Security vs. Compliance – PSW #632

It was once said that if Security and Compliance were in a relationship the status would be “It’s Complicated”. This discussion will aim to help you understand this relationship and how it can be beneficial or a mere distraction to an organization’s overall security posture.

– Define “Secure” and “Compliant”.
– Does compliance merely raise awareness about security shortcomings?
– What is the relationship between Security and Compliance?
– Being Secure and being Compliant are mere points in time, how can we best develop a process to ensure we are always striving to a secure and compliant state?
– How does Security impact and/or influence Compliance?
– How does Compliance impact and/or influence Security?
– How do you balance these extremes: “We will be Secure and ignore compliance” vs. “We will be compliant but ignore security”

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Security vs. Compliance

Hosts

April Wright
April Wright – Preventative Security Specialist
Jeff Man
Jeff Man – Sr. InfoSec Consultant
Josh Marpet
Josh Marpet – COO
Larry Pesce
Larry Pesce – Senior Managing Consultant and Director of Research
Matt Alderman
Matt Alderman – CEO
Paul Asadoorian
Paul Asadoorian – Founder & CTO
Scott Lyons
Scott Lyons – CEO

Guests

Alex Wood
Alex Wood – CISO
Jim Hietala
Jim Hietala – VP, Security
Jon Fredrickson
Jon Fredrickson – Information Security & Privacy Officer
Ron Gula
Ron Gula – President
Wendy Nather
Wendy Nather – Head of Advisory CISOs