The criminal hacker is out to get you –
The auditors want you to have your paperwork in place.
What is the real weak point that we need to focus on?
Security magazine discussed requirement 11 which is the test and validating all wireless access points.
One must validate the wireless access point survey of your locations.
Validate that there unknown systems on your network.
Validate unknown software on the network.
Validate unknown network traffic.
Having personnel and processes in place to handle all the security and compliance needs is something a lot of companies do not do well as has been shown in the proof of the breaches.
There seems to be a lack of understanding with what it truly takes to have a secure network, this may just be a typical psychological outcome of humanity in our day and age.
Forget about the political angle of the Hillary Clinton email situation, instead spend a little bit of time looking at the security thought process.
Don’t spend all of your time on the function, spend a little bit of time on the security of the system.