Compliance will not give you good security, although effective security can help to support compliance programs, experts argued today. During a panel debate on day two of Infosecurity Europe, Upp director of information and cyber, Ian Hill, warned that regulations often say “what you should do, but not how to do it.” He added that many fail to keep pace with the reality of working in cybersecurity, citing how it took the ISO 27001 standard nine years to include the common scenario of data leak prevention.

Source: Infosecurity Magazine – Information Security & IT Security