2015-036: Checkbox security, or how to make companies go beyond compliance
BrakeSec Education Podcast
English - August 24, 2015 04:23 - 53 minutes - 48.7 MB - ★★★★★ - 98 ratingsTech News News Technology cisa cissp legal pentesting podcasts application compliance computersecurity cybersecurity education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: 2015-035: Cybrary.it training discussion and Bsides Austin Panel
Next Episode: 2015-037-making patch management work
Checkbox Security... checklists required to follow by compliance people and many security people have to fall in line, because they often have no choice.
But what if there was a way to use compliance requirements to get beyond the baseline of PCI/SOCII/HIPAA, and get to be more secure?
Megan Wu (@tottenkoph), Mr. Boettcher, and I spent a bit of time discussing just that. We discuss basic issues with compliance frameworks, how to get management to buy-in to more security, and even how you can get Compliance people to help without them knowing it.