Solving the Problem With Security Standards

24 September 2020

Security people love compliance programs. Really! It’s why we have so many of them.

No. OK, we hate compliance programs. Even when I try to tell jokes about compliance programs, I hate them.

The reason I hate compliance programs is because they’re lists of things we need to do, and many times, those things don’t seem to make a great deal of sense. In threat modeling, I talk about the interplay between threats, controls, and requirements, and I joke that “a requirement to have a control absent any threat” is why we hate compliance programs (not joking).

Read full article on Dark Reading

Date:

24 September 2020

Categorie(s):

NEWS

Tag(s):

IT, News, Problem, Security Standards

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices6 May 2024
What Palo Alto Networks and CrowdStrike Teach us About Using a Mobile Defense Platform6 May 2024
CISA says ‘no more’ to decades-old directory traversal bugs6 May 2024
Beware of Phishing Attacks Targeting AmericanExpress Card Users6 May 2024
Strengthening Cyber Defense with Threat Intelligence Operations6 May 2024