Anil Karmel is the Co-Founder and CEO of RegScale, which delivers freedom from (digital) paper by helping organizations shift both security and compliance left via our RegScale continuous compliance software. Formerly, Anil served as the National Nuclear Security Administration (NNSA) Deputy Chief Technology Officer. Karmel has been in the IT Industry for over twenty years, working with Fortune 500 companies and governments at the intersection of cloud, cyber security, and compliance. Anil currently serves as the President of the Cloud Security Alliance's Washington DC Metro Area Chapter (CSA-DC) and as a member of the CSA's CxO Trust Advisory Council.
Title of Talk: Regulatory Operations: Bringing the Principles of DevOps to Compliance
Description of Talk: Organizations are struggling to keep up with the ever-changing regulatory landscape. Coupling these new regulatory requirements with the changes occurring in our technology and application landscape make the compliance burden untenable. When you think about compliance, the innovations that exist in this space are 20th century tools such as Word and Excel to address today’s 21st century compliance challenges. These compliance artifacts are stored in file servers and Governance, Risk and Compliance (GRC) tools and furthermore, this problem is amplified by the fact that compliance needs to be managed across a multitude of standards and frameworks such as NIST, ISO 27001, PCI, SOX, HIPAA, etc. The question that needs to be asked is how can we move compliance from a static, point in time activity to an activity that is real time, continuous and complete? In this talk, we will discuss how the principles leveraged to build and deploy software can be applied to compliance in a wholly new discipline called RegOps.