Task Forces

The success of last year’s task force and member demands to develop and use metrics to drive security program improvements have called for launching a second phase of the security metrics task force in March.  We welcome both previous task force members and new members.  In addition to addressing member requests, task force objectives will include: (1) building out the three-tiered CSC Metrics Framework, with a greater focus on Tier 3 (Risk and Compliance) metrics; and (2) incorporating the Security Metrics Workbook examples in a commercial tool which can be used by CSC members. Meetings will occur every other week on Thursday’s at 1pm EST until the end of the year.  Please join us for a scoping meeting on Thursday, March 9 at 1pm EST, during which we will hear your challenges and review proposed discussion topics and deliverables for our upcoming Security Metrics Task Force.

The General Data Protection Regulation (GDPR) and other international privacy laws impose legal requirements for the collection, use, and protection of personal information. These requirements include breach notifications to regulatory authorities and restrictions on the transport of personal information. To comply with these laws and regulations, enterprises must now consider the geographic location of personal information, including information processed and stored in the Cloud.