Overview of Information Security and Compliance: Seeing the Forest for the Trees
Michael R. Overly
Businesses today are faced with the almost-insurmountable task of complying with a confusing array of laws and regulations relating to data privacy and security. These can come from a variety of sources: local, state, national, and even international lawmakers. Information security standards not only are established through laws and regulations but also may be created by contractual standards such as the Payment Card Industry Data Security Standard (PCI DSS) and even common industry standards for information security published by organizations like the Computer Emergency Response Team (CERT) at Carnegie Mellon, and the ...