• Compliance or risk: what the real IT leaders focus on

    26 Sep 2011

    Whatever your approach to managing IT and information security, here’s a new bit I wrote for Security Technology Executive magazine on fixing what needs to be fixed before you do ANYTHING else:
    Fix Your Low-Hanging Fruit or Forever Hold Your Peace

    Once you have the urgent flaws on your most important systems out of the out of the way, here are some pieces I wrote for SearchCompliance.com on dealing with compliance while, at the same time, actually managing your information risks:

    Managing information risk inherent to an effective compliance strategy

    Avoid duplicated efforts to cut the cost of regulatory compliance

    The long-term consequences of not addressing compliance today

    Enjoy!

    As always, be sure to check out www.principlelogic.com/resources.html for links to my additional information security articles, whitepapers, podcasts, webcasts, books and more.