Compliance goes hand in hand with cyber security. After all, there is no point spending time, money and resources on your information security processes if a cybercriminal can easily gain access to your systems and data. In this article, we explain the basics of PCI and ISO 27001 and why penetration testing is an essential part of compliance.