You Have the Best GRC Tool in the Market? Great! Um...are your employees even reading that security policy?
Future Cyber Tech, Application Security & DevOps Theatre
Thu 19th Oct 15:00 to 15:30
Information Security Policy is the cornerstone of a GRC program. As professionals in this area, our responsibilities include helping our peers align to the organizational security posture. Rocio has observed that the security market is filled with noise, pushing out the latest tool, framework, or certification with grand promises. The result: Complexity.
Let’s change the conversation. The status quo with security policy needs to be challenged.
Employees are not reading these policies, leaving organizations throwing money at the problem with little results. This is leaving the consumer in a VERY vulnerable position. We need to change that.
What you will take away from this session
- Learn about the the failures of traditional security policy development (policies that are long, filled with jargon, developed with no input from teams)
- Understand how these failures are impacting organizations, namely poor security investment decisions
- Understand how the status quo is impacting consumers (like YOU and ME)
- Learn a new approach for policy development that is working well with emerging tech startups