The Need for Cybersecurity Regulations

Why We Need Cybersecurity Regulations

A robust cybersecurity policy is essential to monitor and address critical risks. These include data breaches, phishing, malware attacks, and so on that could impact a nation.

Dangers Posed By The Lack of Cybersecurity Regulations

One example of the dangers of lack of guidance is the DarkSide attack on Colonial Pipeline. The CEO of Colonial Pipeline testified in a hearing before the Senate Homeland Security and Governmental Affairs Committee, revealing that there was no guidance in place to deal with a potential ransomware attack before the attack in May 2021.

Existing Cybersecurity Laws and Enforcement

At present, cybersecurity is addressed through specific initiatives targeting sectors. The Federal Trade Commission is responsible for the prohibition on unfair and deceptive practices and enforces minimum security requirements for user data protection.

Why There is More to be Done

Existing sector-specific laws leave a lot of loopholes. Maintaining minimum security is not enough anymore, and companies need to be prepared for attacks and should have mitigation and risk management practices in place. It is the responsibility of a government to protect its people and their data. Such a responsibility requires the enforcement of laws.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store