Which Approach Wins: Compliance or Risk? – Mark Burnette – CSP #44
Cybersecurity programs have evolved from the early days of compliance with regulations. Regulations are important and provide the necessary motivation for many organizations to implement security controls that may not otherwise be present, but is this enough? Is it really security? Join this podcast as the differences between compliance and true security are discussed.
To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/11/CISOSTORIES_Mark_Burnette_ArticleV1.pdf
Burnette, M. 2019. The Benefits of Focusing on Risk vs Compliance. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 18. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.
This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!
Visit https://securityweekly.com/csp for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/cyberleaders
Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/
Full Audio
Segments
1. Which Approach Wins: Compliance or Risk? – Mark Burnette – CSP #44
Cybersecurity programs have evolved from the early days of compliance with regulations. Regulations are important and provide the necessary motivation for many organizations to implement security controls that may not otherwise be present, but is this enough? Is it really security? Join this podcast as the differences between compliance and true security are discussed.
To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/11/CISOSTORIES_Mark_Burnette_ArticleV1.pdf
Burnette, M. 2019. The Benefits of Focusing on Risk vs Compliance. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 18. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.
This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!
Guest

Mark Burnette is the Shareholder-in-Charge of LBMC’s Information Security practice. He possesses 22 years of experience in information security and risk management. Mark’s background includes extensive experience in security program strategy and development, regulatory compliance, security policies and procedures, risk assessment and management, penetration testing, and security function design, development, and staffing. Mark is particularly passionate about cybersecurity leadership and growing the profession.
Host
