An Analog to Security and Compliance: The Wonder Twins [source: tripwire]
by CIRT Team
Security and compliance are two sides of the same coin, although they are often seen as adversaries. The truth is, much like the 1980s power siblings, the Wonder Twins (whose powers only functioned when their fingers touched), they work hand-in-hand to shore up your information security better than any other combination.
COMPLIANCE IS KEY
Regulatory compliance is instantiated as a gateway to security through following relevant protocols. In particular, if you conduct credit card transactions of a certain volume, then PCI DSS helps let other vendors and customers know how secure their interactions with you are.
HIPAA, somewhat similarly, protects sensitive patient data (when the healthcare industry is involved) and network, physical and process security when other industries are concerned.
The point is, compliance lets businesses know that you take security seriously, which grows the confidence that business partners and consumers have in your services. The reliability conferred is similar to creditworthiness; it’s a measure of the responsibility you take in your infrastructure and business practices.
For more, click here.