Chapter 10: Governance, Risk, and Compliance
As a security professional, you need to understand that identifying and managing risks can help keep your company environment safe from various types of attacks. We will look at the importance of policies and regulatory frameworks for reducing the risk of successful attacks. We will look at different threats, vulnerabilities, and the roles that different threat actors play.
This chapter is broken down into the following sections:
- Risk Management Processes and Concepts
- Threat Actors, Vectors, and Intelligence Concepts
- The Importance of Policies to Organizational Security
- Regulations, Standards, and Frameworks
- Privacy and Sensitive Data Concepts