PODCAST · technology
Trust and Turbulence
by Josh Brickman
Joshua Brickman spent more than 20 years working in cybersecurity certifications, government assurance, and global security regulation. This podcast explores the intersection of security, AI, regulation, and trust — from Common Criteria and FIPS 140 to post-quantum cryptography, supply chain security, cloud assurance, and the EU Cyber Resilience Act. The show turns complex technical and policy issues into practical conversations for businesses, policymakers, technologists, and consumers.
-
3
Technical Competence Requirements For CRA Notified Bodies Quick Summary
This is a short pod about the release by ENISA entitled "Technical Competence Requirements for CRA Notified Bodies." You can access the document directly here: https://www.enisa.europa.eu/publications/technical-competence-requirements-for-cra-notified-bodies
-
2
Trust, Resilience & the Future of Cybersecurity | Mary Ann Davidson & Edna Conway
In this episode of Trust & Turbulence, Joshua Brickman sits down with two of the most influential voices in cybersecurity leadership: Mary Ann Davidson, former Chief Security Officer of Oracle, and Edna Conway, former Chief Security & Risk Officer at Cisco and Microsoft.Drawing on decades of experience in product security, risk management, supply chain assurance, and cybersecurity policy, they discuss how organizations can build trust and resilience in an increasingly complex digital world.Topics include:• The origins of supply chain security• Lessons from the SolarWinds attack• CISO accountability and cyber resilience• The EU Cyber Resilience Act and global regulation• Software Bills of Materials (SBOMs)• AI and product security• Building a culture of trust and securityRather than focusing on headlines, this conversation examines the deeper challenges facing technology providers, governments, and security leaders as they navigate an evolving threat landscape.Guests:Mary Ann Davidson – Former Chief Security Officer, OracleEdna Conway – Former Chief Security & Risk Officer, Cisco and MicrosoftHosted by Joshua BrickmanChapters00:00 Introduction03:26 Supply Chain Security Origins18:33 Lessons from SolarWinds35:47 How the EU Is Reshaping Cybersecurity45:20 Can AI Make Software More Secure?
-
1
EU Cyber Resilience Act Explained
In this walkthrough of the EU Cyber Acts Conference focused on the EU Cyber Resilience Act, Joshua Brickman explains what the EUCRA is all about to the Common Criteria Users Forum virtual spring workshop. This was recorded on April 1, 2026. 00:00 Conference Recap00:23 Cybersecurity Act Basics02:20 CRA Marketplace Rules03:43 Scope Digital Products04:18 Penalties And Deadlines06:03 Vulnerability Reporting Duties09:05 CRA Is Law Now09:38 Product Classes Overview11:27 Standards And Gray Areas13:41 Nokia Program Timeline14:57 Support Period Liability16:50 Q&A Product Families19:30 Reporting Portal Uncertainty21:24 Vertical Standards Trouble22:37 Crypto Requirements24:14 Worst Case Scenario26:30 Conformity Modules And Labs28:50 Liability And Resourcing Gaps31:11 Call To Organize31:55 Skills Needed and Conclusion
We're indexing this podcast's transcripts for the first time — this can take a minute or two. We'll show results as soon as they're ready.
No matches for "" in this podcast's transcripts.
No topics indexed yet for this podcast.
Loading reviews...
ABOUT THIS SHOW
Joshua Brickman spent more than 20 years working in cybersecurity certifications, government assurance, and global security regulation. This podcast explores the intersection of security, AI, regulation, and trust — from Common Criteria and FIPS 140 to post-quantum cryptography, supply chain security, cloud assurance, and the EU Cyber Resilience Act. The show turns complex technical and policy issues into practical conversations for businesses, policymakers, technologists, and consumers.
HOSTED BY
Josh Brickman
CATEGORIES
Loading similar podcasts...