The Mission Episode
Transcript
Introduction to the Guest and Topic:
Host Allie Krings introduces Joseph Kirkpatrick, Founder of Kirkpatrick Price. The conversation focuses on launching “Our Cyber Security Mission” and the broader goal of elevating standards across the cybersecurity and compliance industry. Joseph shares his background, explaining that his interest in technology began in the early days of personal computing and evolved into a career driven by a passion for doing things right and protecting systems from malicious actors.
What Is the Cyber Security Mission?:
The cyber security mission is about elevating standards across the industry and recognizing that cybersecurity is a shared responsibility. It’s not just about individual organizations protecting themselves, but about working together to address increasingly complex and growing threats. The mission emphasizes collaboration, continuous improvement, and raising the bar for compliance practices.
What Does Cybersecurity Look Like Up Close?:
For Organizations: Cybersecurity involves understanding that audits and compliance efforts are inherently difficult but necessary. Effective organizations embrace this challenge, using audits as an opportunity to identify weaknesses, improve systems, and strengthen their overall security posture.
For Auditors: Strong auditors bring real-world experience and a deep understanding of client environments. They don’t just review documentation—they actively test systems, processes, and people to uncover issues and provide meaningful insights.
What Are the Biggest Gaps in Compliance?:
One major gap is the misconception that audits should be easy or straightforward. Organizations that underestimate the complexity of compliance often fail to identify critical vulnerabilities.
Another common gap is over-reliance on assumptions—such as believing vendors or third parties are handling security responsibilities when, in reality, those controls may not be implemented at all.
How Should Organizations Approach Audits?:
Expect the Unexpected: Organizations must understand that audits are designed to uncover unknown risks. They should approach audits with openness and a willingness to identify and address weaknesses.
Choose the Right Auditor: It’s important to evaluate the experience and expertise of the actual auditor—not just the firm. Organizations should ensure auditors have relevant, hands-on experience with similar technologies and environments.
Trust the Process: Effective audits require trusting independent experts to assess systems objectively and uncover issues that may not be visible internally.
What Are the Biggest Lessons Learned from Real Audits?:
A key lesson is that assumptions can create serious risks. For example, organizations may believe a vendor is responsible for certain controls, only to discover during an audit that those controls were never implemented.
This highlights the importance of clearly defining responsibilities and verifying that all security measures are actually in place, rather than assumed.
Why Is Risk Assessment Important?:
Risk assessment is the foundation of cybersecurity. It involves continuously evaluating potential threats and understanding how vulnerabilities could be exploited. This mindset applies not only to technology but also to everyday decision-making, helping organizations and individuals remain proactive in identifying and mitigating risks.
How Can Organizations Stay Ahead?:
Continuous Education: Because technology evolves rapidly, organizations must prioritize ongoing learning. This includes regular training, certifications, and knowledge sharing among teams to keep up with emerging threats and best practices.
Team Collaboration: No single individual can keep up with all aspects of cybersecurity. A team-based approach allows organizations to distribute expertise and stay current across multiple areas.
What Is the Role of Auditors in Success?:
Auditors play a critical role by providing an objective view of an organization’s security posture. Their goal is not to simply validate compliance, but to uncover real risks and provide actionable insights.
The most effective auditors are those who have real-world experience and are capable of testing systems thoroughly to deliver accurate and meaningful results.
How Can Companies Ensure Compliance?:
Compliance begins with acknowledging the complexity of cybersecurity and committing to continuous improvement. Organizations must implement strong processes, validate their controls, and ensure responsibilities are clearly defined across internal teams and third-party vendors.
By focusing on thorough audits, ongoing education, and a mission-driven approach, companies can strengthen their security posture and achieve long-term compliance success.
Notes
The Mission Episode
In our very first episode, host Allie Krings sits down with Joseph Kirkpatrick, Founder and President of KirkpatrickPrice, to launch Our Cybersecurity Mission. Why does this industry need a mission, not just individual companies working in silos? Joseph shares the story behind starting KirkpatrickPrice, why being honest about how hard a cybersecurity audit really is makes for a better outcome, and what it means to hire auditors who’ve actually sat in the client’s seat. They also dig into risk assessment as the foundation of everything, what to look for when hiring an auditor, and a surprising story from the field that shows just how much can slip through the cracks when nobody’s asking the right questions. It’s a behind-the-scenes look at why KirkpatrickPrice does things the way it does — and a preview of everything this podcast will cover in the weeks ahead.
At KirkpatrickPrice, we’re on a mission to help 10,000 organizations raise the bar for cybersecurity and compliance. Join Our Cybersecurity Mission. If you’re going to invest in an audit, it should deliver real value. That’s why we partner with you from audit readiness to final report, ensuring you get the assurance you deserve.
Ready to strengthen your security and compliance posture? Connect with an expert today and learn how we can help you meet your toughest goals.
Send a Question
Do you have a question for our podcast? Send it to us here.