Security Governance & Compliance

Security frameworks, risk management, privacy and data protection, audit and compliance, security awareness, and metrics.

Topics

Lessons

PCI-DSS, SOX, FedRAMP, CMMC, HITRUST

GDPR, CCPA, HIPAA, data classification, DLP strategies

Risk assessments, threat modeling, quantitative risk analysis

User training programs, phishing simulations, security culture

NIST CSF, ISO 27001/27002, CIS Controls, SOC 2

KPIs, KRIs, risk dashboards, board-level reporting