• Compliance franchise or real security

    I’ve been saying for a long time now that compliance standards like PCI DSS 1.2 have created a marketing franchise for auditors instead of improving security. Empirical evidence of the past 2 years suggests that compliance focuses on meeting auditor requirements instead of assuring actual security of your systems and customer data assets.    Here’s an […]