When it comes to cyber, information, IT (or whatever you choose to prefix it with) security, where do you draw a compliant and cost-effective line? Where, between gold-plated and the status quo, is good enough?
How Much Security Is Enough?
On Security Policies – A Cracking Pair
The why, what, how and what next of security policies. Now with a riposte from Phil Huggins who provoked this post and the linked articles by questioning the value of traditional written document sets
UPDATED: For Cybersecurity Are Regulators Doing More Harm Than Good?
With a dramatic increase in cyber security legislation and regulation brewing, how is that relationship with regulators going? Is it positive and productive or divisive and dictatorial?