Compliance is a Minimum Security Standard, Not an End Goal

New laws and industry standards such as GDPR force affected organizations into an upheaval in order to meet the rigor of the new mandate. This compliance often means budget overhauls and rewritten policies and processes. And while there are benefits to the increased attention to and investment in data protection, this emphasis can also lead to a shift toward a misguided, compliance-centric approach to information security.

May 31, 2018