Few things besides regulations are making companies plunk down dollars for infosecurity. While compliance will surely help a company’s security posture, it may not make it secure enough. Regulations such as the Health Insurance Portability and Accountability Act, the Sarbanes-Oxley Act, the Gramm-Leach-Bliley Act and California’s SB 1386 all have requirements that touch upon security. Failure to comply will open companies up to fines, civil lawsuits and, in extreme cases, criminal charges. In many ways, regulatory compliance acts as an ad hoc security standard. Companies can use the regulations as a roadmap for their security investments. “Without tools you are not going to know what good security is,” said Pete Lindstrom, research director at Spire Security. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.