Security Normalize information security and compliance data management:
Normalize information security and compliance data management
Information security managers are not only technologists and compliance specialists, but more and more, they’re also becoming data managers. Security tools generate volumes of log data on security events that need to be addressed, and those decisions have to be prioritized based on business demands and compliance mandates. Facing these new challenges, many security and compliance managers are unclear where to begin and how to define success.
In this SearchSecurity.com Compliance School lesson, compliance expert Mike Chapple addresses how to overcome issues security managers face regarding data overload. He provides best practices for normalizing information security and compliance data management to make better business decisions in the areas of PCI DSS compliance, enterprise data mining and overall enterprise compliance program management. Additionally, Mike explains how to regulate that data and ensure that data meets IT compliance requirements for federal and industry regulations, as well as an organization’s own guidelines.
About the Expert: Mike Chapple, Ph. D., CISA, CISSP, is an IT security manager with the University of Notre Dame.
Video - It's essential for IT security managers to create a corporate compliance program to adhere to regulations while maintaining a productive workplace.
Video - In order to meet PCI DSS requirements and compliance, it is important to organize and sort the data coming in by devising a data management plan.
Video - These security data mining techniques will allow security professionals to find and tackle the real issues while overcoming data overload.