Security Congress Abstract
Several recently seen RFPs basically state: We need an MVP (minimum viable product) that will allow us to meet the requirements of the CCPA, with an umbrella structure allowing us to meet other regulations as needed.
This session will explore the approach of equipping an organization by adapting their cybersecurity/compliance framework or assist them in building a framework that include privacy, cybersecurity and compliance that will meet the CCPA. It then can be added so that the framework will accommodate future regulations/industry standards in the business model, and existing regulations currently outside of their business model.
We will discuss what that framework could look like now, and the current state of the NIST Privacy Framework that is being developed.