Information technology (IT) security is indispensable to an organization's ability to conduct business and achieve its objectives. With regulatory compliance and industry data security standards dominating many of these business objectives, confidential data protection comes to the forefront of IT security. Requirements vary among industries, geographies, and regions, but themes of privacy and breach disclosure recur across these regulations. And as regulators keep pace with business and technology, requirements become more
specific - such as encryption of records to enforce confidentiality and avoid breach disclosure.
This paper provides an overview of the regulatory landscape and identifies steps to take for defining an effective compliance strategy.