With the federal government entering into the space of breach laws can organizations still play around with security practices? What is the standard acceptable best practice for security in any sized organization and where is the burden placed as businesses and non-profits move more of their infrastructure into the cloud? These are all questions that we as security professionals need to be asking.