Crosswalking Security Requirements

This paper provides the background and the steps for conducting a policy focused security requirements crosswalk or mapping. This discussion is geared towards Chief Information Officers (CIOs), and others trying to navigate the road to security compliance. The Meridian Dictionary defines crosswalk as a 'specially paved or marked patch for a pedestrian crossing a street or road.' Unfortunately there is no specially paved road or marked path to walk on the street toward compliance with security regulations. Following this analogy there are in fact many security regulations (roads) and no single security standard (path); and there is no one map leading from Point A to Point B. CIOs are faced daily with the daunting challenge to secure their networks workplaces data inventories and all aspects of their operations in accordance with many different security regulations