Growing number of Americans now feel that state and local governments should increase their cybersecurity spending and do more to protect data from cyberattacks, similar to that which crippled the city of Atlanta in March 2018.
The New York Department of Financial Services (NYDFS) Cybersecurity Regulation blazed a trail in 2017, forming the basis for similar laws for other industries in other states. Currently, the regulation serves as a useful model for managing cybersecurity risks, regardless of industry.
According to U.S. Director of National Intelligence Dan Coats, the U.S. is at “a critical point.” With Russian hackers breaking into the U.S. power grid and gaining access to utility control rooms, they have the opportunity to “throw the switch”, plunging the nation into darkness and chaos.
LabMD may have won an appeals case against the FTC, arguing that regulations regarding their cyber security practices were too vague to allow for prosecution, but every organization needs to be warned that the FTC could be coming for you next.
California is now leading the charge to beef up the cyber security features of connected devices by banning weak passwords, forcing device manufacturers to supply a unique password or force a password change on startup.
Apparent trend toward heavy government regulation of personal data collection has tech industry titans discussing support for a federal privacy law so that the industry-supported legislation contains terms that are as friendly to them as possible.
GAO audits carried out between fiscal years 2012-2017 have discovered significant cyber vulnerabilities in the U.S. Department of Defense’s top weapons systems, reflecting a misguided approach that does not take into consideration basic cyber security.
The days of federal privacy laws coming to Silicon Valley may happen sooner than you think. In a much-publicized keynote speech given at the 40th ICDPPC in Brussels, Apple CEO Tim Cook gave his full-throated support for laws that would be at least as stringent as the EU GDPR.
Recent PwC survey results indicate that half of respondents were not confident that their organizations would meet the 2020 deadline for CCPA compliance. What are the lessons learnt from the GDPR compliance exercise that can help companies approach CCPA and other upcoming requlations?
The FTC is a shadow regulator on cyber, and it is impacting what businesses must do about cybersecurity. Most troublingly, it is doing so without clear standards and in apparent self-denial. This may have wide-ranging ramifications for the future of self-driving cars.