Compliance
IT, legal, human resources and accounting departments all have different standards and regulations to comply with, with different auditing processes and different reports to generate. Even infrequent changes to FISMA, PCI, SOX, HIPAA, GLBA, HSPD-12, FDCC, SAS 70 or BASEL II can make compliance seem impossible.
At the two-day Compliance Summit 'track' of SX, we'll address these questions and more:
- Can we implement virtualization and stay compliant with PCI?
- What affect will the new presidential administration have on security legislation?
- What changes should be made to security and privacy regulations to make compliance efforts less burdensome and to enforce measures that truly advance security?
- What will the future will bring for privacy and security regulations and standards?
You'll come away knowing how to use security metrics, operational controls and a unified compliance framework to reduce certification and accreditation complexities, streamline compliance efforts and provide auditors and executives with the information they need.
Session Descriptions
Sunday, May 17
1:30 pm–2:30 pm
You want to be secure. You want to be compliant. You want to support your business by adopting a risk-based approach. Is it possible to achieve all three of these aims, and retain your sanity? The Compliance Summit begins to answer this question by first, examining the overriding operational challenges common to all compliance efforts-including how to collect and manage a glut of logs and how to maintain business operations during audits and forensic investigations.
Sunday, May 17
2:45 pm–3:45 pm
There's no way to keep up with without swallowing at least a spoonful of alphabet soup. The summit continues by examining a few specific challenges of individual regulations, including government contractors' FISMA responsibilities and virtualization's impact on PCI-DSS.
Sunday, May 17
4:00 pm–5:00 pm
The road to compliance should not be traveled solely on the power of paperwork. This segment of the Compliance Summit will outline how to achieve compliance by building upon a compliance-savvy architecture and establishing compliance-savvy operational controls.
Monday, May 18
1:30 pm–3:45 pm
There's got to be an easier way, right? Isn't there a way to streamline the process so that many requirements are satisfied at once, instead of in piecemeal fashion every time a new rule comes out? Isn't there a way to generate a report that will make all the auditors happy? On day two, the Compliance Summit describes how to harness the power of a unified compliance framework, making it possible to maintain and prove compliance with multiple regulations in a more efficient and less onerous way. Untangle certification and accreditation complexities. Provide auditors, courts, forensic investigators and executives with the information they need. Free yourself from the trappings of alphabet soup.
Monday, May 18
4:00 pm–5:00 pm
At the end of the day, are any of these regulations improving security and privacy? The Compliance Summit closes with a discussion of the changes lawmakers and regulatory agencies are considering and how laws and standards should be changed to make them more effective and less onerous. Should regulatory bodies change their mandates, so they are based on standards, allow for varying risk models and adapt to ever-changing technologies and attacks? Are standards bodies keeping up with the times, and what challenges should they provide guidance on next?
Other Tracks:
