Cybersecurity professionals need to fully understand these regulations because each one includes a specific number of security controls. These are broad cybersecurity tasks that must be implemented, such as backing up information systems or encrypting data, both at rest and in motion.
PCI DSS has more than 50 security controls, HIPAA has more than 100 and FISMA has more than 1,000. The more cybersecurity controls, the more difficult the regulation will be to implement. NIST Special Publication 800-53 outlines common security controls used by industries across the globe. Security control examples include ensuring access control policies and procedures, access enforcement, separation of duties and least privilege permissions.
When things like this happen – especially in the context of a democratic election, folks start to point fingers. First, they blame the messenger, especially if that messenger isn’t properly prepared. Next, they blame the technology. For example, we’re seeing articles blaming the not-so “mysterious startup” called Shadow for the problem. Yeah, blame the provider! Then, folks usually in order:
The messenger
The vendor
The technology
The IT department (or a lucky scapegoat)
The executives running the organization
In my experience, it should be the folks running the organization, but let’s not focus on just pointing fingers.
These controls are critical to ensure global economies function securely and businesses continue to provide services, to maintain our medical systems, and to protect our national security. There are few tasks more noble than implementing security controls. More Info: comptia a+ technician
PCI DSS has more than 50 security controls, HIPAA has more than 100 and FISMA has more than 1,000. The more cybersecurity controls, the more difficult the regulation will be to implement. NIST Special Publication 800-53 outlines common security controls used by industries across the globe. Security control examples include ensuring access control policies and procedures, access enforcement, separation of duties and least privilege permissions.
When things like this happen – especially in the context of a democratic election, folks start to point fingers. First, they blame the messenger, especially if that messenger isn’t properly prepared. Next, they blame the technology. For example, we’re seeing articles blaming the not-so “mysterious startup” called Shadow for the problem. Yeah, blame the provider! Then, folks usually in order:
The messenger
The vendor
The technology
The IT department (or a lucky scapegoat)
The executives running the organization
In my experience, it should be the folks running the organization, but let’s not focus on just pointing fingers.
These controls are critical to ensure global economies function securely and businesses continue to provide services, to maintain our medical systems, and to protect our national security. There are few tasks more noble than implementing security controls. More Info: comptia a+ technician
No comments:
Post a Comment