Andrea Childress
CIO and Assistant Vice President for Information T,
University of Nebraska at Kearney
Information Security or Regulation Compliance: What's the Best Response?
Tuesday, October 15 | 5:00PM–5:45PM CT | Board 302, Poster Area, Halls F1, F2, Level 3
Session Type:
Poster Session
Delivery Format:
Poster Session
Compliance is one of the most challenging set of responsibilities for any campus. The limitation of regulations (e.g., PCI DSS, HIPAA, GDPR) is that they distill security into a static set of requirements, focusing concerns on compliance and leading to a false sense of security, while hackers aren't restricted to rigidly defined methods.
Outcomes: Discern the difference between compliance and security * Understand that regulations are a minimum set of processes and controls as a starting point toward a security program * Realize that nothing precludes organizations from implementing more stringent processes and controls than what are defined in regulations
Outcomes: Discern the difference between compliance and security * Understand that regulations are a minimum set of processes and controls as a starting point toward a security program * Realize that nothing precludes organizations from implementing more stringent processes and controls than what are defined in regulations
