Whatever your approach to managing IT and information security, here’s a new bit I wrote for Security Technology Executive magazine on fixing what needs to be fixed before you do ANYTHING else:
Fix Your Low-Hanging Fruit or Forever Hold Your Peace
Once you have the urgent flaws on your most important systems out of the out of the way, here are some pieces I wrote for SearchCompliance.com on dealing with compliance while, at the same time, actually managing your information risks:
Managing information risk inherent to an effective compliance strategy
Avoid duplicated efforts to cut the cost of regulatory compliance
The long-term consequences of not addressing compliance today
Enjoy!
As always, be sure to check out www.principlelogic.com/resources.html for links to my additional information security articles, whitepapers, podcasts, webcasts, books and more.