Access your Pro+ Content below.
Publisher's Note: Compliance 2.0
This article is part of the August 2005 issue of Information Security magazine
If you're like many security managers, you spend the bulk of your time peeing on the fire nearest your boot. Sorry to be so crass, but it's true: Security pros are legendary for fighting fires rather than looking for better ways to prevent them. Yes, getting strategic is tough. Rare is the opportunity to sit at the table where big picture business and IT decisions are made. Security was and is an afterthought at most organizations, and changing that dynamic ain't easy. The new regulatory environment can change all that. We're now entering "version 2.0" of compliance management, and security has a golden opportunity to gain a seat at the table. But it's up to you to make it happen. There are lots of new features in Compliance 2.0. Audits will be tougher. There will be less flexibility and patience with lack of progress or results. Real monetary penalties will be levied against real companies--maybe yours. Internally, Compliance 2.0 is all about continuous process improvement. Now that you have better insight into what the regs ...