Security leaders, especially in highly regulated industries, are overwhelmed because their security decisions solely comply with audit and regulatory frameworks.
Many have to comply with HIPAA for healthcare, PCI DSS for credit card handling, and the Office of the Controller of the Currency and FDIC for financial services, leaving security teams fatigued and unable to innovate. Over time, their strategy mirrors their organization’s regulatory and compliance demands. This impacts the maturity of security programs and exponentially increases an organization’s risk, making it susceptible to cyberattacks and even nominal regulatory fines. For example, the Citibank incident, in which Citibank was fined $400 million for falling short in its regulatory-driven risk management processes.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.