{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Secure Talk Podcast","title":"CMMC Is an HR Problem, Not an Enclave Problem — Here's the Proof","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/af740707\"></iframe>","width":"100%","height":180,"duration":3113,"description":"The biggest cybersecurity failures in recent memory — Raytheon, Penn State, Georgia Tech — weren't caused by missing software. They were caused by the wrong people being assigned the wrong tasks, with no shared language to connect the rules to the work.This SecureTalk episode with Dorian Cougias (MoxyWolf, former Unified Compliance Framework CEO) is one of the most systems-level conversations we've had on the show. Dorian spent decades building the infrastructure that compliance programs run on — and he's now rebuilding it from scratch, in the open.What you'll hear:→ Why the compliance industry is structurally fragmented across three authority domains that don't communicate→ How Bloom's Taxonomy — a tool from education — maps directly to which compliance tasks belong to which roles→ Why the Oxford English Dictionary doesn't have \"personal data\" in it, and what that tells us about regulatory language→ The O*NET framework and why the Department of Labor might be the most underused tool in cybersecurity→ Shannon's entropy theory, applied to compliance and cognitive load→ A new open-source STIG API infrastructure that StrikeGraph is integrating as a launch partnerWhether you're deep in the compliance trenches or just fascinated by how complex systems fail — and how to redesign them — this is worth your time.🔗 strikegraph.com | stigviewer.comChapters:00:00 Introduction and Background02:43 Exploring Compliance and Natural Language Processing05:15 Military Experience and Signal Intelligence08:01 Cognitive Load and Compliance Frameworks10:49 The Importance of Language in Compliance13:39 The Evolution of Dictionaries and Lexicons16:16 Bridging Gaps in Compliance Communication18:47 Innovations at MoxieWolf and Future Directions22:04 Mapping Skills and Regulatory Guidelines25:05 Job Applicability and Knowledge Requirements28:02 The Importance of O*NET in Cybersecurity29:21 Challenges in CMMC Compliance33:23 The Role of Technology in Compliance35:38 Horizontal Practices in...","thumbnail_url":"https://img.transistorcdn.com/FI5U-V5f7xdITFyeJIbD7DHq2VtWIj7V7SxzbEqbbTM/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS81NzRj/MTkwYWEwN2IzMjIw/ZjRhZTE0MGJiYjhi/N2YxMS5qcGc.webp","thumbnail_width":300,"thumbnail_height":300}