HIPAA, PCI, ISO, NIST… Understanding the alphabet soup that is security and regulatory compliance is becoming increasingly complex, and most organizations focus only on maintaining compliance rather than using these frameworks as the foundation of a comprehensive security program. In particular, the National Institute of Standards and Technology (NIST) provides many helpful guides that provide frameworks for a variety of different security operations and governance topics. Best of all, NIST designed the guides to work in tangent with each other including cross references. Some of them, such as the Cybersecurity Framework, also cross reference to others outside the NIST domain, including HIPAA, PCI, and ISO. It can be overwhelming to determine which frameworks to utilize to drive a security program. Join us to make sense of, and gain value from, relevant security frameworks as we cover the following:
- Overview of Security Frameworks, such as NIST, ISO, PCI, HIPAA, and FDA
- NIST Deep Dive: Top 10 Tools, including cybersecurity, risk assessment, vendor management, security and privacy controls, contingency planning, security awareness, and incident response
- How to Apply the Frameworks/Tools
- What to Expect: Implementation Benefits and Challenges
