Introducing the Penn State Whistleblower.

In this episode, the whistleblower explains how he tried to stop Penn State from misrepresenting their NIST 800-171 compliance to the DoD and what he has faced since he blew the whistle!

Whistleblower attorney Julie Bracker also shares what the media got wrong in this case and the latest on the Georgia Tech FCA case!

Here are a few highlights from this episode:

- Hear directly from the whistleblower in this False Claims Act case

- What the media got wrong

- Recommendations to universities

- Advice for other whistleblowers

Matthew Decker was the Chief Information Officer at the Applied Research Laboratory at Penn State from 2015 until 2023 and the interim Vice Provost and CIO responsible for all of Penn State from January 2016 until September 2016. Matthew currently serves as the Chief Data and Information Officer at NASA’s Jet Propulsion Laboratory since 2023.

It was fascinating to learn that the university assumed compliance with their own AD95 security policy meant they were automatically compliant (at least to some measure) with NIST 800-171. This is a great reminder that the details always matter!

Special thanks to Matt for sharing his story with us, and to Julie Bracker for coordinating this interview!

Follow Julie on LinkedIn: https://www.linkedin.com/in/juliekeetonbracker/

Bracker & Marcus LLC Website: https://www.fcacounsel.com/

Connect with Matt on LinkedIn: https://www.linkedin.com/in/matt-decker-cio/

Whistleblower's Handbook: https://www.amazon.com/New-Whistleblowers-Handbook-Step-Step/dp/1493028812/

-----------

Thanks to our sponsor Vanta!

Want to save time filling out security questionnaires?

Experience questionnaire automation here: https://vanta.com/grcacademy

-----------

Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!

Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e37&utm_campaign=courses

#whistleblower #cmmc #cybersecurity