LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Kubernetes and Cloud Native Security Associate (KCSA) Cert Prep

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Compliance frameworks

Compliance frameworks

From the course: Kubernetes and Cloud Native Security Associate (KCSA) Cert Prep

Start my 1-month free trial Buy for my team

Compliance frameworks

“

When we think about compliance, it's less about defensive against attackers or offense against systems and more about standards, protocols, and auditing. So for example, years ago, I used to work at a few different healthcare software startups, and a few big compliance needs for them were HIPAA, PHI, and having the ability to gain a high-trust certifications. So without those three things, insurance companies wouldn't use our services. And if the insurance companies didn't use our services, that meant the company wouldn't make money. So these tasks were incredibly crucial. Now, as we dove into the tasks, it was clear that although they were important, they didn't seem very technical in the sense of blue teaming or red teaming. A lot of the work, for example, was around ensuring that all Windows laptops and desktops had BitLocker enabled. Now, this doesn't sound very exciting, but it's what we needed. Now, not all compliance is boring, and we'll see, you know, in a couple of videos…

Contents