Regulatory requirements for Cybersecurity
Regardless of where you live there is always some law you have to follow. In kindergarten a police officer would come down and say a few words how to safely cross a street. In Poland it is mandatory to obtain a bike card when the kids reach the age of ten to ride bikes in public. To do that kids have to learn the basic principles of the traffic law. Once kids grow up to be adults, they will be able to drive a car, but the process is of course a bit lengthier and there is more law to learn. Pretty similar is with the topic of cybersecurity, however there is a little twist to that. For citizens there is no law how they should behave in the cyberspace, how to secure their devices etc. Of course, there is the criminal law which now includes penalties for misbehaviour, hacking for example. It’s funny that these days there are more free toys for hackers to play with than tools to make you cybersecure. Teens, yep, teens start their first hacking journeys by trying to brut force (guessing a password) entry to their neighbours' Wi-Fi. Another example is to break into their peers’ accounts and pull some pranks. Such actions are actually penalised and are covered by the criminal law.
For companies it is a little bit different because they have to follow a little bit different laws where ensuring cybersecurity is a requirement. Companies can get penalised but not for misbehaviour (for that also), but mostly for not behaving at all, meaning for not implementing regulatory requirements. One of those big fuss regulations that everyone heard was European Union’s GDPR (General Data Protection Regulation)...
领英推荐
Please enjoy the rest of this post here