Krypt3ia@krypt3ia@infosec.exchange
What crack are they smoking?
Krypt3ia@krypt3ia@infosec.exchange
Martin Boller :debian: :tux: :freebsd: :windows: :mastodon:@itisiboller@infosec.exchange
@krypt3ia@infosec.exchange I do see a move away from any RealSecurityβ’
and a move towards check-mark compliance potentially even accelerated by all the regulatory compliance requirements - While said requirements COULD have been used to improve security posture they are effectively starving effective measures (and thereby current best practices) further increasing security poverty.
"Compliance-sizing: the act of replacing highly skilled and educated cyber security professionals with auditors.
β¦Or just overwhelming said professionals with sheer amounts of useless βcontrolsβ developed by people with no real understanding of how Threat Actors operate"
Kevin Karhan :verified:@kkarhan@infosec.space
@krypt3ia@infosec.exchange or rather what they realize now is that #ITsec is not an optionality, but mandatory.
ronkuhl@ronkuhl@infosec.exchange
@krypt3ia@infosec.exchange There are no Technical or Security Failures, only Procedural Failure. Thusly all solutions are Procedural.