Checking out today’s current events from Feedly I ran across Bruce Schneier’s comments around a social engineering attack that resulted in ~ $300,000 loss to Apple in products.
Tag: governance
What is Compliance?
I read and hear the term “compliance” used liberally in infosec, often without a clear context.
The graphic above is intended to illustrate some business drivers such as statutory laws, regulatory agencies (e.g. GAO’s HIPAA), industry-imposed requirements (e.g. PCI DSS), customers’ and shareholders’ expectations (some of which are legally and contractually required).