PurePerformance Why Compliance is Important and not Boring with Michiel de Lepper
Feb 17, 2025
Michiel de Lepper, a seasoned Security and Compliance expert with experience at McAfee and Dynatrace, shares his insights on compliance's vital role in IT security. He redefines compliance from being boring to a dynamic necessity, integrated into modern tech practices. Michiel emphasizes using data to enhance security and discusses the collaboration between SecOps and DevOps for better outcomes. With a humorous nod to nostalgia, he reveals how compliance can be both exciting and essential, debunking myths surrounding mandatory training and audits.
AI Snips
Chapters
Transcript
Episode notes
Superhuman Example
- Michiel de Lepper gave the "superhuman example" to illustrate how correlating basic data reveals security threats.
- He described how login locations and times can expose impossible travel speeds, indicating a security breach.
Compliance and Security
- Compliance and security are intertwined, aiming to minimize risk.
- Compliance frameworks, like PCI DSS, standardize risk mitigation within specific sectors like banking.
Continuous Compliance
- Audits provide only a snapshot of compliance at a specific time.
- Continuous compliance is crucial for ongoing risk minimization, addressing the constant change in modern IT environments.