Posted: October 28th, 2022

Security v. compliance | Computer Science homework help

One of our first modules pertains to why and how we need to build a proactive information security program. Some of our requirements flow down from client contracts, others are regulatory obligations, and the rest are “best practices” that an organization should meet in order to fulfill a fiduciary obligation (reasonable and ethical). This of these as a grid or framework of what and how your information security program must do. The objective is to build a program that accomplishes these requirements. One contract may say “review sources of information security relevant data for indication of intrusion or attack on a weekly basis”, another may ask for a “daily review”. You always choose the most stringent requirement so you can maintain a level of “comfortable compliance”. If you or your people are reviewing your intrusion prevention systems, log aggregation tools, anti-malware dashboards, etc. on a “continuous basis”, you’re comfortable compliant with the most stringent requirement and far exceeding the others. 

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

The Payment Card Industry’s (PCI) Data Security Standard is one of the most common contractual security drivers; it applies to almost all organization that process, store, or transmit credit card data. Please review the first document linked below, and skim the second (no need to read them in their entirety): 

https://www.pcisecuritystandards.org/pdfs/pcissc_overview.pdf (Links to an external site.)

https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf (Links to an external site.)

 

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

To start off, I’d like to get your response to the following four questions:

1. What are your initial thoughts about the seemingly straight forward six goals in the first link compared to 75 pages in the second?

2. Do you have any experience with PCI? Have you worked for an organization that dealt with PCI? HIPAA? SOX?

3. What’s your perspective on “compliance” versus “security” or risk reduction?

4. If any organization meets the PCI compliance / security standard, should they be considered “secure”?

Expert paper writers are just a few clicks away

Place an order in 3 easy steps. Takes less than 5 mins.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00
Open chat
1
Order through WhatsApp!
affordablepaperwritings.com
Hello!
You Can Now Place your Order through WhatsApp

Order your essay today and save 30% with the discount code DISCOUNTS2022