Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Content provided by Mehmet Gonullu. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Mehmet Gonullu or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Player FM - Podcast App
Go offline with the Player FM app!

#522 Navigating Compliance in the AI Era: Lori Crooks on Cybersecurity and Risk Management

41:51
 
Share
 

Manage episode 509296247 series 3506362
Content provided by Mehmet Gonullu. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Mehmet Gonullu or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

In this episode of The CTO Show with Mehmet, I sit down with Lori Crooks, CEO of Cadra, to explore the evolving world of compliance and cybersecurity. From FedRAMP and SOC 2 to the latest AI regulations, Lori breaks down why compliance matters, where companies often go wrong, and how startups can use compliance as a competitive advantage.

We also dive into Lori’s entrepreneurial journey as a solo founder in a male-dominated industry, her lessons learned in building Cadra, and her advice for the next generation of founders and leaders.

About Lori Crooks

Lori Crooks is the founder and CEO of Cadra, a consultancy specializing in cybersecurity compliance. With 20+ years of experience spanning government, accounting, and technology, Lori helps organizations navigate complex frameworks such as FedRAMP, SOC 2, ISO, PCI DSS, and HIPAA. Beyond compliance, she is passionate about mentoring women in cybersecurity and building the next wave of leaders in the field.

Key Takeaways

• Why compliance is more than just checking a box

• The most misunderstood aspects of frameworks like FedRAMP, SOC 2, and HIPAA

• The hidden risks of third-party vendors and supply chains

• How startups can prepare for compliance before selling to enterprise or government customers

• The role of training programs in preventing human-factor breaches

• The cultural balance between security and productivity

• How AI and automation are reshaping compliance audits and regulations

• Lori’s entrepreneurial lessons as a solo founder in cybersecurity

What You’ll Learn

Listeners will gain practical insights into:

• Building and maintaining compliance readiness year after year

• Protecting customer data as a startup or SME

• Evaluating and managing third-party vendor risks

• Implementing effective employee security awareness programs

• Understanding emerging AI compliance frameworks like ISO 42001 and NIST’s AI Cybersecurity Framework

• Finding your niche and building credibility in a competitive industry

Episode Highlights

• [00:04] Lori’s journey from accounting to cybersecurity

• [00:07] Why FedRAMP is the toughest compliance framework today

• [00:11] The ongoing nature of compliance (not a one-time project)

• [00:13] Third-party vendor risks and real-world examples

• [00:17] Security training programs that actually stick

• [00:21] Balancing compliance with company culture

• [00:23] AI and automation in compliance audits

• [00:26] Are we ready for AI regulation?

• [00:29] Data leaks, LLMs, and employee training

• [00:30] Lori’s entrepreneurial journey as a solo founder

• [00:33] Competing with Big Four consultancies by finding a niche

• [00:36] Encouraging more women in cybersecurity

• [00:38] Advice for startup founders on what not to neglect

Resources Mentioned

Cadrawww.cadra.com

• Connect with Lori Crooks on LinkedIn: https://www.linkedin.com/in/lori-crooks/

  continue reading

522 episodes

Artwork
iconShare
 
Manage episode 509296247 series 3506362
Content provided by Mehmet Gonullu. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Mehmet Gonullu or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

In this episode of The CTO Show with Mehmet, I sit down with Lori Crooks, CEO of Cadra, to explore the evolving world of compliance and cybersecurity. From FedRAMP and SOC 2 to the latest AI regulations, Lori breaks down why compliance matters, where companies often go wrong, and how startups can use compliance as a competitive advantage.

We also dive into Lori’s entrepreneurial journey as a solo founder in a male-dominated industry, her lessons learned in building Cadra, and her advice for the next generation of founders and leaders.

About Lori Crooks

Lori Crooks is the founder and CEO of Cadra, a consultancy specializing in cybersecurity compliance. With 20+ years of experience spanning government, accounting, and technology, Lori helps organizations navigate complex frameworks such as FedRAMP, SOC 2, ISO, PCI DSS, and HIPAA. Beyond compliance, she is passionate about mentoring women in cybersecurity and building the next wave of leaders in the field.

Key Takeaways

• Why compliance is more than just checking a box

• The most misunderstood aspects of frameworks like FedRAMP, SOC 2, and HIPAA

• The hidden risks of third-party vendors and supply chains

• How startups can prepare for compliance before selling to enterprise or government customers

• The role of training programs in preventing human-factor breaches

• The cultural balance between security and productivity

• How AI and automation are reshaping compliance audits and regulations

• Lori’s entrepreneurial lessons as a solo founder in cybersecurity

What You’ll Learn

Listeners will gain practical insights into:

• Building and maintaining compliance readiness year after year

• Protecting customer data as a startup or SME

• Evaluating and managing third-party vendor risks

• Implementing effective employee security awareness programs

• Understanding emerging AI compliance frameworks like ISO 42001 and NIST’s AI Cybersecurity Framework

• Finding your niche and building credibility in a competitive industry

Episode Highlights

• [00:04] Lori’s journey from accounting to cybersecurity

• [00:07] Why FedRAMP is the toughest compliance framework today

• [00:11] The ongoing nature of compliance (not a one-time project)

• [00:13] Third-party vendor risks and real-world examples

• [00:17] Security training programs that actually stick

• [00:21] Balancing compliance with company culture

• [00:23] AI and automation in compliance audits

• [00:26] Are we ready for AI regulation?

• [00:29] Data leaks, LLMs, and employee training

• [00:30] Lori’s entrepreneurial journey as a solo founder

• [00:33] Competing with Big Four consultancies by finding a niche

• [00:36] Encouraging more women in cybersecurity

• [00:38] Advice for startup founders on what not to neglect

Resources Mentioned

Cadrawww.cadra.com

• Connect with Lori Crooks on LinkedIn: https://www.linkedin.com/in/lori-crooks/

  continue reading

522 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play