Happy to see you recovered, I hope you feel better. Thank you for continuing to provide us great information in regards to CISOs. Also, I felt this was a part 0 to frameworks or maybe a pre frameworks video. Could you do another video where you go into more depth of implementing frameworks after a cyber foundation has been set?
Yes, I agree with my predecessor. There are frameworks that can be implemented early on and help with initial steps, such as finding data, risk management frameworks (risk posture), etc. Or are these frameworks referring to compliance things like ISO 27001, CSF, and so on?
Hope you feel better Eric. Regarding thin client laptops, how would one implement such policy for data rentention/storage given that most thin client laptops come with hard drives?
This sounds more like a cyber security framework vs compliance framework debate - CSF when implemented correctly essentially achieves what you laid out (i.e., Identify your assets -> protect the key assets). Valuable lesson though, I think compliance is one of the most misunderstood parts of cyber security.