As we continue to see crippling data breaches, new regulations like GDPR and California’s Consumer Privacy Act will become more common. But is maintaining compliance with current regulatory laws enough to protect your business from sophisticated cyber security attacks?
It’s important to note that these two elements of corporate reality – cyber security and compliance – are two distinctly different concepts. Becoming fully comprehensive in one does not mean you are also fully comprehensive in the other. Each concept covers a separate and distinct aspect of any company’s well-being, so both require independent analysis and effort to become fully operational as a stand-alone asset. Only when each is wholly sufficient in and of itself should they be considered as evidence of sound enterprise IT governance.