How to Prepare for a Risk Assessment

SecurityMetrics Podcast | 32

How to Prepare for a Risk Assessment

"Security is hard, even for professionals. There are a ton of things to know. As a defender, you have to be right 100% of the time. As an attacker, you kinda just have to get lucky once. If you go out there and educate people (in your company) about security, then they can become an ally for you."

Matt Halbleib (CISSP, CISA, QSA (P2PE), PA-QSA (P2PE)) sits down with Host and Principal Security Analyst Jen Stone (MCIS, CISSP, CISA, QSA) to discuss all the things you can do to better prepare you and your company for a risk assessment.

Listen to learn:

• How to better know your scope to be ready for your assessment
• How to teach security between departments
• How to make PCI work for you

Resources:

Download our Guide to PCI Compliance! - https://www.securitymetrics.com/lp/pci/pci-guide

Download our Guide to HIPAA Compliance! - https://www.securitymetrics.com/lp/hipaa/hipaa-guide

[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.