Do’s and Don’ts of Risk-based Security management in a Compliance-driven Culture

Do’s and Don’ts of Risk-based Security management in a Compliance-driven Culture

Security and Regulatory Compliance aren’t the same thing – but they’re often confused. When you’re working in a government, healthcare, or financial environment there’s a tendency to think that if you’re FISMA-compliant or HIPAA-compliant or any other X-compliant that you must have good security.

However, sophisticated risk management and real security don’t have much to do with compliance and you can actually great security and be non-compliant with regulatory requirements as well be fully compliant but not secure. This talk, led by Security guru Shahid Shah, will talk about how make sure risk-based security management is properly incorporate into compliance-driven cultures.

A recording of this presentation is available at: https://www.brighttalk.com/webcast/288/62133

3962189473d062fdc76ce9a07cbe89fd?s=128

Shahid N. Shah

January 17, 2013
Tweet