
The term “The Security Poverty Line,” has been used as early as 2011. The concept is becoming more and more of a conversation point when talking with information security professionals, especially those who have very limited budgets due to the size of the business or C-Level executives who don’t have ownership responsibility of the data that’s in their possession. Companies that must meet government regulatory compliance metrics often find themselves “security poor” and unable to afford the security they need to pass compliance requirements. These requirements may be satisfied through certain security upgrades or policies, but security professional must remember that compliant and secure aren’t necessarily synonymous.