Compliance image via Shutterstock
Join us on Tuesday, June 25th at 11:00 AM EST for a live Q&A with our expert speaker Tony UcedaVelez, who will answer your questions on planning your enterprise compliance strategy.
Compliance is the dirty word that no security professional likes to mention and few business and technology leaders think fondly of. This is primarily because compliance is perceived as something that has to be done versus something that helps improve business process or technology. The stigma is mostly a product of poor compliance effort execution rather than disdain for regulatory requirements. No one disagrees that more oversight and security validation is needed, but the manner in which it has been validated can vastly improve. Although HIPAA, FISMA, FFIEC, PCI-DSS, and many other regulatory compliance frameworks have changed significantly over the past 20 years, approaches to addressing compliance within both Fortune 500 and SMB organizations have had a lackluster reign of innovation.
Similar to recent rhetoric around baking security in, this presentation will introduce pioneering methods for how compliance efforts could be introduced earlier in software/system development life cycles and change management workflows via asset-centric threat modeling methodologies, and will demonstrate how more collaborative portrayals of compliance efforts can be achieved across an organization. Register today!
Founder and managing partner, VerSprite, CRISC, CISM, CISA, GIAC
Tony UcedaVelez has more than 14 years of hands-on security and technology experience across government, healthcare, financial, education and utility sectors. UcedaVelez founded VerSprite with the premise of redefining security services to a point that it reflects a hybrid and balanced approach in understanding client needs.