Where Compliance Meets Security: Doing Both the Right Way

Book a Call

Where Compliance Meets Security: Doing Both the Right Way

August 20, 2025

Compliance and cybersecurity are often seen as separate priorities—but the truth is, good compliance reduces risk when done right. So how do you effectively integrate both for a stronger security posture? In this session, we’ll break down the intersection of compliance and cybersecurity, share best practices, and walk through real-world examples of organizations that have successfully balanced both. Join us to learn how to align security and compliance without sacrificing one for the other.

People, Process, Technology: It Takes All 3

Other

When it comes to navigating the maze of Governance, Risk, and Compliance, there's one simple rule: finding perfect harmony between cutting-edge tech and good, old-fashioned human know-how. Picture this: a Chief Information Security Officer (CISO) paints a vision of the future where compliance is seamlessly automated. "In two to three years, we'll have everything […]

CMMC 101: What you need to know from framework to final rule

CMMC, Compliance, GRC, Top Posts

With a staggering loss of $3.5 billion in intellectual property through its contractors a year, the Department of Defense (DoD) needed a way to shore up cybersecurity in the Defense Industrial Base (DIB). From this need, the Cybersecurity Maturity Model Certification (CMMC) program was created with an initial release in 2020. The entire purpose […]

Choosing the Right Cybersecurity Framework: A Practical Guide for Leaders

Events

Speakers: Cheri Hotman and Tanya WadeHosted by: Hotman Group Why Choosing the Right Framework Matters Passing an audit is no longer enough. Many organizations still treat cybersecurity as a one-time project, something to "check off" rather than an integrated, living part of their business operations. During this session, Cheri Hotman and Tanya […]

Vulnerability Scans: Only Part of the Equation

GRC

There are two primary ways we see companies manage vulnerabilities… one of them significantly riskier than the other. Reactive strategies rely on a problem to arise before taking action. This makes reactive the riskier option of the two, hopefully for obvious reasons. Using a reactive strategy is like waiting for an electric bill to […]

Why Maturity Matters: Overcoming GRC Cognitive Overload with the Maturity Model

Events, GRC, Top Posts

Please join Kayne McGladrey, author of the GRC Maturity Model and Cheri Hotman as they explore the GRC (Governance, Risk, and Compliance) Maturity Model, a powerful tool for organizations to assess and enhance their cybersecurity practices. Achieving maturity in GRC is crucial for navigating complex regulatory landscapes and boosting overall effectiveness. Through self-assessments, organizations can […]

CMMC Compliance: Cutting Through the Confusion

CMMC, Compliance, Events, GRC, Top Posts

Cybersecurity leaders want to know, in plain terms, what they need to do when it comes to CMMC to ensure compliance and customer contractual obligations. Join us for a conversation with cybersecurity experts about what’s actually needed to stay on track with CMMC compliance. We’ll dive into the real gaps you may be facing […]

The Difficulties of People Taking Ownership

GRC

So, you've got an amazing team of tech savvy folks who love the tech side of things. They excel in implementing the latest tools and systems, but when it comes to the less glamorous side - like making sure tasks are completed and nobody drops the ball - things start to get a bit […]

Security Awareness Training – Ransomware

Security Awareness

One Click Is All It Takes A single click on a phishing link. A password change request that didn’t feel quite right. A forgotten remote desktop login. That’s all it takes for ransomware to slip in and start locking down systems—and businesses. Why Ransomware Is Still a Threat Despite increased awareness, ransomware […]