HardenedVault writes that “Chinese, German, and U.S. government agencies still differ in their approach to critical infrastructure supply chain security, and the U.S. has
Since 14028, it has been centered on technical guidelines, which provide a reference for enterprises at the technical evaluation and operation level. Europe sets minimum technical requirements as mandatory compliance, but considering other compliance factors such as GDPR risk-based compliance, companies not meeting industry best practice levels can actually lead to higher compliance risk. China’s strategy is different from that of the United States and Europe. The technical scope and objectives are included in the critical information infrastructure security protection requirements, and there should be other technical guidelines for reference at the specific practical level. Under the general trend of global advanced threat protection, infrastructure and platform firmware are one of the core links in the overall defense. From the above public information, they are also part of future compliance. CISOs should be in the complex application security and border security. Take a moment to think about how to deal with the future compliance requirements of various countries, some industries that do not rely on compliance-driven industries such as crypto
Custody/exchange needs more aggressive strategies based on next-generation data center security solutions to face current and future risks and threats. “
This article is reprinted from: https://www.solidot.org/story?sid=73259
This site is for inclusion only, and the copyright belongs to the original author.