Compliance Impact on Intrusion Detection

Intrusion detection, despite being declared dead by a Gartner analyst in 2003, remains alive and kicking in 2007…almost 2008. Actually, not only is it still around and being used in various forms by many organizations, it is actually mandated by some security regulations and standards. In this Computerworld article, Dr. Anton Chuvakin takes a look at the state of intrusion detection as it relates to security compliance. Exploring FISMA, HIPAA, and PCI DSS, Chuvakin spells out the intrusion detection requirements of each. Where things get tricky, or sticky, for some organizations is where the standards and regulations meet. Organizations that fall under HIPAA, and SOX, and PCI DSS, etc. have to compare and contrast the requirements to make sure the security they implement meets all requirements simultaneously and that there are no overt conflicts. Check out Intrusion Detection in the Age of Compliance for more information.