QOTD Standards and Bullet-Proof Vests

Standards are kinda like putting on a bullet-proof vest; they provide some important protection to the core, but you still have significant parts of the body exposed (vulnerabilities) that could be attacked (threats) and damaged, and even prove fatal to the organization that was considered as being 'compliant.' -- Rebecca Herold, The PrivacyProfessor
Src: Realtime IT Compliance | Audits Show Things At a Moment in Time; Silly To Sue For Breaches That Happen 1 Year After Audit Conclusion?

No comments: