Many of you know (and some love) the 1993 movie Groundhog Day. For those who haven't seen it, the main character, Phil Connors (played by Bill Murray), is forced to live the same day over and over until he gets it right. He meets the same people in the same places and experiences the same moments wherever he goes. Even the same song — Sonny and Cher's "I Got You, Babe" — is playing when his clock radio comes on at the same time every morning.
The challenge he faces is that he's been given no rules or guidelines about how to get out of this fix. Nothing he does can break the cycle of waking up and reliving the same events day after day after day. In my conversations with colleagues that deal with IT risk or privacy compliance, their experiences begin to sound identical to Phil's trapped existence. Why? I think a large part of it is the frustration and exhaustion of having to report on the same data about the same security controls over and over, every time a new audit request comes in.
Fatigue comes in many forms, whether it's work fatigue, Zoom fatigue, or COVID fatigue. There is no question that a large part of work fatigue for security professionals stems from compliance requirements. Lately, it feels like a new regulation or compliance standard is introduced every few months. In 2018, we saw the introduction of the European Union's General Data Protection Regulation (GDPR) and California's Consumer Privacy Act (CCPA). Two major privacy regulations in one year certainly left organizations overwhelmed with more standards to comply with in addition to what was alread ..
Support the originator by clicking the read the rest link below.
