
Compliance Is Not Security – And That’s A Good Thing
You will often hear security professionals (myself included) state “compliance is not security”. Being compliant with a standard like SOC2, ISO27001, HIPAA or other standards is no guarantee that an organization or their data is secure.