Check out this article.. http://www.cio.com/article/102751/Your_Guide_To_Good_Enough_Compliance?page=5&taxonomyId=1419 What is "Good enough Compliance?" You either ARE complaint or you ARE NOT. Its a switch. The article should be a guide to "Good enough security". Good security is no the same a being compliant. I would much rather have good security then being compliant with any given regulation. But good security often covers many of the security requirements outlined in compliance standards. Two things caught came to mind reading the article. 1) Don't trust Sony Pictures with any personal data or credit card information. 2) How many data breaches are REALLY happening? What does this paragraph suggest? "According to Behnam Dayanim, a privacy attorney with Paul, Hastings, Janofsky & Walker, state security breach notification laws are among the most frequently ignored types of security regulation. About 35 states have passed security brea
This is a collection of Articles, Tools, Conference talks, interviews, etc by Mark Baggett