Episode 16

full
Published on:

22nd Aug 2022

Compliance Is Not Security!

In this fascinating Nomad Futurist Podcast, Tom Brennan, the Americas Executive Director of CREST, a cybersecurity company, speaks with Nabeel Mahmood and Phil Koblence about his life as a public interest technologist.

Brennan has been intrigued by technology ever since he was a child growing up on Long Island. His early exposure to computers dates to his grandfather bringing home two Televideo TS-802H machines which he disassembled and reassembled. He began to play some of the first interactive video games and ended up working in a local computer store selling and installing Amigas, Commodores and used IBMs.


Early on, Brennan got involved in bulletin boards as a means of engaging with a wider world and joining the hacker community.


“It was a cultural underground…We’d go to Manhattan every so often and we'd catch up at the local 2600 meeting. That's where we met a lot of folks, some of whom I stay in contact with today.”

In addition to working in the digital field, Brennan served in the Marine Corps where he learned about ethics and serving a higher purpose. After a serious injury during a live fire exercise, Brennan left the army and initiated his cybersecurity career working for a private investigator which led to writing software to help with forensics investigations. He went on to gain skills working for a range of companies including the first company that developed online transactional trading as well as numerous dot com startups.


 “My security background always crept in because we were building something and had to defend it, and then we were hacked, and we'd have to figure out why it happened.”

Brennan learned much of his craft on the job and his unfailing passion gave him the impetus to solve difficult challenges.


“I was and am still comfortable with looking at a really complex problem, trying to break it down to simple nuggets and then attacking those nuggets.”

As an advisor for several universities, Brennan discusses the criticality of establishing a basic syllabus for cybersecurity that addresses some prerequisite technical abilities.


“It really comes down to proof of competency. Can you demonstrate the appropriate ability to do incident response or security services or penetration testing?”

Brennan shares insights on a range of topics from cryptocurrency to the nuances between compliance and security.

“Security is not compliance. Compliance is compliance; security helps. But if you’re secure, you’re most likely going to be compliant because all the standards out there are the best practices.”

 

Given that the cybersecurity space is constantly evolving, Brennan emphasizes the importance of community participation where everyone can share their experiences.  

 

“Our job is to watch out for the folks that can't watch out for themselves and in cyber that's pretty much everybody, right?”


His advice to the young:


“Go deep, enjoy what you do and try to go wide at the same time, meaning, understand what else is going on out there…and don’t be afraid to ask for help!”


Tom Brennan leads the U.S. arm of CREST International, a cybersecurity and infrastructure security agency. Brennan collaborates with government and commercial organizations on cybersecurity accreditation and advocates for industry standards. His focus is on the agency’s 16 critical infrastructure sectors, which are essential to US security, the national economy, and public health and safety. He spearheads strategic plans for CREST USA’s organizational growth and serves as an industry evangelist and educator on the importance of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protections globally.


In addition, Brennan is the CIO of the national law firm Mandelbaum Barrett where he oversees critical infrastructure, privacy, and security operations. He is also a member of the Gerson Lehrman Group’s Advisory Board, a member of the County College of Morris’ Information Technology Advisory Committee, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a member of the NYU Tandon School of Engineering’s Cyber Fellows Advisory Council. Brennan also has extensive experience working with OWASP (Open Web Application Security Project).

Listen for free

Show artwork for Nomad Futurist

About the Podcast

Nomad Futurist
The #nomadfuturist show is a true tech podcast phenomenon. The two hosts are technologists and futurists, so they really know their stuff, and following their in-depth conversations feels like you have a backstage pass to a gathering of the best of the
The nomads put a new spin on the tech genre by shining a light not only on technology but also on the human side of the digital age. Tune in if you find yourself thinking about how to integrate into the digital landscape and be a part of the evolving industry.

For over two decades, Phil and Nabeel have provided a powerful catalyst for organizations to create a vision of the future and the will to innovate. As futurists, they deliver a dynamic and entertaining vision of change, blending technology, economics, demographics, culture, and human nature.

With real business experience and a deep understanding of technology, the two nomads know the difference between science fiction and useful forecasting. Rather than focusing on the distant future, they devote themselves to scanning the horizon for emerging technologies and disruptive shifts in human behavior, thereby sharing a compelling vision of tomorrow’s opportunities.