Compliance is one of the largest risk factors businesses consider when building security policies, but compliance teams are often surprisingly small given the size of their responsibilities: the majority of businesses under $1B in revenue have five members or fewer on their compliance team*.
Compliance programs traditionally focused on “checking the box,” and therefore these teams were often placed within the finance or legal departments, separate from security and engineering teams. This resulted in inflexible policies written without consideration for practical security postures or technical implementation requirements.
Join Jamie Tomasello, Duo Security’s Trust and Compliance Manager, for a discussion on the benefits of breaking down the siloed environment in which compliance teams typically operate, and how a multidisciplinary perspective on compliance can help you re-envision how privacy, security, and compliance work together.
__ * 2016 Staffing and Budget Benchmarking Guidance Survey, Society of Corporate Compliance and Ethics
Jamie Tomasello is the Manager of Trust & Compliance at Duo Security. In her role, Jamie leads multidisciplinary trust and compliance team focusing on translating information security and privacy frameworks, requirements, and regulations into practical security controls and policies. She has more than seventeen years of experience addressing internet security and policy issues at internet service providers, security companies, law firms, and non-profits. Jamie has been a Technical Chair, Program Chair, and Training Chair for the Messaging, Malware, & Mobile Anti-Abuse Working Group (M3AAWG), a member of InfraGard, the Bay Area Electronic Crime Task Force, and is a Certified Information Privacy Professional (CIPP/US & CIPT).