Demonstrating compliance with data protection regulations has traditionally meant expending large amounts of energy and resources to keep up with mostly familiar risks. But that’s changing. Today’s attack surface is evolving fast to include threats that most enterprise compliance programs aren’t fully accounting for. That’s partly because the regulatory bodies themselves can’t always keep pace and be explicit about every facet of coverage needed to prevent breaches.