Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Compliance vs Security - How to Build a Secure Compliance Program

via YouTube

Overview

Explore the relationship between compliance and security in this 53-minute conference talk from Central Ohio Infosec 2015. Delve into the question of whether compliance equals security, examining high-profile breaches like Anthem and analyzing data breach statistics. Learn about achieving and maintaining compliance with standards such as PCI and HIPAA, including time-based requirements and OCR pilot audits. Examine case studies and the threat of ram scrapers. Gain insights into developing a secure compliance program, covering aspects like the NIF Security Framework, awareness training, sensitive data control, and critical security controls. Discover recommendations for building an effective compliance management program that enhances overall security posture.

Syllabus

Intro
The obvious question
Does compliance equal security
PCI does not cure stupid
The year of the breach
Anthem
Breach Report
Data Breach Statistics
Breach Statistics
Achieving and Maintaining Compliance
PCI
TimeBased Requirements
PCI Breach Report
HIPAA
OCR pilot audits
Case Study 1
Case Study 2
Ram Scrapers
Recommendations
Program Development
NIF Security Framework
Awareness Training
Sensitive Data Control
Critical Security Controls
Develop a Compliance Management Program

Reviews

Start your review of Compliance vs Security - How to Build a Secure Compliance Program

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.