Steven Ursillo, Partner in the Risk & Accounting Advisory Services Practice and Leader of the Cybersecurity Group at Cherry Bekaert, joins Joe Carson to talk about meeting the challenges of costly, time-consuming compliance requirements.
In this podcast, they discuss the nuances of cybersecurity frameworks like NIST CSF and ISO 27001, industry regulations like PCI, HIPAA, and SOX, and the differences between SOC1 and SOC2 examinations.
Steven shares recommendations for scoping compliance programs and preparing for audits without breaking the bank or burning out your team. He offers advice on navigating the complexity of compliance based on your risk tolerance and strategies for using technology to make evidence collection and report building more efficient.
Looking to the future, Steven and Joe dive into evolving compliance requirements for third-party risk and emerging concerns like Artificial Intelligence. If you’re preparing for an audit or looking to improve your compliance program, you’ll want to tune in.
Chapters:
00:00 Introduction and Background
03:18 Understanding Compliance and its Purpose
08:14 Prioritizing Compliance Goals
11:51 Common Compliance Requirements
20:19 Differences Between SOC 1 and SOC 2
25:23 Trends in Compliance and Regulatory Space
34:49 Getting Started with Compliance
42:16 Internal vs External Resources for Compliance
45:35 Final Summary and Key Takeaways
45:41 Understanding the Difference between Cyber Compliance and Cybersecurity
46:34 Facilitating an Effective Program and Mitigating Threats
47:09 The Importance of Having Fun and Enjoying the Process
48:05 Approaching Compliance and Security as a Continuous Journey
48:43 Closing Remarks and Call to Action
Check out all our cybersecurity podcasts: https://delinea.com/events/podcasts
Follow Joe:
/ josephcarson
/ joe_carson
Follow Steve:
/ stevenursillojr
* *
Subscribe to never miss an episode!
Apple: https://podcasts.apple.com/us/podcast...
Spotify: https://open.spotify.com/show/3ZgT6fg...
Want to maximize your organization’s cybersecurity? Join us on LinkedIn and Twitter—we have many great resources for CISOs, BISOs and IT security teams:
/ delinea
/ delineainc
See what else we have coming down the pipeline—subscribe to our YouTube Channel:
https://www.youtube.com/c/delinea?sub...
#securitycompliance #cybersecuritypodcast #frameworks
Delinea
コメント