The trifecta (or hat trick) of cybersecurity, then, reflects the fact that cybersecurity has grown up, in a lot of ways. I love the technical side of cybersecurity; it’s fun to geek out and create intrusion detection services using Zeek and the ELK / Elastic Stack. I love discussing threat hunting, and how security analysts create data-driven hypotheses to profile and thwart attackers. Yet it’s also gratifying to see how cybersecurity is addressing the importance of risk management, and cybersecurity management in general. After all, you can’t have proper cybersecurity without considering all elements of the cybersecurity trifecta.
Though Governance, Risk Management and Compliance (GRC) might seem boring, they really aren’t. Why is that? Well, think of GRC from the perspective of an individual who uses the internet every day. We all want reasonable proof that our Personally Identifiable Information (PII) is being properly curated, managed and stored.
How exactly can you prove this? Well, one of the primary ways is to ensure that an organization – say, one that provides social media services – has complied to useful laws and cybersecurity frameworks. That’s what compliance means. The term governance is used to describe the steps, measures and procedures a company takes in order to be compliant.
More Info: jobs you can get with a comptia a+ certification
No comments:
Post a Comment