Author: Jane Edwards|| Date Published: April 22, 2024
Yasmine Abdillahi, executive director of security risk and compliance and business information security officer at Comcast, said organizations need to consider three elements to get cybersecurity governance, risk and compliance right and those are having trust in the data, achieving alignment on risk appetite and accountability and providing actionable data.
In an opinion piece published Wednesday in Corporate Compliance Insights, Abdillahi noted that trusting the data used in making risk management decisions is key to the success of a cybersecurity GRC team.
“How do you make trust happen? Having ongoing conversations with the owners/creators of the data is key to establishing rapport and strong relationships,” she noted.
When it comes to accountability, Abdillahi cited the need for organizations “to have a well-defined structure for who is responsible for the different areas as well as a clear path established for remediation if you aren’t compliant.”
For the third element, the Comcast executive stated that cyber GRC teams should “speak in business terms to assist control owners and leadership with relevant and actionable insights.”
Abdillahi will serve as one of the speakers at the Potomac Officers Club’s 2024 Cyber Summit on June 6. Register here to hear her insights as she joins a panel discussion on the Cybersecurity Maturity Model Certification program.
The Defense Health Agency awarded a combined $8.07 billion in contracts to Humana Government Business, Evernorth Federal Services and Ipsos Public Affairs…
The Naval Information Warfare Center Pacific is soliciting proposals for the development and fielding of intelligence, surveillance and reconnaissance systems…
The Department of War is accelerating its push into unmanned systems, moving beyond experimentation toward large-scale production, streamlined acquisition and…
