Saturday, February 19, 2011

Corporate Security Certification?

This article in Network World is highly intriguing.  The panel proposing that corporate officers certify that they have followed established security minimums similar to requirements like those in Sarbanes Oxley and recent health care regulations.

I'm particularly fond of this quote by Bruce Schneier:

 "Regulate results, not technology.” Schneier said. “If you regulate technology, you stifle innovation. If you regulate results, you incent innovation.”

Definitely food for thought.

No comments: