January 26, 2020
Federal CISO Schneider: Government needs checklists, because compliance with the basics is lacking
Federal Chief Information Security Officer Grant Schneider on Wednesday took a hard line on the importance of “compliance,” which -- along with “checklists” -- is often framed as contrary to the widely embraced concept of cyber risk management.
“When we talk about compliance, it's often used as a dirty word,” Schneider said. “I actually think, though, that compliance is necessary but not sufficient."
Opening the 10th Annual Billington Cybersecurity Summit, Schneider encouraged the use of risk management, but also stressed...