Your compliance budget has almost nothing to do with your security posture.

securitycyber@infosec.exchange

Your compliance budget has almost nothing to do with your security posture. You can pass every audit, collect every certification, and still get obliterated by a vulnerability that was never in the auditor's checklist.

Compliance traces back to 1995, when the British Standards Institution published BS 7799.

More at https://securitycyber.uk
Mastodon: https://infosec.exchange/@securitycyber
LinkedIn: https://linkedin.com/company/securitycyber
Bluesky: https://bsky.app/profile/securitycyberuk.bsky.social
Substack: https://securitycyber.substack.com
Discord: https://discord.gg/securitycyber

Recommended: https://securitycyber.uk/go/htb for practice, https://securitycyber.uk/go/portswigger for free labs