A CIO once quipped, "Security isn't hard, compliance is." And in fact many companies focus their security efforts on meeting compliance requirements. But if you are audit compliant, have you in fact addressed all of your risks, or are you just kidding yourself? Is it better to focus on the risks presuming that doing so will cover you off on the compliance side? Network World Editor in Chief put the question to two practitioners, both of whom come down on the side of risk.
- Xerox CISO: How business should prepare for the future security threat landscape
- When it comes to next-gen security, smartphones are opening doors – literally
- Dridex, BEC attacks and ‘brandjacking’ surge as phishing volumes pick up again after lull
- Unencrypted hard-coded password risks patient info in Philips’ x-ray dose app
- Skilled bad actors use new pulse wave DDoS attacks to hit multiple targets