Mushrooming industry and government mandates that govern IT security have led to a highly regulated environment and annual compliance fire drills. Compliance, however, does not necessarily equal better security. We are reminded of this fact nearly every day when breaches make headlines. So what role should compliance and risk management play withi...
With each major public data breach our attention focuses on how to prevent these incidents. A good example is the recent security breach at LinkedIn, in which millions of passwords were stolen. Industry experts and the media immediately started to dissect what LinkedIn had done wrong or what methods or tools should have been used to prevent the incident. Unfortunately, at some point every organization will be faced with a security breach. This raises the question -- are security professionals focusing on prevention at the expense of damage control preparation?...