Why Is Cybersecurity Important
Many expects have voiced their concerns about cybersecurity. The growing rate, sophistication and impacts of attacks on information systems that have happen in the United States consensus have built a framework for cybersecurity. The Federal role in cybersecurity includes assisting in protecting the organizations systems that are nonfederal and federal. This Individual Assignment will discuss cybersecurity laws, The Sarbanes-Oxley Act. Cybersecurity regulations, legal concepts, the reasons and methods of government interventions, the impacts and effects cybersecurity has on national security, and how the federal and state regulations create positive and negative effects for national security.
Cybersecurity Laws Cybersecurity …show more content…
has a couple of laws that are applicable broadly, such as the
Sarbanes-Oxley Act (SOX), Payment card Industry Data Security Standard (PCI DSS), Federal Rules of Civil Procedure (FRCP) just to name a few.
You also have international laws that include Personal Information Protection and Electronic Documents Act (PIPED Act, or PIPEDA), in Canada the Law on the protection of Personal Data Held by Private Parties, and in Mexico the European Union Data Protection Directive; Safe Harbor Act. (CSO 2012)
Sarbanes-Oxley Act This act was passed in 2002, and is intended to guard investors and the public by increasing the accuracy and reliability of corporate disclosures. (CSO 2012) Management, public accounting firms and the U.S public company boards are all affected by the Sarbanes-Oxley Act. Arranged in 11titles, but as far as compliance the important sections are considered 302,401,404,409, 802 and 906. The SOX Act not only has an impact on the financial side of corporations but also the IT departments that store the corporations records that are …show more content…
electronic.
Regulations
Cybersecurity regulations purpose is to make organizations and companies protect their network, information and systems from cyber-attacks. Cyber-attacks include worms, viruses, phishing, Trojan horses, Control systems attacks, denial of service (DOS) attacks, unauthorized access which is stealing intellectual property or confidential information. There are many countermeasures that available to avoid cyber-attacks. Cybersecurity measures include anti-virus software, firewalls, prevention systems, intrusion detection, login passwords and encryption. Federal and state governments in the United States have made an effort to improve cybersecurity with regulations and combined effort amongst private sectors and the government to encourage the improvements to cybersecurity.
With there being federal cybersecurity regulations in place, the impact on national security is that, some companies aren’t able to afford to put the required federal standards in place, due to the government regulations. HIPPA for an example requires a certain security and procedure standard for personal healthcare information. Smaller companies that are getting involved in healthcare may not meet the expense of being able to afford a team to implement HIPPA. All of the standards must be met or fines will be charged for violation of HIPPA, which pushes the healthcare companies to have to choose on either to improve healthcare or pass the savings to patients or face certain penalties for not complying with the federal government.
There are serious effects on national security, which depends on the compliance level of private sectors.
Meeting on a small amount of requirements would leave vulnerabilities and could be very bad, bad as not implementing security standards. An example of a private sector is target, target met the minimum requirements that lead them to a breach and having to send out notification letters and free credit monitoring. This would be considered minimum effort. Even surpassing requirements can lead to funds being cut in other parts of the company that were protected. Apple is an example of surpassing the government standards. Apple has gone completely over the top by encrypting its smartphones so that the FBI can’t unlock them, even if there is a terrorist involved. I do somewhat agree with apple a little about not making another version of the IOS 8 operating
system.
Cybersecurity Laws Cybersecurity …show more content…
has a couple of laws that are applicable broadly, such as the
Sarbanes-Oxley Act (SOX), Payment card Industry Data Security Standard (PCI DSS), Federal Rules of Civil Procedure (FRCP) just to name a few.
You also have international laws that include Personal Information Protection and Electronic Documents Act (PIPED Act, or PIPEDA), in Canada the Law on the protection of Personal Data Held by Private Parties, and in Mexico the European Union Data Protection Directive; Safe Harbor Act. (CSO 2012)
Sarbanes-Oxley Act This act was passed in 2002, and is intended to guard investors and the public by increasing the accuracy and reliability of corporate disclosures. (CSO 2012) Management, public accounting firms and the U.S public company boards are all affected by the Sarbanes-Oxley Act. Arranged in 11titles, but as far as compliance the important sections are considered 302,401,404,409, 802 and 906. The SOX Act not only has an impact on the financial side of corporations but also the IT departments that store the corporations records that are …show more content…
electronic.
Regulations
Cybersecurity regulations purpose is to make organizations and companies protect their network, information and systems from cyber-attacks. Cyber-attacks include worms, viruses, phishing, Trojan horses, Control systems attacks, denial of service (DOS) attacks, unauthorized access which is stealing intellectual property or confidential information. There are many countermeasures that available to avoid cyber-attacks. Cybersecurity measures include anti-virus software, firewalls, prevention systems, intrusion detection, login passwords and encryption. Federal and state governments in the United States have made an effort to improve cybersecurity with regulations and combined effort amongst private sectors and the government to encourage the improvements to cybersecurity.
With there being federal cybersecurity regulations in place, the impact on national security is that, some companies aren’t able to afford to put the required federal standards in place, due to the government regulations. HIPPA for an example requires a certain security and procedure standard for personal healthcare information. Smaller companies that are getting involved in healthcare may not meet the expense of being able to afford a team to implement HIPPA. All of the standards must be met or fines will be charged for violation of HIPPA, which pushes the healthcare companies to have to choose on either to improve healthcare or pass the savings to patients or face certain penalties for not complying with the federal government.
There are serious effects on national security, which depends on the compliance level of private sectors.
Meeting on a small amount of requirements would leave vulnerabilities and could be very bad, bad as not implementing security standards. An example of a private sector is target, target met the minimum requirements that lead them to a breach and having to send out notification letters and free credit monitoring. This would be considered minimum effort. Even surpassing requirements can lead to funds being cut in other parts of the company that were protected. Apple is an example of surpassing the government standards. Apple has gone completely over the top by encrypting its smartphones so that the FBI can’t unlock them, even if there is a terrorist involved. I do somewhat agree with apple a little about not making another version of the IOS 8 operating
system.