What is Compliance?

image

I read and hear the term “compliance” used liberally in infosec, often without a clear context.

The graphic above is intended to illustrate some business drivers such as statutory laws, regulatory agencies (e.g. GAO’s HIPAA), industry-imposed requirements (e.g. PCI DSS), customers’ and shareholders’ expectations (some of which are legally and contractually required).

Marketplace Analytics … When Knowing Data About You May Benefit You

While reading ComputerWorld’s Fueled by Analytics article in their December 2nd edition I was struck by the company’s use of data collection and analytics to deliver “… cars that most customers want most of the time.”