Regulation-led security can give hackers a blueprint to a business network

From: Information Age

Many organisations are opting to define security policies based on regulatory requirements, however the result is that their cyber-defences become very quickly out of date

Nick Ismail

As the headlines reporting data breach after data breach show, hackers are seemingly always one step ahead of businesses’ cyber security defences. The reality is that in some cases, rather than protecting data,regulation could be compounding the problem. The enforcement of GDPR and NYDFS mean many organisations – understandably – opt to define security policies based on regulatory requirements. It ensures that are not hit with the huge fines these regulations promise for failure to comply and is theoretically supposed to ensure the safety of data.

However, this approach results in security postures that become quickly out of date. On one hand, regulations are 24 months old by the time they must be implemented, but perhaps more concerning, is the fact that businesses could be inadvertently providing hackers with an ‘access blueprint’.

Read Complete Article



Leave a Reply

Your email address will not be published.

Please Answer: *