FlagThis

Compliance as cybersecurity is being scrutinized due to the trend of risk management becoming a checkbox activity. While compliance is essential, it does not guarantee complete protection. There’s a concern that compliance is shifting authority from security experts to lawyers. This trend has been highlighted after the SEC’s recent push for disclosure by public companies. Compliance should be viewed as a minimum requirement, and not the only aspect of enterprise security. Compliance should also not replace sound security practices.