Which Approach Wins: Compliance or Risk? – Mark Burnette – CSP #44
Cybersecurity programs have evolved from the early days of compliance with regulations. Regulations are important and provide the necessary motivation for many organizations to implement security controls that may not otherwise be present, but is this enough? Is it really security? Join this podcast as the differences between compliance and true security are discussed.
To view the article from the CISO COMPASS Book that sparked this interview, please visit: https://securityweekly.com/wp-content/uploads/2021/11/CISOSTORIESMarkBurnette_ArticleV1.pdf
Burnette, M. 2019. The Benefits of Focusing on Risk vs Compliance. In CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, 1st Ed, pg 18. Fitzgerald, T. CRC Press, Boca Raton, Fl. www.amazon.com/author/toddfitzgerald.
This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!
Host
Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.