Your company is expanding its operations to a new region with strict data protection laws that differ significantly from those where your headquarters is located. What is the most important first step your security governance team should take to ensure compliance with the new region's legal requirements?
Review and align the security policies with the local/regional legal requirements.
Mandate that all employees complete a new security awareness training immediately.
Implement an advanced encryption protocol to secure all data in transit and at rest within the new region.
Apply the same security policies from the headquarters to the new region's operations without modification.
|Security Program Management and Oversight
|Threats, Vulnerabilities, and Mitigations
|General Security Concepts