Standards, Regulations & Compliance

Complying with Regulatory Frameworks

Oracle's Joshua Brooks on Dealing With the Challenges
Joshua Brooks, senior manager of public cloud GRC, Oracle

Joshua Brooks understands why those charged with information security compliance can, at times, be overwhelmed when they must deal with frameworks associated with PCI, HIPAA, FedRAMP, ISO 270001 and NIST 800-53, to name a few.

See Also: Alleviating Compliance Pain Points in the Cloud Era

"Most people feel pretty nervous when you talk about audits associated with any of one of those frameworks," Brooks, senior manager of public cloud GRC at software maker Oracle, says in an interview at Information Security Media Group's recent New York Fraud and Breach Prevention Summit. "It means a lot of work, [they're] resource intensive, but hopefully they understand the 'why' behind it."

At the summit, Brooks presented an overview of measures to take to identify and prevent security breaches.

In the interview, Brooks:

  • Explains the benefits of mapping a common set of controls to specific terminologies in various frameworks to help stakeholders to comply with laws and regulations;
  • Discusses the synergy between compliance and security; and
  • Addresses automating compliance.

Brooks joined Oracle in November 2016 as an information technology security analyst, advancing to senior manager for public cloud/governance, risk and compliance last January. Previously, he served as a cyber intel analyst manager and senior systems engineer at Lockheed Martin.


About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.