When a company wants to strengthen its cybersecurity, its service provider often suggests following standards such as ISO 27001 or SOC 2. "It's not NASA here", a phrase we often hear when talking about security budgets. And it's not untrue: aiming for 100% compliance...
