www.majorkeytech.com
Open in
urlscan Pro
104.46.36.9
Public Scan
Submitted URL: https://d2mvpp04.na1.hs-sales-engage.com/Ctc/LZ+23284/d2mVPP04/Jl25m-BpW7lCGcx6lZ3kPW840LMz3CFYRWW3yP-pV4Dltj4W4qcXJD5mlW_RW1ssclp2FdbGHW...
Effective URL: https://www.majorkeytech.com/resources/blogs/what-do-rainbow-trout-have-to-do-with-the-new-sec-requirement/?hss_channel=lcp-1...
Submission: On January 29 via api from US — Scanned from DE
Effective URL: https://www.majorkeytech.com/resources/blogs/what-do-rainbow-trout-have-to-do-with-the-new-sec-requirement/?hss_channel=lcp-1...
Submission: On January 29 via api from US — Scanned from DE
Form analysis
1 forms found in the DOM/search/
<form action="/search/" data-hs-cf-bound="true">
<input aria-label="Search" class="_searchbox" placeholder="Search" name="q" value="" autocomplete="off"><button aria-label="Submit search"><svg role="img" width="36" height="36" viewBox="0 0 36 36">
<use xlink:href="#svg-search-icon"></use>
</svg></button>
<div class="_instantsearch" data-nohits="No results found"></div>
</form>
Text Content
× This website uses cookies to provide the best possible user experience. If you continue without making any changes you allow this. Read more about cookies here. Read more about our Privacy Policy here. Accept Skip to main contentSkip to navigationSkip to search Logotype Menu Close Logotype * What we do * MajorKey Guide BUSINESS-DRIVEN IDENTITY AND ACCESS MANAGEMENT A Buyer's Guide on How to Ensure a Successful Outcome of Your IAM Program Get the Guide * What we do * Identity & Access Management (IAM) * Application Deployment & Security * Data Security & Governance * Cloud Security * Advisory Services * Integration Services * Managed Services * * Resources * MajorKey Guide BUSINESS-DRIVEN IDENTITY AND ACCESS MANAGEMENT A Buyer's Guide on How to Ensure a Successful Outcome for Your IAM Program Get the Guide * Blogs * Webinars * Whitepapers * Analyst Reports * Featured Articles * Events * News and Press * Support * Government and Public Sector * * About us * Our Core Values People focused Teamwork Corporate Responsibility Integrity Passionate Excellence About Majorkey * Technology in harmony * Our story Our People * Leadership team * Join our team MajorKey Expands Solutions Advisory Practice with Veteran Identity and Application Security Expert Alex Gambill MajorKey Accelerates Pure Play Identity Security Strategy with Acquisition of Legion Star MajorKey Announces Strategic Pivot to Focus on Pure Play Information Security Technology and Services View all news [Interactive Tool] Cloud Security Vendor Selection Calculator * * Contact Blog Alex Gambill | January 24, 2024 I 4 min read WHAT DO RAINBOW TROUT HAVE TO DO WITH THE NEW SEC CYBERSECURITY REGULATION? Share LinkedInLinkedInFacebookFacebookTwitterTwitterE-mailE-mailPrintPrint The serenity, solitude, and deafening silence of the river rushing past your knees, surrounded by snowcapped mountains while fly fishing is tough to beat. The beauty that engulfs your senses slowly lulls you into a daydream sequence. Trout aren’t super active in the winter, so the expectation of a catch is minimal. You slip further into your mind and then…BOOM! Fish on! You’re suddenly jostled from being alone with your thoughts, fighting to land what’s sure to be a nice fish – they usually are in the winter months. BUT WHAT DOES THIS HAVE TO DO WITH SECURITY? Make no mistake, there’s nothing serene, solitary, silent, or even remotely enjoyable about regulatory requirements. They’re an important and necessary component of the daily lives of practitioners and services providers. The commonality is that we’re in a daydream sequence when it comes to SOX 404. We’ve become desensitized to it because it’s overloaded every aspect of our conversations, conferences, social media feeds, and vendor relationships. We’ve been bludgeoned with content targeting GDPR and other similar privacy regulations – and that’s just scratching the surface. Fast-forward to the here and now. We’re standing in that river of regulatory compliance, desensitized to the reality that a beautiful, native rainbow trout could be on our line at any moment. IN THE WORLD OF REGULATORY COMPLIANCE, THAT TROUT IS THE NEW SEC CYBERSECURITY REGULATION. Much like me scrambling to set the hook and strip line, we’re all in a position of needing to quickly rotate to address the newest requirements passed down from the SEC – whether we’re ready or not.. At a high level, the goal of the new requirements is enhancing the cybersecurity practices of publicly traded companies’ as they relate to risk management and governance, while increasing transparency around cybersecurity events. Specifically, an organization must provide a comprehensive disclosure of its processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats. But let’s not forget about our friends at privately held companies. You may be impacted as well, particularly if you’re looking to interoperate with publicly traded companies from a vendor, partner or other 3rd party relationship perspective. RATHER THAN DIVE INTO THE SPECIFICS OF WHAT ORGANIZATIONS SHOULD BE DOING, LET’S START WITH A FEW QUESTIONS YOU WILL WANT TO CONSIDER OVER THE COMING WEEKS. 1. Who’s on first? Have you identified the right team with the right expertise to assess and manage cyber-related risk? 2. When was your last risk assessment and how does it tie back to your risk and controls framework – specifically where you’ve identified cyber-related risks & controls? 3. How are you proactively managing the potential for realized risks and the quantification of those risks within your key enterprise applications? 4. What level of automation and technology-enabled processes do you have to empower your team to limit taking on a reactive response? 5. What processes are in place to identify, manage and mitigate material risks from cybersecurity threats associated with the use of any third-party service providers? 6. How are your existing cybersecurity processes integrated into the overarching organizational risk management processes? If these questions have you thinking about technology-enabled processes for identity security, access governance, cloud security,customer identity management, and privileged access, then you’re on the right track. 2024 has arrived and so have the new challenges and opportunities – cheers to avoiding cyber threats, tight lines and more than a few moments of serenity, solitude and deafening silence in the middle of a remote mountain stream. AUTHOR Alex Gambill, Director, Application Security & GRC Advisory With more than 14 years of experience in the identity, application security, and controls space, Alex has helped numerous Global 2000 and Fortune 500 organizations develop and deliver their enterprise application security, access controls, and identity initiatives to support governance, risk, and compliance frameworks. To hear more from Alex, follow him on LinkedIn. GET IN TOUCH Think we could help your business deliver on technology’s promise? We think so too. Drop us a Line, and we’ll get back to you in a heartbeat. Get in touch STAY UP TO DATE WITH OUR MONTHLY NEWSLETTER. Covering the latest in IAM, Application Security, Data Governance, Cloud Security, and other industry news and company updates. What we do Solutions * Identity Access Management (IAM) * Workforce Identity Management (IDM) * Identity Governance and Administration (IGA) * Privileged Access Management (PAM) * Customer Identity and Access Management (CIAM) * Application Deployment & Security * Cloud Security * Data Security & Governance Services * Advisory Services * Managed Services Partners & Technology * View all partners Our Approach * Technology in harmony * Why choose us Client Success * View all client success stories About us * Technology in harmony * Our story * Client Support * Government & Public Sector * Texas DIR Our People * Leadership team * Join our team Resource Hub * Content library * Whitepapers * Videos * Analyst reports * Webinar * Blogs * Client success stories Multimedia * Upcoming events * Featured articles and podcasts * Company news © MajorKey 2024 Use of this site signifies your acceptance of MajorKey Tech's Privacy Policy