A strange analogy crossed my mind the other Sunday. The whole IT Compliance vs
Security struggle is a lot like a common struggle in most religion.
A common logic used in religion is to
1) Follow the laws of the religion and
2) Follow the principals of the religion as you understand them.
Following the laws and principals would be doing [...]