The concept of standards in the security space is tricky. Standards like PCI DSS, SSAE 18, NIST, COBIT 5, the ISO/IEC 27000 family, HITRUST and PSN play an important role. They help set a good baseline for cybersecurity discipline in various segments of the economy. But they dont assure the integrity or security of what is being protected. We need a universal standard that could be modularized by industry to allow auditing and policy control to be focused.”]
Source: https://www.csoonline.com/article/3240924/in-pursuit-of-the-elusive-green-dot.html