A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Compliance vs. Security - How to Build a Secure Compliance Program - Jeff Foresman (Central Ohio Infosec Summit 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

Compliance vs. Security - How to Build a Secure Compliance Program
Jeff Foresman

GRC - Session #5 - Jeff Foresman With the large number of data breaches we saw in 2014, it is clear that organizations that achieve regulatory compliance are not necessarily secure. This presentation will look at the struggles companies face in achieving compliance with standards such as PCI DSS and HIPAA as well as the mistakes they make in maintaining a secure IT environment. What Attendees Will Learn in This Session 1. Overview of the issues with achieving and maintaining regulatory compliance 2. Overview of 2014 Data Breaches and the common failure points 3. Client case studies of PCI DSS and HIPAA Security problems 4. Recommendations on meeting regulatory compliance and maintaining a secure environment

Bio: Jeff Foresman is a Senior Advisor and Compliance Lead at Rook Security and specializes in PCI, HIPAA, GLBA, ISO 27000, and NIST 800-53 consulting and advisory services. He also assists clients with developing and implementing information security programs including policies, procedures, awareness training, data discovery, and data classification programs to protect client's data. Technical consulting projects include SEIM/Audit Logging, Wireless Security, IDS/IPS, FIM, Vulnerability Management, Vulnerability Scanning, and Network Segmentation design. Prior to joining Rook Security, Jeff worked for the PCI Security Council, Fishnet, and Verizon Business, where he collectively gained 20 years of IT experience and 14 years of information security experience. Jeff is also the President of the Central Indiana Information Security Systems Association (ISSA) chapter and frequent speaker at regional and national information security events.

Back to Central Ohio Infosec Summit 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast