When something is checked annually, it’s easy to procrastinate and clean house within a short time before inspection. Take taxes, for example. How many people scramble in the last few weeks — or even days — before taxes are due as opposed to organizing their paperwork daily throughout the year?
Bob Russo, general manager of the PCI Security Standards Council, is ready to change all that when it comes to IT security. At the annual RSA conference, Russo proposed setting up a security standards lifecycle, so that organizations always remain compliant as opposed to merely becoming compliant around their annual check-in date.
Tripwire spoke with Russo directly about his initiative, during which he highlighted a few regular practices organizations should embrace to stay compliant on a regular basis:
Watch the video of Russo’s interview with Tripwire below.