If, as the saying goes, “necessity is the mother of invention,” then one could argue that “risk of exposure is the meddling and persistent mother-in-law of compliance.” Right alongside the current breakneck pace at which technology moves and evolves is the ever-present possibility of new risks, or chances of exposure from countless sources (internal and external) with equally innumerable motives.
Industry Risks Are Tied To Problem Solving Technology
These risks, and the potential for exposure they present, also come with new regulations and modifications from state, federal, and industry bodies. Technology that serves particular industries for a specific purpose are often at increased risk over others. Take, for example, identity theft in the United States rose to 5% (12.6 million people) of the adult population in 2012. Unsurprisingly technologies that deal with personal information (i.e. that contain a database) or financial transactions are at the highest end of the “risk” spectrum.
Accordingly, the Payment Card Industry Data Security Standard (PCI DSS) was created in 2006 to tighten controls around credit card owners, and ultimately combat and reduce exposure to fraud and identity theft. Since its inception, organizations seek to implement systems, technologies, and processes to comply with PCI—but this has proven to be a moving target.
Building A Flexible and Strong System
In August, a draft of the updated 3.0 version of PCI was released, which seeks to add further controls for credit card transactions to combat the advancements in cyber fraud and identity theft. For organizations seeking to implement a system to comply with the PCI mandate, the question is this: “Will this system be adequate and relevant when new compliance mandates or changes emerge (and they will), or will it require additional costs in technology and labor?” In other words, how can organizations effectively build a foundation for a mobile home?
LogLogic Compliance Manager empowers organizations to monitor enterprise activity and risk, as well as manage and review network policies according to mandates, laws, and regulations. You can click here to view a quick five-minute demo which runs through our compliance suites and shows how the templates provided by TIBCO LogLogic are specifically defined to enable your organization to achieve consistent compliance without complexity.
