Скачать или смотреть Implementation/Optimization of Security-based Controls to Keep up with Regulatory Climate Change

NERC CIP Version 5? NIST? ISO/TS 29001? ES-C2M2? SoX? SSAE16? Which framework or frameworks do I have to comply with? Is there a way to optimize both my compliance and security postures without working in silos? If you’re finding yourself asking these questions, the answer resides in security policy and controls design. This presentation will be focused on how to consolidate and design security controls and policy across multiple compliance frameworks instead of having multiple sets of controls driven by one singular compliance framework. The result will be a centralized set of security-driven controls where compliance serves as a natural byproduct - instead of having compliance drive your security. Technology, governance, and personnel all play key roles in the sustainment of your organization’s controls. By designing a company specific set of security controls mapped to a variety of compliance frameworks, you not only sustain current regulatory requirements but also proactively sustain regulatory climate change going forward.