The biggest cybersecurity failures in recent memory — Raytheon, Penn State, Georgia Tech — weren't caused by missing software. They were caused by the wrong people being assigned the wrong tasks, with no shared language to connect the rules to the work.

This SecureTalk episode with Dorian Cougias (MoxyWolf, former Unified Compliance Framework CEO) is one of the most systems-level conversations we've had on the show. Dorian spent decades building the infrastructure that compliance programs run on — and he's now rebuilding it from scratch, in the open.

What you'll hear:

→ Why the compliance industry is structurally fragmented across three authority domains that don't communicate

→ How Bloom's Taxonomy — a tool from education — maps directly to which compliance tasks belong to which roles

→ Why the Oxford English Dictionary doesn't have "personal data" in it, and what that tells us about regulatory language

→ The O*NET framework and why the Department of Labor might be the most underused tool in cybersecurity

→ Shannon's entropy theory, applied to compliance and cognitive load

→ A new open-source STIG API infrastructure that StrikeGraph is integrating as a launch partner

Whether you're deep in the compliance trenches or just fascinated by how complex systems fail — and how to redesign them — this is worth your time.

🔗 strikegraph.com | stigviewer.com

Chapters:

00:00 Introduction and Background

02:43 Exploring Compliance and Natural Language Processing

05:15 Military Experience and Signal Intelligence

08:01 Cognitive Load and Compliance Frameworks

10:49 The Importance of Language in Compliance

13:39 The Evolution of Dictionaries and Lexicons

16:16 Bridging Gaps in Compliance Communication

18:47 Innovations at MoxieWolf and Future Directions

22:04 Mapping Skills and Regulatory Guidelines

25:05 Job Applicability and Knowledge Requirements

28:02 The Importance of O*NET in Cybersecurity

29:21 Challenges in CMMC Compliance

33:23 The Role of Technology in Compliance

35:38 Horizontal Practices in Compliance

38:15 Building Effective Teams for Compliance

42:21 Introduction to Compliance Failures

45:19 The Human Element in Compliance

48:10 Navigating Compliance Complexity with Technology

48:57 Introduction to Cybersecurity Compliance Challenges

54:09 The Role of People in Compliance Success

56:01 Guest Introduction: Dorian Cougas

01:00:48 Exploring Bloom's Taxonomy in Compliance

01:05:48 The Importance of Shared Lexicons

01:09:32 Navigating Compliance with Technology

01:15:11 MoxieWolf's Approach to Compliance

01:20:49 The Interconnectedness of Compliance Tasks

01:27:51 Real-World Compliance Challenges

01:33:57 Building Effective Teams for Compliance

#Cybersecurity #ComplianceCulture #CMMC #HumanFactors #GRC #TechPolicy #SecureTalk