In this podcast episode GRIP’s US content manager, Julie DiMauro, spoke with Rachael Pashkevich Koontz, Associate General Counsel of Cybersecurity and Data Protection at Booz Allen Hamilton. Rachael told us about how companies use a variety of cybersecurity certifications and cyber audits to offer something tangible to clients. To other external stakeholders this approach helps prove that you’re doing what you claim to do in terms of data protection.
We discussed:
- Some popular providers of externally validated certifications and audit reports;
- Industry-specific frameworks that are popular for those needing more customized offerings;
- How the certificates and audits operate like control objectives at a high level;
- How to advocate for the resources needed to obtain these certifications and audits with executive leadership;
- Getting a certification for a product, one section of an office building or a whole office – scoping the task to suit your needs; and
- Where Rachael sees cybersecurity certifications and cyber audits heading in three to five years.
A transcript of this podcast is available here.