There is a mantra within the information security community that “compliance does not equal security”. This session will discuss the real meaning of “compliance” and explain that security frameworks such as HIPAA, ISO 27K and PCI are only a part of the compliance story. Learn how compliance can enhance your organization’s security posture and lead to compliance with the security frameworks as a by-product.
- Compliance does equal security when implemented properly
- True security needs compliance
- Compliance is a key part of the control triad
About Jeff Hall
Jeff Hall is a Principal Security Consultant in Optiv Security’s Governance, Risk & Compliance practice and focuses on conducting Payment Card Industry Reports On Compliance (ROC) and related projects. Jeff has over 30 years of technology, security and compliance experience and is a Certified Information Systems Security Professional, Certified Information Security Manager, Certified in the Governance of Enterprise Information Technology and a Payment Card Industry Qualified Security Assessor.