Scinary Information Nexus

Episode 33: Turn a Failed Cybersecurity Audit into a Budget Increase

Listen Later

This week, Richard, Brazos, Mario, and Joe tear apart the red tape of NIST 800-53, CIS Controls, and state-mandated audits. We discuss the disconnect between legislators in the capital and the reality of a one-person IT department in a small school district.

We also address the "Tech Support Brain" vs. "Auditor Brain" phenomenon and answer the burning question: Should you fudge your numbers to avoid looking bad on a state report? (Spoiler: No, and here is why). Plus, we reveal the "Malicious Compliance" strategy - how to use a low compliance score to force your board to finally sign that check for the tools you need.

In this episode, we discuss:

  • The absurdity of "one-size-fits-all" government mandates.
  • Why NIST and CIS controls often fail small organizations.
  • The temptation to lie on self-assessments (and why you shouldn't).
  • "Auditor Brain": Dealing with compliance officers who don't understand tech.
  • Strategic Failure: How to use a bad score to get more budget.
  • The Scinary "10 Commandments" of controls.
  • Also... do golden toilets actually have better Wi-Fi?

    • If you are drowning in paperwork and compliance checklists, this episode is for you.

    Connect with Scinary Cybersecurity:

    https://www.scinary.com
    https://x.com/scinarycyber

    https://www.linkedin.com/company/scinarycyber/

    ...more
    View all episodesView all episodes
    Download on the App Store
    Scinary Information NexusBy Scinary Cybersecurity