Information security best practices provide organizations with a template for building a world-class information security program that mitigates risks.  However, best practices such as ISO 27001, the NIST Cybersecurity Framework, CIS/SANS “Top 20” Security Controls and others are often misunderstood to be a targeted end state, when in reality they are designed to be flexible and manageable frameworks that really represent a starting point, not a final destination.

In this webcast, cybersecurity consultant John Linkous provides an overview of the common threads between security best practice standards and discusses how they can be flexibly adopted by organizations to better mitigate information risk.  Specific topics will include:

  • Identifying the top 10 most common security controls that exist across all major information security best practice standards
  • How to adopt best practice standards to any type of industry, vertical or organization
  • Using risk management to prioritize the processes and controls defined in security best practice standards
  • How to handle contention between best practices and mandated security controls in laws and industry-specific mandates
  • Using automation to gain a real, measurable ROI on security controls

Additionally, John will demonstrate how SOCVue platform addresses key aspects of risk reduction that are common to all security best practices and frameworks, including continuous security monitoring, patch management and vulnerability management.


About the Speaker:
Security Industry Expert, John Linkous

John LinkousWith over 20 years of consulting experience, John Linkous is a trusted advisor to CISOs, CIOs and CTOs at a broad array organizations ranging in size from mid-market through the Fortune 500. He is both a successful technology entrepreneur and a hands-on information security, risk and compliance expert who has operated from the data center to the boardroom throughout his career.

He has managed and delivered highly successful projects to customers across multiple vertical industries including financial services, healthcare, education, technology, energy, state and local government, retail and manufacturing sectors.


View Webcast On Demand