.png)
Compliance Crosswalk
Cybersecurity and data privacy is a requirement for any good business. So how can a CISO, CTO or compliance manager stay on top of where the industry is heading? Infosec veteran and former lead auditor, Blaise Wabo discusses the intersection of security, privacy and compliance. Topics include: Guest interviews with industry experts, framework updates, the business implications of compliance (and non-compliance), and discussions about compliance challenges, tips and tricks.
Compliance Crosswalk
The Lowdown on the 2022 ISO 27001 Update: Featuring ISO Expert Steve Holladay
In February 2022, the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) released an update to the ISO/IEC 27002:2013, known as ISO/IEC 27002:2022. In order to make the framework more adaptable and customizable to various organizations, a cadre of changes were announced.
The major changes will include a reduction of the total number of controls, changes to the framework’s taxonomy and the creation of new attribute tables. This isn’t an exhaustive list of the changes to come this year with ISO; an amendment to ISO 27001 is expected to be published between May and October 2022.
In this episode of Compliance Crosswalk, hosts Arti Lalwani and Blaise Wabo sit down with ISO 27001 expert, Steve Holladay of Arrowhead Training to better understand what is included in the February updates and where ISO 27001 is headed in the next year or two.
