G-7 Issues Cybersecurity Guidelines
Posted by Michael Reedy on October 13, 2016
“Historically, we’ve seen governments take on the challenge of cybersecurity by proposing and enforcing more regulations, an approach that is destined to fail because companies respond by favoring compliance checklists over adopting a risk management strategy,” Fred Kneip, CEO of CyberGRX, told us via email. “Cyber-criminals don’t care if you’re compliant—they care about getting your data. This G-7 agreement marks an important shift toward recognizing that a compliance-driven mentality can undermine the real work of continuous assessment, risk mitigation and remediation that needs to take place to truly minimize cyber-risk exposure, in particular among companies’ third-party digital ecosystems.” Infosecurity, “G-7 Issues Cybersecurity Guidelines” October 13, 2016