Dealing with a constant barrage of security risks is one of the biggest daily challenges faced by IT leaders, apart from the occasional regulatory compliance landscape. In this article at eSecurity Planet, Sean Michael Kerner brings some insights from former Deputy CIO at the White House, Alissa Johnson, as smart ways to balance governance, risk, and compliance (GRC).
The Balancing Act of GRC
An ingenious GRC strategy complements multiple benefits like enhanced decision-making, optimal IT investments, eradicating silos, and reducing fragmentation of departments. Even though there are enough tools available to streamline GRC operations, here are some smart ways to balance the act right:
- Anticipate Compliance Regulations: With the enactment of GDPR, there is a connection between IT security and privacy that has come into the limelight. This makes IT professionals anticipate more privacy compliance. So, you must expect more additional state and national privacy compliance efforts to take place and be prepared to deal with it.
- Map Out Existing Controls: Leading IT organizations face multiple privacy and cybersecurity compliances. Mapping existing controls will help in utilizing them in different compliance efforts. So, by following the security policies diligently, no technology investment will be required in terms of GDPR.
- Leverage Tools: Measuring all the variables to see how the organizations are mitigating and eliminating risks is an equally essential GRC tool. By looking at GRC with the right technology, it is possible to find the perfect balance.
- Embrace AI: Challenged by a cybersecurity talent shortage, many organizations make it tough to accomplish all the necessary tasks that need improved security and GRC efforts. By allowing artificial intelligence (AI), bots and machine learning it will be easier to improve cyber-hygiene. In fact, automation technologies may prove beneficial in lowering risk-based processing.
Click on the following link to read the original article: https://www.esecurityplanet.com/compliance/how-to-improve-governance-risk-and-compliance.html