Cyber Security Monitoring for Regulations Compliance
Author:CSC Global Cybersecurity
While some may argue that cybersecurity regulations do more harm than good, governments and industry organizations disagree. The increasing reality is that with the growing abundance of regulations, the choice is to sink — and be exposed to bigger risks and penalties — or swim, which requires knowledge and awareness of what’s happening throughout the organization, and the ability to prove it.
The fluidity with which new security regulations, policies and laws emerge and existing ones change continues to demonstrate attempts to control risks — ranging from financial to, at worst, loss of human life — enabled by information technology.
Download the complete whitepaper (PDF , 3.6MB)
Continuous Cybersecurity Monitoring Drives Better Perspectives of Risk
Some more notable actions include:
- The Payment Card Industry’s Data Security Standards v3.0 — January 2014
- Australia’s Privacy Amendment (Enhancing Privacy Protection) Act 2012 — March 2014
- Singapore’s first Privacy Act — 2014
- The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs approves new European Union data protection and privacy regulations — October 2013
- U.S. Cybersecurity Framework v1.0 — February 2014
“Due to increasing security and regulatory complexities, simply having a statement that details the requirement to comply with corporate policies isn’t good enough,” says Matthew O’Brien, CSC Global Cybersecurity senior principal. “Organizations need to know in as close to real time as is possible if they are or aren’t complying with their policies and be more proactive in enforcing compliance.”
To achieve this, organizations must continuously monitor their systems, which, besides enabling them to better mitigate threats, also gives them the ability to report on their actions and the status of their cybersecurity controls, such as encryption of credit card data or monthly scans for vulnerabilities.
However, as organizations attempt to track their regulatory controls and compliance, they are suffering audit fatigue. To help, some organizations have bolted on tools to their infrastructure to automate the effort needed to track audits and compliance with different cybersecurity regulations.
Download the complete whitepaper here (PDF, 3.6MB)