The SCF was the topic in the most current version of the Defense In Depth podcast series by David Spark, the creator of CISO Series and Allan Alford, the CISO at Mitel. The founder of the SCF, Tom Cornelius, was invited to answer direct questions on this framework. If you are interested in the SCF and want to listen to a really good podcast series, pour yourself a cup of coffee and listen to: https://cisoseries.com/defense-in-depth-secure-controls-framework/
A quick rundown of this episode covered these topics around the SCF:
- What problem is the SCF solving?
- Can there ever be agreement on frameworks?
- Is the problem with frameworks solvable?
- Who benefits from using the SCF?