Compliance is not Security

From: https://www.armor.com/blog/achieving-security-compliance-healthcare-world/

A few compliance and security factors to consider in your environment:

Compliance:

  • Do you know your scope?
  • Do you know your data within that scope?
  • Is compliance your baseline or objective?
  • Do you understand the compliance requirements?
  • Have you mapped to external requirements?
  • Are you following audit best practices?
  • Do you have the right security partner?

Security:

  • Do you know your adversaries?
  • Do you have the visibility you need?
  • Is your Operations appropriately configured and staffed?
  • Have you built a culture of security across your business?
  • Have you combined people + processes + technology?
  • Do you have appropriate measures in place?
  • Do you have trusted partners?

The guys at Armor are solid, btw. Enjoyed meeting them a few times in 2018 at their CTF events. And very recently at the Dallas Cyber Security conference.

\\ JMM

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.