- 29 Jul 2011
- 17 Jul 2011
- 02 Jul 2011
This is the second in a series of commentaries on what's wrong with information security and what needs to be changed. My last posting discussed the need for changes in the perception and ...
Regular readers will know I'm critical of our current approach to information security management. In my view there's too much emphasis on compliance and economics, rather than on effective ...
I've blogged before about the perils of best practices and standards, and the crippling effect of compliance on security programmes. The consequences, however, are getting more serious as these ...