Episode 17 – The Human Side of Digital Transformation

In this episode of Cyber Insights, hosts Jim Wiggins and Altan Tugay Bulut from the ISACA Greater Washington DC Chapter sit down with Mori Ghazzawi, Director and Chief of Training at Amananet and Director at Extreme Labs, to explore why people—not technology—ultimately determine the success or failure of digital transformation efforts. With more than 30 years of experience in technology education, digital learning, and workforce enablement, Mori shares hard-earned insight into how organizations can align innovation with human capability.

Episode 16 – Cyber Compliance in the Age of GenAI

In this episode of Cyber Insights, hosts Jim Wiggins and Altan Tugay Bulut from the ISACA Greater Washington DC Chapter sit down with Supro Ghose, Chief Information Security Officer at Graphene Security, longtime financial sector security leader, and distinguished fellow with Cyber Maryland. With more than 28 years of global experience across Citi, FINRA, Visa, Microsoft, and EagleBank, Supro brings a deep, practitioner-level view of how generative AI is reshaping cybersecurity, risk, and compliance.

Episode 15 – Beyond Compliance: Turning Privacy into an Asset

In this episode of Cyber Insights, hosts Jim Wiggins and Altan Tugay Bulut from the ISACA Greater Washington DC Chapter sit down with Dr. Kyle David—former privacy analyst at the U.S. Department of Energy, founder of Dr. David LLC, and an educator specializing in privacy law and AI governance—to explore how organizations can elevate privacy from a regulatory requirement to a true strategic advantage.

Episode 14 – From Compliance to Business Advantage: Rethinking GRC

In this episode of Cyber Insights, hosts Jim Wiggins and Altan Tugay Bulut from the ISACA Greater Washington DC Chapter sit down with Laura Sawka, seasoned GRC executive, founder of Sawka Advisory Group, and former Senior Vice President of Security GRC at Salesforce, to explore how organizations can transform governance, risk management, and compliance (GRC) from a perceived obligation into a powerful strategic differentiator.

Episode 13 – Navigating Cybersecurity Leadership in Public Health Programs

In this episode of Cyber Insights, hosts Jim Wiggins and Altan Tugay Bulut welcome Ruchi Shewaramani, Chief Information Security Officer at the Washington Health Benefit Exchange, to explore the unique challenges and responsibilities of leading cybersecurity within public health programs. With more than 18 years of experience in identity and access management, governance, risk, and compliance—as well as a strong technical background—Ruchi offers a seasoned perspective on securing one of the most targeted and complex sectors in today’s threat environment.

Episode 12 – Navigating the Federal Audit Frontier

Melissa Fortson offers practical guidance on preparing for and succeeding in federal IT audits, from aligning with NIST and FISMA frameworks to managing auditor relationships effectively. She emphasizes turning audit outcomes into opportunities to strengthen security posture and operational effectiveness.

Episode 11 – Digital Age Resilience: Mastering Business Continuity

Justin Cobb shares expert strategies for building and maintaining business continuity and disaster recovery capabilities in today’s fast-changing digital landscape. The episode covers integrating resilience into enterprise risk management, mitigating supply chain risks, and applying lessons learned from real-world disruptions.

Ep. 10 – Cybersecurity Leadership: Driving Strategic Growth

Jermaine Stanley discusses how effective security leadership can both protect and grow an organization. He covers aligning cybersecurity with business goals, building stakeholder trust, and preparing for future threats.

Ep. 9 – The Evolution of IT Governance in the Digital Age

Katherine Scott explains how IT governance has shifted from compliance oversight to a driver of business value. She highlights data governance, digital resilience, and adapting frameworks like COBIT and NIST for modern challenges.

Ep. 8 – The CISO Journey: Not for the Faint of Heart

Noel Nazario offers a candid look at the pressures and rewards of the CISO role. He discusses leadership strategies, managing personal career risk, and balancing technical and business responsibilities.

Ep. 7 – Navigate the Evolving Threat Landscape with IT Audit

Liz Ryan discusses how audit practices can adapt to a rapidly changing threat landscape. They share approaches to risk-based auditing, aligning with governance priorities, and enhancing cyber resilience.

Ep. 6 – Governance, Risk, and Compliance in Modern Cybersecurity

Nirali Chawla outlines how GRC frameworks integrate with operational security to address emerging risks. The episode covers aligning governance with mission objectives and strengthening compliance readiness.

Ep. 5 – Best Practices for Securing Cyber Physical Systems (CPS)

Michael D. Smith shares strategies for protecting cyber-physical systems like IoT, OT, and industrial controls. Topics include supply chain risk management, “build-in security” principles, and leveraging MITRE and NIST guidance.

Ep. 4 – Redefining Recon: Generative AI for Penetration Testing

Dean Pompilio explores how generative AI is transforming reconnaissance for penetration testers. He shares real-world use cases, ethical considerations, and how AI can complement—rather than replace—human expertise.

Ep. 3 – Modern Federal Identity Management: ICAM’s Role in Zero Trust

Tyler Harding explains how Identity, Credential, and Access Management (ICAM) supports Zero Trust in federal environments. The conversation includes modernizing legacy identity systems, implementing adaptive authentication, and meeting federal mandates.

Ep. 2 – The Current State of the CMMC Program

Leighton Johnson breaks down the history, current status, and future of the Cybersecurity Maturity Model Certification (CMMC). Listeners learn about compliance preparation, NIST SP 800-171 alignment, and evolving DoD requirements.

Ep. 1 – Resilient Cyber Strategy: Threat Analysis to Roadmaps

Sushila Nair discusses building resilient cybersecurity strategies from threat analysis to actionable roadmaps. The episode covers aligning resources with priorities, anticipating adversary tactics, and embedding adaptability into security planning.