Miles Associates LLC

Jim Miles – IT & IT Security Consultant – Web Sites for Growing Organizations

Is Compliance the New Security Standard?

…Given the compelling case for securing the enterprise, why do CEOs fail to invest more in security solutions? Does this simply represent a failure of IT and security staff to make a compelling business case? Or are the CEOs in fact being short-sighted?

…Risk management is the only rational way to frame the debate…The management decision is one of making rational trade-offs between the probability of an event, and the cost of reducing that possibility – but not eliminating it…

Security spending for compliance, then, is a given. And while compliance spending may not comprehensively protect the enterprise against a breach, it does provide one important bit of protection: liability. From the CEOs perspective, while the cost per record of responding to a breach may be high, its nowhere near the potential cost of lawsuits resulting from said breach. And achieving compliance appears to provide a liability shield.

via Is Compliance the New Security Standard?.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: