Audits & Auditors: The Good, The Bad & The Need to Know

Presented by

Dan Lohrmann, Presidio; Earl Duby, Auxiom

About this talk

Security audits can feel like necessary evils, especially for overburdened security teams. When done effectively, an audit can identify potential problems before they cause real damage, which saves money, protects privacy and keeps organization’s compliant. It’s not surprising that audits are recommended at least every six-twelve months. Yet they can feel like resource drains, especially when operations are running smoothly. Why devote hours of time and effort to verify what you already know? The simple truth is that while each organization will benefit differently from a security audit, there is something to be gained by instituting a systematic review of company information systems. Each business will need to determine the frequency and criteria that work best for them, in order to maximize impact without compromising on speed or efficiency. Figuring out this balance will be the critical challenge, but one with substantial payoff. In this episode of CISO insights, series hosts Dan Lohrmann and Earl Duby will be joined by industry experts to break down the good, the bad and the need to know about security audits.
Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (22)
Subscribers (17698)
Today’s security leaders are busy managing the increasingly complicated relationship between security and privacy. As the CISO role evolves, they're not only security leaders but strategists and negotiators, often working to keep other employees safe while ensuring their cybersecurity plans align with business goals. In this series we’ll highlight security trends and share insights from industry thought leaders on cyber security strategies, best practices, and important compliance regulations.