© Morey J. Haber 2020
M. J. HaberPrivileged Attack Vectorshttps://doi.org/10.1007/978-1-4842-5914-6_20

20. Regulatory Compliance

Morey J. Haber1 
Heathrow, FL, USA
A threat actor does not care about the law, compliance, regulations, and security best practices. In fact, they are hopeful that your organization is lax on many of these specifications and frameworks to leverage them for malicious intent. While regulatory compliance is designed to provide legally binding guidelines for industries and governments, they do not provide the necessary means to stay secure. Compliance does not equal security. Regulatory compliance measures are enforced guidance toward good cybersecurity hygiene, but implementing them without good processes, people, training, ...

Get Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.