Top Reasons Compliance Programs Fail and How to Minimize Exposure

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next Top Reasons Compliance Programs Fail and How to Minimize Exposure-7 Next

Unique Business Requirements

Compliance Challenge #6: Unique Business Requirements

Many organizations believe they can address compliance requirements using high-level frameworks including NIST's Framework for Improving Critical Infrastructure Cybersecurity or SANS Institute's Top 20 Critical Security Controls (which is actually 246 direct controls, not 20). High-level frameworks require organizations to fill in the blanks using more prescriptive controls from other authority documents, whether laws, standards, or contractual obligations like PCI.

Organizations must determine which implementation controls must be in place to meet their specific requirements. This can be done by leveraging a framework that aggregates all disparate cybersecurity regulations into one database, allowing them to create a concise, harmonized list of necessary compliance controls to implement.

Companies are struggling to understand and implement the right policies and controls to meet ever-evolving compliance mandates. Yet strict adherence to individual compliance standards means they've likely implemented controls they do not need, while inadvertently leaving out important controls necessary for an effective program. This cookie-cutter approach can actually leave organizations more exposed than ever before to potential security risks and controls failures.

In this slideshow, Unified Compliance CEO, Craig Isaacs, explores current compliance gaps, major compliance challenges and practical tips to create more effective compliance programs.

 

Related Topics : A Big Market for Big Data Jobs, Midmarket CIO, IT Management Automation, SharePoint, Technology Markets

 
More Slideshows

gig economy How the Gig Economy Is Changing the Tech Industry

The gig economy is clearly disrupting the tech industry, both in positive and negative ways. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.