The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
Dr. Anton Chuvakin, is a recognized security expert in the field
of log management and PCI DSS compliance. He is an author of
books "Security Warrior" and "PCI Compliance" and a
contributor to "Know Your Enemy II", "Information Security
Management Handbook" and others.
Joshua Corman, is Research Director for the 451 Group and leads
451 Group's research team in the area of IT enterprise security.
Previously Josh was Principal Security Strategist at IBM Internet
Andy Ellis, Akamai's Senior Director of Information Security and
Chief Security Architect, responsible for overseeing the security
architecture of the company's massive, globally distributed
Michelle Klinger, Independent Information Security Engineer
with extensive experience in the compliance field.
Jack Daniel, InfoSec Curmudgeon, Community Development
Manager, Astaro Corporation
We do not speak for our employers, clients or
customers. Nor for our spouses, siblings, or offspring,
Our opinions are our own, the facts are as we see them.
We aren’t lawyers…etc.
But some of these folks are pretty damn smart, so pay
We want an honest discussion, compliance issues are
changing what we call security.
These issues are much bigger than just PCI.
Monday was day one for MA 201CMR17.00
There have been plenty of Compliance LoveFests
And quite a few uninformed rants
This is neither of those
Think before you speak.
We’ll take time in the beginning to bicker among
ourselves before fielding questions, then please join in
We fear the auditor more than the attacker.
Compliance, the No Child Left Behind act of InfoSec?
Or is it the polio vaccine for security?
How do we use it to our advantage?
How does Compliance misuse us?
What about unintended consequences?
Impact on R&D and VC investments?
Anton Chuvakin chuvakin.org
Joshua Corman 451group.com
Andy Ellis CSOAndy.com
Jack Daniel blog.uncommonsensesecurity.com