The State of Cyber Security Regulations – A Brief

by Natsuya Uesugi

Cybersecurity is coming front and center with the latest round of attacks that seem more pervasive every day. From data breaches at banks, social media firms and some of the larger attacks on global companies, the security posture and need for regulation has just grown over the last two years.

Cyber security regulation includes drivers and directives to protect information technology, computers systems and network infrastructure. These regulations provide guidelines and initiatives that companies and organizations need to follow to ensure their systems and information are protected. dDOS (Denial of Service), unauthorized access, phishing, viruses and worms as well as control system attacks are all actions that can cause harm. Regulations hope to stem the tide of this destruction and prevent cyberattacks.

Regulation between government and private sector hope to force changes and improvements in cybersecurity and focuses on firewalls, anti-virus software, prevention, encryption, and intrusion detection. The industry has determined the heightened risk and examined the need for more stringent rules.

Currently rules such as the Health Insurance Portability and Accountability Act (HIPAA), the Homeland Security Act and Gramm-Leach-Bliley Act govern healthcare, financial institutions and government agencies. Policies and procedures are required by companies in these industries to comply with the laws which mandate guidelines on information security.

The federal government along with state governments have also looked at non-public information as details that are considered Highly Confidential, such as social security number, credit card numbers and driver’s license numbers. Breaches in these areas need to be reported by state rules and cybersecurity failures give companies the impetus to secure systems. Regulations give companies a guidelines for investing in cybersecurity proactively to safeguard their reputation, assets and image.

Law enforcement has been playing catch up when it comes to cybercrimes and its consequences. Reporting data breaches and letting consumers know when personal information has been compromised helps to make people aware of the dangers of identity theft.

More needs to be done in the cybersecurity space to protect against the ever present threats and the modernization of attacks. With each passing week, more and more companies are finding themselves targets. Individual consumers are also at risk from everyday activities like using email and social media sites. The threats are ever changing and becoming more sophisticated.

Next time we will look at some of the precautions individual users can take to protect themselves from cyber threats online and in social media.