Preventing the Next Data Breach
– David Kidd, director of quality assurance and compliance for Peak 10, says:
Cyber attacks are nothing new, and most in the c-suite know that it’s not a matter of if their organization’s systems will be attacked, but when. The Target® security data breach in late 2013 impacted nearly 40 million accounts, bringing the significance – and delicacy – of information security to mainstream attention. While incredibly unfortunate, this incident serves as a wakeup call to all information security professionals. The question professionals need to ask today is how will we keep data safe – continuously – from attacks next week, next quarter and next year?
Every CIO and IT systems manager will earnestly say that security is a priority. However, it’s probably one of many priorities battling for attention and funding. Outsourcing to a compliant cloud service provider can provide a tremendous advantage. Done the right way, it can improve security and reduce costs.
Payment Card Industry Data Security Standards (PCI-DSS) is the accepted, authoritative standard when it comes to protecting cardholder data. The credit card companies developed it, and they mandate that merchants comply with it. For many companies and retailers, proof of PCI DSS compliance is an ongoing compliance effort. For your cloud service partner, annual independent assessments by a Qualified Security Assessor (QSA) to validate compliance with PCI-DSS are essential. Additionally, a cloud-based provider offering a full suite of certifications can streamline security costs, while mitigating risk and eliminating the time requirement for conducting assessments in-house. Businesses that outsource to a trusted cloud provider also have the benefit of letting the provider handle licensing, maintenance, and technology refresh.
In his 2014 predictions blog, Forrester Research’s James Staten, vice president and principal analyst, Infrastructure & Operations, said that the cloud may actually be the preferable security solution. “If you’re resisting the cloud because of security concerns, you’re running out of excuses,” Staten wrote.
It’s time we turn to the cloud, and that the CSPs stand behind their promise for security – this is one step in the right direction to preventing the next big breach.
Related Video: http://www.peak10.com/blog/post/vieo-road-map-to-pci-compliance-in-the-cloud
Related SlideShare: http://www.slideshare.net/Peak_Ten/fighting-cybercrime-30013397