Why Compliance is for Guidance, Not a Security Strategy
InformationWeek
Jason Fruge
Chief information officers face challenges obtaining buy-in to invest in cybersecurity. Yet equating compliance to security is the biggest mistake CISOs are making. It’s a problematic question security teams get asked by the business side throughout their careers: “If we’re compliant, why do we need to continue investing in cybersecurity initiatives?”
The answer can be found in ...