SANS: Cybersecurity Standards Scorecard (2024 Edition) (Sept. 17th)
Tuesday, September 17th, 2024: 1:00 PM to 2:00 PM
In this webcast, James Tarala, Senior Faculty at the SANS Institute and Managing Partner at Cyverity, will explain the state of cybersecurity standards in 2024 with a scorecard comparison of popular standards based on specific, measurable research.
In the 1990s government agencies, industry groups, and cybersecurity researchers started creating cybersecurity standards and these standards led to cybersecurity regulations and laws that dictate to organizations what they must do to protect their data. Today, there are now dozens of standards dictating thousands of cybersecurity controls that organizations can consider when building their cybersecurity plans. Every year more standards are released, and the confusion grows. To make the problem even more challenging, no two standards are the same, nor do they even cover the same scope of defenses.
This reality has led to confusion and frustration for organizations seeking to build comprehensive cybersecurity programs. What should we do, what can we do, or must do to protect our own information systems? Until recently there has not been a Cyber Rosetta Stone for security and privacy professionals to use to compare these standards. Most organizations have limited resources and must choose which controls to implement and which to ignore. We haven't had risk or threat models to demonstrate why certain cybersecurity controls are important and what should be prioritized.
Hosted by SANS