge to help organizations towards different compliance certifications and attestations: SOC2, ISO27001, CCPA, GDPR, etc. In August 2020, I graduated from Indiana University, where I received a graduate degree of Master of Science in Cybersecurity Risk Management through the Kelley School of Business, Maurer School of Law, and Luddy School of Informatics, Computing, and Engineering. Through this program, I gained experience working with incident response plans, cybersecurity best practices, and analysis work through clinics and capstones with IU Health and Eli Lilly. In my undergrad career, I studied Law and Public Policy in the O'Neill School of Public and Environmental Affairs, along with receiving a minor in Human Resource Management. In my undergrad, I traveled abroad in London to learn about UK and US National Security, along with learning from leaders in the MI5, MI6, and the New Scotland Yard. Along with this, I have taken heavy course loads regarding national security, homeland security, law, and policy. In my high school and college experiences, I have developed leadership skills through my work as a nanny, tutor, photographer, and media internships. I have developed leadership skills through my chair position on Indiana University Dance Marathon (IUDM), being Director of Chapter History for my sorority Alpha Gamma Delta, and being Photography Editor for my nationally ranked high school yearbook. I have won multiple awards for my work in photography and photoshop, and was given the prestigious opportunity to attend Media Day for the Indianapolis 500 in 2014 to interview and photograph all the drivers.
Connect with Marie
Guest Thumbnail

Christina Annechino

|Cybersecurity Analyst at Trava
In May 2022, I graduated with a MS degree in Cybersecurity. With this degree I have acquired skills that have enhanced my knowledge and experience in network security, vulnerability assessment, and threat analysis. I have had one technical internship in web development where I reviewed GitLab CI/CD pipelines of medical websites to understand the architecture of jobs in each stage building components such as repositories, libraries, modules, and dependencies to enter testing and deployment. I have also had leadership roles at my university such as working in Career Services and as a board member for Pace Computing Society and PoPTV. I thrive when challenged and thoroughly enjoy learning new things, improving upon myself and my skills. I believe my strong educational background in tech displayed by my undergraduate and graduate degrees demonstrates my knowledge and dedication to becoming a valuable employee in any tech position I attain. A common component that can be seen on any standard company website is their mission statement. If I had to summarize my mission statement, derived from my experience and skills, it would be to contribute revolutionary ideas to the brightest minds working towards the advancement of technology, bettering the world.
Connect with Christina