|
|
|
|
|
|
by tptacek
1071 days ago
|
|
|
One indicator of the intellectually bankruptcy of this article's summary is the equivalence it draws between NIST's framework (which is really just an index of other frameworks), ISO 27001 (a certification), and PCI (a domain-specific audit program). It's an incoherent way to think about frameworks, even if you think there's value in them (I think it's probably clear to everybody that I don't). |
|
|