Steven Ursillo, Partner in the Risk & Accounting Advisory Services Practice and Leader of the Cybersecurity Group at Cherry Bekaert, joins Joe Carson to talk about meeting the challenges of costly, time-consuming compliance requirements. They discuss the nuances of cybersecurity frameworks like NIST CSF and ISO 27001, industry regulations like PCI, HIPAA, and SOX, and the differences between SOC1 and SOC2 examinations. Steven shares recommendations for scoping compliance programs and preparing for audits without breaking the bank or burning out your team. He offers advice on navigating the complexity of compliance based on your risk tolerance and strategies for using technology to make evidence collection and report building more efficient. Looking to the future, Steven and Joe dive into evolving compliance requirements for third-party risk and emerging concerns like Artificial Intelligence. If you’re preparing for an audit or looking to improve your compliance program, you’ll want to tune in.
Watch the video or scroll down to listen to the podcast: