Regulation-led security can give hackers a blueprint to a business network
As the headlines reporting data breach after data breach show, hackers are seemingly always one step ahead of businesses’ cyber security defences. The reality is that in some cases, rather than protecting data,regulation could be compounding the problem. The enforcement of GDPR and NYDFS mean many organisations – understandably – opt to define security policies based on regulatory requirements. It ensures that are not hit with the huge fines these regulations promise for failure to comply and is theoretically supposed to ensure the safety of data.