I didn't pay close enough attention when Anton Chuvakin first mentioned this series of articles he's writing. His "Age of Compliance" series addresses various operational security issues and then describes how certain legal frameworks (Federal Information Security Management Act, Payment Card Industry Data Security Standard, Health Insurance Portability and Accountability Act, etc.) influence those activities.Thus far Anton has published:
- Incident management in the age of compliance
- Log management in the age of compliance
- Intrusion detection in the age of compliance
These are great if you are trying to cite regulations for justifying security funding.
Tidak ada komentar:
Posting Komentar