Strengthening Cyber Security: The Impact of Compliance and Legislation
Josh Davies, Keith Christie-Smith, and I dive into the world of legislation and compliance and explore the stark contrast between the need for rigorous security and the burden placed on businesses to comply.
“One of the big problems we have in security is that you spend all this money pre-empting your defence in depth to try to protect you against things that you could perceive could happen to you." Josh Davies
Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
In this episode, we covered the following topics:
- What do the changing regulations and compliance requirements in the information security field mean for businesses?
- The advantages of a security first approach
- How being compliant in itself doesn’t necessarily mean your organisation secure
- The irony of having a cyber incident justifying the budget for adequate security measures
- The opposition of legislation vs growth and innovation
- The concept of ‘legislation fatigue’ – is there a danger of having to comply with too many standards?
- The importance of understanding the intent behind the compliance requirement
- What is the difference between too much or too little legislation on security measures?
- The limitations of generic security frameworks vs frameworks targeted to specific industries such as PCI DSS
- The challenges of creating universal standards
Josh Davies is a Product Manager at Fortra by Alert Logic. Formerly a Security Analyst and Solutions Architect, Josh has hands on experience in incident response and threat hunting activities before working with organisations to identify appropriate security solutions. Josh continues to be closely involved with security operations and threat research.
Keith is a sales director with Claroty, covering the Government, Defence and Healthcare verticals. Keith has worked in the cyber security field for both vendors and resellers. He has been in cyber security for over a decade having worked in IT managed services for almost a decade beforehand.
Other episodes you'll enjoy
Ransomware Sanctions: Exploring the Fallout
Threat Intelligence: Why Awareness is Critical, and Collaboration is Essential
Connect with your host James Rees
Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
For more information about us or if you have any questions you would like us to discuss email firstname.lastname@example.org.
If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
Linkedin: Razorthorn Security
Youtube: Razorthorn Security