A CIO once quipped, "Security isn't hard, compliance is." And in fact many companies focus their security efforts on meeting compliance requirements. But if you are audit compliant, have you in fact addressed all of your risks, or are you just kidding yourself? Is it better to focus on the risks presuming that doing so will cover you off on the compliance side? Network World Editor in Chief put the question to two practitioners, both of whom come down on the side of risk.
- Petya and NotPetya: The basics
- If you can’t detect a breach within 3 hours, your data is probably already gone
- Wi-fi security is KRACK’d, ‘catastrophic’ impact on 820 million Android devices
- KRACK Wi-Fi attack threatens all networks: How to stay safe and what you need to know
- KRACK: Researcher discovers flaws in WPA2 authentication