Chapter 2. Information Security and the Law
Information security law is one of the key drivers of auditing in businesses today. Most companies agree that auditing security is a good idea, but actually doing it on a regular basis requires a commitment of resources and time that could easily be set aside for other projects. After a long string of high-impact security failures in business, security has shifted from a voluntary discipline to one that is required by law. Compliance to federal and state laws is enforced through fines, and, in some cases, jail time. In addition, the payment card industry created standards that address security requirements for anyone who processes credit cards as part of a business. If you don’t comply, you can’t accept ...
Get Network Security Auditing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
