PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
October 2009

Tony Spinelli: Prioritize Information Security over Compliance

Business leaders and chief security officers take note: when it comes to risk mitigation, compliance alone is not enough to protect your enterprise. It takes a broader security strategy--of which compliance is a part of the whole--to hit the high-water mark. In fact, those organizations that focus on security first to become compliant are seeing greater business impact. Instead of focusing solely on meeting compliance benchmarks, these companies are changing the way they achieve a high-water mark for security performance. Let's face it, we are entering an era of tighter statutory requirements and rapidly changing regulations. But focusing solely on statute requirements can lead to a disjointed strategy that is neither comprehensive nor aligned with business goals. While compliance mandates are often used to drive security investments, compliance by itself does not ensure a company's security posture. And while compliance cannot be the sole focus of a security strategy, technology by itself cannot safeguard an enterprise. ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue