Security vs. Compliance – PSW #632

It was once said that if Security and Compliance were in a relationship the status would be “It’s Complicated”. This discussion will aim to help you understand this relationship and how it can be beneficial or a mere distraction to an organization’s overall security posture.

– Define “Secure” and “Compliant”.
– Does compliance merely raise awareness about security shortcomings?
– What is the relationship between Security and Compliance?
– Being Secure and being Compliant are mere points in time, how can we best develop a process to ensure we are always striving to a secure and compliant state?
– How does Security impact and/or influence Compliance?
– How does Compliance impact and/or influence Security?
– How do you balance these extremes: “We will be Secure and ignore compliance” vs. “We will be compliant but ignore security”

Visit for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Security vs. Compliance


April Wright
April Wright – Preventative Security Specialist
Jeff Man
Jeff Man – Sr. InfoSec Consultant
Josh Marpet
Josh Marpet – COO
Larry Pesce
Larry Pesce – Senior Managing Consultant and Director of Research
Matt Alderman
Matt Alderman – CEO
Paul Asadoorian
Paul Asadoorian – Founder & CTO
Scott Lyons
Scott Lyons – CEO


Alex Wood
Alex Wood – CISO
Jim Hietala
Jim Hietala – VP, Security
Jon Fredrickson
Jon Fredrickson – Information Security & Privacy Officer
Ron Gula
Ron Gula – President
Wendy Nather
Wendy Nather – Head of Advisory CISOs