Swimming Upstream: Regulation vs Security

Presented at BSidesSF 2017, Feb. 13, 2017, 9:30 a.m. (60 minutes).

Companies that operate in heavily regulated industries oftentimes run into conflicting directives around tactical decisions that need to be made, potentially hindering overall security posture in order to meet regulatory requirements. This talk will explore strategies that security teams and leaders can use to navigate the murky waters of bureaucracy, compliance, and politics to achieve the security goals they're striving for. Throughout this talk I will pull from examples in my own career that span some of the largest industries in the US.

Presenters:

• Robert Wood - Director, Trust and Security - Nuna
  Robert Wood runs the trust and security team at Nuna, whose core directive is to protect one of the nation's largest collective healthcare data sets. Previously, Robert was a Principal Consultant at Cigital where he founded and led the red team assessment practice and worked with strategic clients across the United States in an advisory capacity.

Links:

• https://bsidessf2017.sched.com/event/9IKH/swimming-upstream-regulation-vs-security

Similar Presentations:

• AppSec USA 2017 / Leveraging the ASVS in the Secure SDLC