THE IT SECURITY PROFESSIONAL |
Barlowtek
The It security Pro
Helping Organizations Understand IT Security
&
Best Practices
With the growing amount of oversight provided by various governmental agencies both in the US and in Europe, we are seeing an increase in the scope of compliance that a business has to comply with. Whether it is in healthcare or finance, all organizations process and utilize information in various ways, but it is becoming more important to the end consumer or user that the data is protected from possible threats. Compliance Landscape IT Security has become a field where we are dealing with the compliance landscape that not only crosses state and provincial lines, but also international boarders as well. In addition, with the increase in global commerce, businesses that were dealing with local regulations are now finding themselves dealing with international regulatory agencies that can level severe fines against them. This is especially true in the US in the State of California where they continue to pass progressive legislation that penalizes data processors or users if they experience a breach, or in California’s laws, how they particularly use the data. This has caused quite a patchwork of laws and regulations to emerge in the technical space, as the various jurisdictions respond to their constituent’s calls for more regulation. Vulnerabilities Abound In addition to the regulations that seem to pop-up overnight in some instances, there continues to be emerging vulnerabilities that provide a robust threat landscape from which data can be acquired. The regulations aim at addressing these issues and at the same time helping the public protect their data. No matter the reason, threats and attacks can come from any direction, or happen at any time. Where the regulations seem to help, is by making sure that companies are actively doing the right thing by employing industry best practices. Businesses have issues with the following areas:
Sensitive Information
The key reason that the majority of regulations have been developed is the need to protect sensitive information. Whether this is PII (Personally Identifiable Information) or credit card data, there has been a growing need to have this information more regulated than it is currently. This is especially true since the information provided in these circumstances can have such a huge impact on the end consumer. As an IT Security Professional, it is our responsibility to help to protect this data as much as possible. Additional regulations are also taking into consideration the individual employees of organizations that have a responsibility for protecting the information as well. Holding them individually responsible or criminally negligent if there happens to be a breach and they were to have been found to be negligent in the work they were responsible for. This additional scope of these new laws can put a company’s technical staff squarely in the cross-hairs of their regulatory agencies. Summary In recent months, it has come out that large technology firms are selling individuals information without their knowledge or consent and then profiting from that data. This in turn has caused a flurry of talk in Washington D.C. on Capitol Hill about how best to regulate these industries. Whether it is through the local governments or through national or international regulatory agencies, more regulations are coming. For a business that processes or stores sensitive data, it can mean that they handle the information differently than they have been. Nevertheless, addressing all of the shortfalls will go a long way in securing the company and your customer’s data. This can lead to not only cost savings overall, but also help to reduce any potential fines as well.
0 Comments
Your comment will be posted after it is approved.
Leave a Reply. |
IT Security ProSecuring the future one byte at a time! Mr. Barlow is here, staying ahead of the curve in Information Security Leadership. Ready to help your company stay safe and secure. Categories
All
Archives
January 2023
|