Why does COMPLIANCE MATTER in Cyber Security? The TRUTH

Поделиться
HTML-код
  • Опубликовано: 29 окт 2024

Комментарии • 7

  • @ericapinheiro9891
    @ericapinheiro9891 Месяц назад +2

    Starting a career in cybersecurity, especially at the L1 level, often seems straightforward for those entering compliance roles. However, it’s disheartening to see that many companies require extensive experience-typically over five years-even for entry-level positions. This gap can make it challenging for newcomers to get their foot in the door, despite their eagerness and relevant skills. Greater support and opportunities for fresh talent are crucial to fostering growth in the field. Great video as usual! ❤

    • @JonGoodCyber
      @JonGoodCyber  Месяц назад +1

      I wouldn't say that GRC is straightforward or "easier" than other jobs. In fact, GRC isn't something you can as easily lab like you would for a technical job because it relies on knowledge that is acquired through experience that can't be easily replicated. Don't be fooled by people saying otherwise. Also, it sounds great to make more opportunities for new professionals, but it's really businesses preventing this as they control the budgets of security teams trying to maximize the value that they bring to the organization. Keep striving to make yourself the most competitive candidate you can be so that it becomes an easier decision to hire you!

  • @idadjiguimde6045
    @idadjiguimde6045 2 месяца назад +2

    This video came to me in a timely manner. Will save and watch over and over again.

    • @JonGoodCyber
      @JonGoodCyber  2 месяца назад +3

      I'm glad that you found the content helpful!

    • @Youonlyloseyourself
      @Youonlyloseyourself 2 месяца назад +2

      Yes watch it over and over. If you’re trying to get in cyber this is an area not recognized but a lot but it is extremely important. Very very important!

  • @RS-nc5qx
    @RS-nc5qx 4 дня назад +1

    When you say “other times you will receive a report or attestation” which verifies compliancy. Can you elaborate a little on what would make you compliant without needed a certificate?

    • @JonGoodCyber
      @JonGoodCyber  4 дня назад +2

      For example, when you are HIPAA compliant due to an audit, you will receive a report or attestation and not an actual certificate like you would if you were audited for ISO 27001. It really comes down to the specific standard or requirements to determine what you will receive. Some companies will even say they are compliant with controls as a form of self-attestation or claim, but they haven't undergone a formal third-party audit for the requirements.