Zach Fuller is an entrepreneur who has built businesses in multiple industries. He served as Green Beret in the U.S. Army, conducting highly sensitive combat operations in Afghanistan. Zach was awarded a Bronze Star Medal and other decorations for his actions overseas. He later built an investor relations team for a private equity company. Holding the role of Executive Vice President, he lead the team to raising well over $300,000,000 in private capital to acquire real estate assets and making it to the Inc. 500 list of Fastest Growing Private Companies. Zach is a Certified Ethical Hacker and founding partner of Silent Sector, where he is focused on mid-market and emerging companies which he considers to be the backbone of the American economy and our way of life.
Find me on:
Medium.com,
Apple Podcasts,
Amazon, and
Businesswire.com
Silent Sector® builds and strengthens exceptional cybersecurity programs for US-based mid-market and emerging companies.
Expertise-Driven Cybersecurity®
Security Requirements Dilemma
Find more information about Silent Sector's unique Risk to Revenue Methodology here.
Contact Silent Sector for an introductory consultation.
B2b technology companies are under more scrutiny than almost any other industry out there, and the reason is because they are required to follow the cybersecurity requirements and compliance requirements of their clients and a lot of cases. So if they serve a lot of different industries, they have a lot of different frameworks to align to, a lot of different requirements to follow, and it can become extremely complex. On top of that, they have security questionnaires coming down right on larger they get the higher the volume and it can be very, very difficult to tackle all those. It almost becomes like a whack a mole approach to cybersecurity for a lot of companies if they don't handle it right. And so this is what I call the cybersecurity requirements dilemma. And it's something that a lot of organizations face there. They're trying to accomplish all these different things because the requirements of their clients are requirements for compliance rather than focusing that time on the foundational elements. So the recommendation is always follow an industry recognized framework first. And there are a lot of great ones out there. Nice. This controls Nyst 853, you name them. There's a bunch you can follow. But that being said, when you follow an industry recognized framework, it's going to be much easier to cover down and cross-reference to all of these compliance requirements that come up, because that will help you secure your organization as a whole rather than tackle bits and pieces. Right. So just remember that compliance is not the same as being secure. Just because you're compliant doesn't mean you're secure. However, if you're truly secure following a good framework and really have a strong security program, then it will be much easier to tackle all the compliance requirements and handle those questionnaires that are coming down from prospects clients.