Cybersecurity incidents usually stem from human-enabled actions. But to err is human; it is only by learning from those mistakes that we can improve. In this episode, John Riley and George Usi sit down with Wendy Epley, Principal Analyst and Information Security expert at the University of Arizona. As a seasoned professional with over 15 years of experience in regulatory trade compliance, Wendy discusses the critical importance of understanding cybersecurity contracts. She emphasizes the need for organizations to carefully review and negotiate terms, ensuring robust security clauses to protect against potential threats. Wendy shares insights into the evolving landscape of cyber risk management, shedding light on the emergence of NIST Special Publication 800-171 as a pivotal framework. Tune in to learn about Wendy's exciting project, "CyBoRG," an internal resource at the University fostering knowledge sharing and aligning security practices. Don't miss this episode full of practical advice for building a resilient cybersecurity posture.