I'm delighted to have found this blog, written by Robb Reck, because we share a common belief that Compliance does not equal Security, and worse, that Compliance efforts can make you less secure. This post summarises his position and is essential reading for Infosec professionals and CISOs.
Amusingly we both wrote mid-year on the subject of compliance regimes hindering security efforts. I swear I had not read Robb's column before writing mine. Enjoy.
Posts
