This presentation overviews the various security frameworks such as FISMA, HIPAA HITECH, PCI DSS, PCI PA-DSS, NIST, ISO 27K and FFIEC and explains their purpose and why they do ensure security if followed.
- What are the similarities of the security frameworks.
- What are the differences of the security frameworks.
- Why frameworks matter.
- Why compliance can equal security.
About Jeff Hall
Jeff Hall is a Principal Security Consultant in Optiv Security’s Governance, Risk & Compliance practice and focuses on conducting Payment Card Industry Reports On Compliance (ROC) and related projects. Jeff has over 30 years of technology, security and compliance experience and is a Certified Information Systems Security Professional, Certified Information Security Manager, Certified in the Governance of Enterprise Information Technology and a Payment Card Industry Qualified Security Assessor.
About Brian Serra
Mr. Serra has been working in information security since 1992 when he was responding to virus breakouts across the college campus computer labs. Since then, Brian has supported and implemented firewalls, performed numerous information security assessments and advisory services, performed countless vulnerability assessments and penetration testing engagements. Before the PCI Council was formed and released the first PCI DSS, Brian was conducting gap analysis against Visa’s CISP and MasterCard’s SDP standards. Since the early 2000’s Brian has been focused on delivering in-depth consulting services around PCI and since 2006 he has been a PCI Consulting Practice Leader.
Brian is an active member of a number of information security professional organizations, including ISSA and ISC2. He has presented to several ISSA chapters and conferences on PCI-related topics.