Which teams have a role in deciding which compliance technology to purchase?

Architecture Strategy

Security45%

IT81%

Legal42%

Compliance (We have a dedicated leader)23%

Other

619 PARTICIPANTS

6.1k views2 Upvotes3 Comments

Sort by:

Chief Technology Officer and Chief Information Officer3 years ago

If you have a team for Compliance then decision falls into their domain. Otherwise I see no purpose in having such a team. They also should take care of gathering enough information from other teams in regards to Security and IT running cost.

CISO in Software4 years ago

You have to take everyone on the journey otherwise the tool becomes and island

Fractional CIO in Services (non-Government)4 years ago

What's the definition of Compliance here? Is it a) ensuring that the company remains compliant with local regs and laws, or b) is it measuring and monitoring that staff remain compliant with their job expectations?

If it's a) then you have a good list there. If it's b) then you're missing HR

Content you might like

How does your cyber compliance team stay informed about new and changing regulations impacting your organization's compliance? Additionally, how are cyber compliance teams tracking, measuring and reporting on internal compliance?

Do you currently have a platform implemented that combines capabilities for endpoint security, SSE (security service edge) and email security?

Yes (please share platform in a comment)33%

Currently implementing a platform with all 3 capabilities44%

Currently evaluating platforms with these capabilities11%

No11%

Something else (share in a comment)

View Results

We are considering a scanning solution for detecting Personal Information (PI) in our data assets, mainly AWS S3, DynamoDB, Salesforce, etc. We need the solution to detect PI, identify the type (e.g., infotype), and optionally map it to our own PI categories. We are currently considering BigID. Do you have experience with this tool or any other tools that can help us scan across different data platforms and technologies?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

As cyber recovery becomes more to the forefront for Disaster Recovery professionals, preparation for ransomware recovery is now starting to mature. On-premises, and cloud-based solutions, and often with on-premises solutions comes the implementation of Secure Isolated Recovery Environments (SIRE). As your organization matures their cyber recovery solutions, is your or will your organization consider and or implement a on-premise, cloud-based, or hybrid secure isolated recovery environment?

What is a Secure Isolated Recovery Environment (SIRE)?18%

Focus on an On-Premise SIRE.41%

Focus on a Cloud-based SIRE.42%

Focus on a hybrid SIRE.21%

Know about Secure Isolated Recovery Environments but no current plans to implement.4%

View Results

Which teams have a role in deciding which compliance technology to purchase?

Sort by:

Content you might like

How does your cyber compliance team stay informed about new and changing regulations impacting your organization's compliance? Additionally, how are cyber compliance teams tracking, measuring and reporting on internal compliance?

Do you currently have a platform implemented that combines capabilities for endpoint security, SSE (security service edge) and email security?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

DevSecOps: Strategies, Organizational Benefits and Challenges

Green Cloud Computing

Omnicloud: The Future of Cloud Computing?

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go