New Training: Standards, Regulations, & Controls

In this 7-video skill, CBT Nuggets trainer Keith Barker Pcompares and contrasts several types of security controls, along with regulations, standards, and frameworks that impact organizational security. Watch this new Cyber Security training.

Watch the full course: Governance, Risk, and Compliance Training

This training includes:

• 7 videos

• 1.1 hours of training

You’ll learn these topics in this skill:

• Intro to Standards, Regulations, & Controls

• Control Types

• Control Functions

• Regulations, Standards, and Legislation

• Key frameworks

• Benchmarks and Guides for Secure Configuration

• Quiz and Review

How Government Regulation Affects IT Security

IT security can be difficult to implement and manage. There are a lot of outside influences that affect organizational security in addition to inside factors. Businesses have little say in these outside influences, too. These external factors can be government regulations or mandated standards that businesses must comply with.

For example, let's say a medical billing company wants to use Amazon's AWS EC2 service to host their website. That website will most likely include a gated area where employees can access and process medical records. Because medical records in the United States are highly regulated, this medical billing company is required to comply with certain standards by law.

That means this medical billing company can't utilize a standard EC2 instance. On top of other security measures, that instance must be hosted on its own hardware with an encrypted image to comply with HITECH regulations. Likewise, the data stored in their database must be encrypted to meet that regulation as well. If this medical billing business does not meet these regulations, it could face extremely stiff fines.