You know, security is hard to get your arms around. You can’t buy it in the form of a product. And you certainly can’t get it by barely clearing the minimum compliance hurdles. It is a combination of people, processes and technologies that come together to ensure that the confidentiality, integrity, and availability of information assets (physical, virtual, data, etc.) is maintained.
Not so fast Mr. CISO
One thing that has become apparent over the last few years is that the risks of failing to achieve security have been underestimated, leading to the demise of some high profile executives and more than a fair amount of frustration on the part of consumers.