Chapter 2

Overview of Information Security and Compliance: Seeing the Forest for the Trees

Michael R. Overly

2.1 Introduction

Businesses today are faced with the almost-insurmountable task of complying with a confusing array of laws and regulations relating to data privacy and security. These can come from a variety of sources: local, state, national, and even international lawmakers. Information security standards not only are established through laws and regulations but also may be created by contractual standards such as the Payment Card Industry Data Security Standard (PCI DSS) and even common industry standards for information security published by organizations like the Computer Emergency Response Team (CERT) at Carnegie Mellon, and the ...

Get Big Data now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.