Which Approach Wins: Compliance or Risk? – Mark Burnette – CSP #44

Sponsored By

Visit https://www.cybereason.com/cisostories for more information!

Cybersecurity programs have evolved from the early days of compliance with regulations. Regulations are important and provide the necessary motivation for many organizations to implement security controls that may not otherwise be present, but is this enough? Is it really security? Join this podcast as the differences between compliance and true security are discussed. 

To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/11/CISOSTORIES_Mark_Burnette_ArticleV1.pdf

Burnette, M. 2019. The Benefits of Focusing on Risk vs Compliance. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 18. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.

This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!

Full Episode Show Notes

Which Approach Wins: Compliance or Risk?


Mark Burnette

Mark Burnette – Shareholder-in-Charge at LBMC Information Security


Mark Burnette is the Shareholder-in-Charge of LBMC’s Information Security practice. He possesses 22 years of experience in information security and risk management. Mark’s background includes extensive experience in security program strategy and development, regulatory compliance, security policies and procedures, risk assessment and management, penetration testing, and security function design, development, and staffing. Mark is particularly passionate about cybersecurity leadership and growing the profession.


Todd Fitzgerald

Todd Fitzgerald – Vice President, Cybersecurity Strategy at Cybersecurity Collaborative


Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.