. https://www.digitaldefense.com/blog/compliance-data-security-solutions-software-info-digital-defense/
blog article
In my years working with technology and security data in the information security industry, I’ve heard numerous people confuse the word “compliance” with “security”.  We’ve all heard the stories in the news about an organization or company that was supposedly compliant with a particular ISO or NIST program imposed on them, only to find that later on they have been breached and that they are now having to explain to auditors or examiners how the breach occurred if they were indeed compliant. Sadly, the breach often occurs because the company trusts that because they have put all of these compliance measures in place that they are now secure from all threats.  Unfortunately, this is rarely the case.  All too often the compliance measures that they’ve implemented, don’t mesh with the security practices that they have or don’t have, in place. Wait, aren’t Compliance and Data Security the Same Thing? Dictionaries define compliance as adherence to a given set of rules or requirements, often set by a group or a regulatory body (FDIC, HHS, etc.). READ MORE