Sign up to save your podcasts
Or
Share Episode 9: Mitigating Risk: Information Security Governance
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 9: Mitigating Risk: Information Security Governance
Resources:
- Visit the CIS Website
Highlights:
- The importance of information security governance
- Security vs. compliance
- Data – determining what you need and where to find it
- Understanding risk from a decision-basis
- Critical elements to fulfill business requirements
- Producing value in a compliance program
- Applying agility for continuous improvement
Good compliance = good security
Security is the practice of implementing effective technical controls to protect an organization’s digital assets. Compliance, on the other hand, is the application of that practice to meet regulatory or contractual requirements. Unfortunately, more often than not, organizations focus on compliance once a year when it’s time to certify that their “security is good.” The process of being compliant and secure should be a continuous process.
View all episodes
By Center for Internet SecurityResources:
- Visit the CIS Website
Highlights:
- The importance of information security governance
- Security vs. compliance
- Data – determining what you need and where to find it
- Understanding risk from a decision-basis
- Critical elements to fulfill business requirements
- Producing value in a compliance program
- Applying agility for continuous improvement
Good compliance = good security
Security is the practice of implementing effective technical controls to protect an organization’s digital assets. Compliance, on the other hand, is the application of that practice to meet regulatory or contractual requirements. Unfortunately, more often than not, organizations focus on compliance once a year when it’s time to certify that their “security is good.” The process of being compliant and secure should be a continuous process.