S3E2: Jacob Horne

In this episode of Resilient Cyber, Chris Hughes and Dr. Nikki Robinson are joined by Jacob Horne, a well-known expert in cybersecurity compliance and CMMC. They discuss the ever-present debate of security versus compliance and why many in the industry struggle with balancing the two. Jacob shares insights from his 15-year journey in cybersecurity, working with military, government acquisitions, and compliance frameworks like NIST and CMMC. 🔐

🔑 Key Highlights:

• Jacob’s transition from military cybersecurity to compliance and CMMC leadership

• Why "compliance doesn't equal security" is both true and misleading

• The psychological phenomenon of surrogation and how it affects organizations’ focus on compliance metrics

• Differences between security and compliance and why both are needed for risk management

• Insights into NIST, CMMC, and their role in government and defense contracting

• How security engineers can balance technical requirements with compliance demands

• Advice for those navigating complex cybersecurity frameworks in today’s evolving landscape

Jacob also discusses the future of compliance in cybersecurity and how organizations can adapt to meet both regulatory and security goals.