Tuesday, May 29, 2012

Compliant or Complacent? A Security Pro's Viewpoint

Increased government regulations and industry requirements are forcing organizations to comply with standards that in the long run are actually very useful. Many of the required controls can seriously help improve your security posture – especially if your company is new to compliance. 
The compliance trap that many companies fall into is that they focus on passing an audit instead of ensuring a sound network security posture.  Being compliant is one thing, but being secure is a completely different level.

As we’ve seen in the news recently there have been multiple companies that were compliant (and possibly complacent), yet not secure. Achieving compliance should not be the end-all-be-all of your security program; it should be viewed as a minimum baseline.

Read the rest of my article for here:

No comments:

Post a Comment