@attritionorg Scope is not about security, it is about getting to the point where you can do something practical
@sec_prof Encourages companies to spend more time to check the box, when that time could be spent on extra security efforts.
-
-
@attritionorg If folks are checking boxes, then they are the problem, not the DSS.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@attritionorg if you secure your systems, they will meet PCI compliance, the opposite is not true (as you pointed out) -
@sec_prof@attritionorg Secure them plus tons of documentation. I spend more time on tracking and paperwork than improving security. -
@clay_keller I hear you on the doc side, but I find a practical set of docs and a design for transparency gets me a long way down the path
End of conversation
New conversation -
-
-
@attritionorg Any InfoSec who does not use compliance as a mechanism to implement good practices should be fired. It is a gift with budgetThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.