Date & Time
Wednesday, October 17, 2018, 1:15 PM - 2:45 PM
Category
Governance, Risk & Compliance
Description

Managing a security compliance program at startups comes with its unique set of challenges. The textbook approaches to security compliance or the generally applicable risk management frameworks will not be enough, and won’t take you too far if you do not anticipate all the obstacles you are likely to face. And this is where the rubber meets the road.


This talk will describe some of these obstacles, contrasting the textbook strategies and generally applicable frameworks with the real world challenges faced by security compliance teams at smaller companies. It is based on the speaker's experience of creating security compliance programs from scratch at two different startups, and operationalizing the compliance strategy while battling limited budgets, vendor fatigue, and talent shortage. Using illustrative scenarios, it will guide security compliance professionals on what challenges to anticipate when implementing their compliance strategy, and provide practical pointers on how and when to make sensible trade-offs.

Speaker(s)
Rafae Bhatti
Speaker Bio(s)
Rafae is the Head of Security and Privacy at HealthTap, where he is responsible for building the security compliance program on a limited budget, and working with both external and internal stakeholders to roll out processes and tools that advance the goals of security compliance yet do not impede the agile development process. Previously, Rafae set up and managed security compliance program at New Relic on its journey to becoming a public company. Rafae has a Ph.D. in Computer Engineering, is a published author, and a part-time educator.
CEUs
1.8