Incomplete Thought: Compliance – The Autotune Of The Security Industry
I don’t know if you’ve noticed, but lately the ability to carry a tune while singing is optional.
Thanks to Cher and T-Pain, the rampant use of the Autotune in the music industry has enabled pretty much anyone to record a song and make it sound like they can sing (from the Autotune of encyclopedias, Wikipedia):
Auto-Tune uses a phase vocoder to correct pitch in vocal and instrumental performances. It is used to disguise off-key inaccuracies and mistakes, and has allowed singers to perform perfectly tuned vocal tracks without the need of singing in tune. While its main purpose is to slightly bend sung pitches to the nearest true semitone (to the exact pitch of the nearest tone in traditional equal temperament), Auto-Tune can be used as an effect to distort the human voice when pitch is raised/lowered significantly.
A similar “innovation” has happened to the security industry. Instead of having to actually craft and execute a well-tuned security program which focuses on managing risk in harmony with the business, we’ve simply learned to hum a little, add a couple of splashy effects and let the compliance Autotune do it’s thing.
It doesn’t matter that we’re off-key. It doesn’t matter that we’re not in tune. It doesn’t matter that we hide mistakes.
All that matters is that auditors can sing along, repeating the chorus and ensure that we hit the Top 40.
- Auto-Tune Really Is The Devil’s Favorite Tool (dlisted.com)
- Auto-Tune: Why Pop Music Sounds Perfect (time.com)
- Simon Cowell’s X Factor Fesses to Auto-Tune Use (omg.yahoo.com)
- What T-Pain Sounds Like Without Auto-Tune: Not That Much Better Than Sasha Frere-Jones [Sasha Frere-jones] (gawker.com)
- Navigating PCI DSS (2.0) – Related to Virtualization/Cloud, May the Schwartz Be With You! (rationalsurvivability.com)
- What’s The Problem With Cloud Security? There’s Too Much Of It… (rationalsurvivability.com)