Alex Wood, CISO, Pulte Financial Services
Mapping Risk Directly to Framework Controls
- A security framework provides a way to qualitatively and quantitatively talk about security, whether it relates to practices, budget discussions, or regulatory issues.
- With a security framework, it becomes possible to map specific IT risks to specific framework controls.
“I like to think of a security framework as the road map for your security program. The map is not the only thing you’ll need to get from point A to point B, but it helps you find the best route.”
“I like to think of a security framework as the road map for your security program,” says Alex Wood, chief information security officer (CISO) at the Pulte Group, a home-building company that also provides a variety of financial services. “The map is not the only thing you’ll need to get from point A to point B, but it helps you find the best route.”
This is an excerpt from Economic, Operational and Strategic Benefits of Security Framework Adoption. The eBook was generously sponsored by Tenable.
