Search results



The Problem with Compliance

The Problem with Compliance

After a decade of doing compliance assessment work, I am coming to terms with an uncomfortable truth: nobody likes compliance. It is a miserable, time-suck that slows down forward momentum. How did this happen? Where did compliance go wrong? Why is compliance (as well...

GDPR is Coming

On May 25th, 2018, the European Union’s General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) officially goes into effect.  No need to panic. We got this. GDPR has rapidly devolved into a touchstone for everything from vendor FUD to political frothing. ...

What’s New in NIST 800-53 R5

The National Institute of Standards and Technology (NIST) recently released the first public draft of NIST 800-53 revision 5, Security and Privacy Controls for Information Systems and Organizations. This is the first updated to this massive standard in over five...