Ben Goodman, principal technology specialist and marketing manager for Novell's Compliance Management solutions, uses this simple barn analogy when discussing the people, processes, and policies that make up a good security and compliance management program: "Do you want to be the person that reports the barn doors are open 90 days after the cows escaped?"
Too many organizations equate the ability to demonstrate compliance with being "secure." The Verizon Business RISK Team's 2009 Data Breach Investigations Report, which evaluated 90 breaches that affected 285 million records, found that in an astounding 82 percent of those incidents, the data that could have pointed to the pending compromise was available, but not identified or acted upon.
In an article published by ZDNet, Ben provides sound advice on how IT security pros can streamline regulatory compliance efforts while also reducing risk. In other words, here's some advice on how to implement a comprehensive barn watching program that actually keeps cows safe so Old MacDonald can focus on the business of E-I-E-I-O.