I'm with Jack on this, mostly because I sit in a marketing seat and cover Zero Trust. Trust is also perception-based, and for it to have more meaning, it needs some sort of standard metrics that removes ambiguity from what that means on paper.
Absolutely Elliot! Looking forward to watching the Zero Trust podcast. We are implementing a lot of tech and controls to mature our zero trust posture at Swimlane. I think zero trust metrics could be the next wave of Trust content.
COSTS: There are all in one tools like OSTENDIO that reduce this cost and eliminates redundancy in work loads to stay compliant on all standards. The efficiency gains in managing an organizations Security, Risk, and Compliance programs have been documented by customers for 10 years and have proven to provide 84% efficiency ( time) gains in the management of the program. The industry continues to throw technologies at a problem, when in reality its human time issue. SOC 2 has little to no value. But operationalizing a program to guarantee everyone is secure and compliant... now thats revolutionary. My education stop thinking in the black and white TV world that GRC has lived in for decades now and start living in a colored TV world.
I'm with Jack on this, mostly because I sit in a marketing seat and cover Zero Trust. Trust is also perception-based, and for it to have more meaning, it needs some sort of standard metrics that removes ambiguity from what that means on paper.
Absolutely Elliot! Looking forward to watching the Zero Trust podcast. We are implementing a lot of tech and controls to mature our zero trust posture at Swimlane. I think zero trust metrics could be the next wave of Trust content.
Let me know if you end up wanting to chat through it! We can always use more episodes discussing ZT implementations and strategies.
COSTS: There are all in one tools like OSTENDIO that reduce this cost and eliminates redundancy in work loads to stay compliant on all standards. The efficiency gains in managing an organizations Security, Risk, and Compliance programs have been documented by customers for 10 years and have proven to provide 84% efficiency ( time) gains in the management of the program. The industry continues to throw technologies at a problem, when in reality its human time issue. SOC 2 has little to no value. But operationalizing a program to guarantee everyone is secure and compliant... now thats revolutionary. My education stop thinking in the black and white TV world that GRC has lived in for decades now and start living in a colored TV world.