2025-01-31 00:30:52 Pacfic
Compliance vs. Effective Cybersecurity Practices - 22d
The push for compliance as cybersecurity is under scrutiny, as risk management risks becoming a simple checkbox exercise. While compliance to standards is vital, it doesn't guarantee complete protection against threats. Experts like Chris Hughes, CEO of Aquia, view compliance as a starting point to make cybersecurity a priority. He argues it is a major factor in prompting organizations to invest in security, especially when cyberattack impact on share prices is often minimal. Compliance is essential to aim for to ensure stealthier cybersecurity for enterprises.
However, there is growing concern that the emphasis on compliance is shifting power from security professionals to legal departments. This trend is further fueled by the SEC's recent push for disclosure by public companies and guidelines from CISA. A recent blog post cited by Hughes, argues that this compliance-as-security trend means "that the future of security will be defined by lawyers, not security practitioners." Additionally, research has shown cybersecurity is becoming increasingly intertwined with legal issues. The move towards compliance shouldn't overshadow sound security practices which are needed to manage cyber security.
ImgSrc: www.reversinglabs.com
References:
- ciso2ciso.com - Compliance as cybersecurity: A reality check on checkbox risk management – Source: securityboulevard.com - 22d
- Malware Analysis, News and Indicators - Latest topics - Compliance as cybersecurity: A reality check on checkbox risk management - 22d
- Security Boulevard - Compliance as cybersecurity: A reality check on checkbox risk management - 22d
- @jos1264 - Compliance as cybersecurity: A reality check on checkbox risk management – Source: securityboulevard.com - 22d
Classification:
- HashTags: CyberCompliance RiskManagement SecurityLaw
- Company: Multiple
- Target: Enterprises
- Product: Cybersecurity
- Feature: Compliance
- Type: Research
- Severity: Medium