DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Software Design and Architecture
  3. Security
  4. Do New Cybersecurity Regulations Affect You?

Do New Cybersecurity Regulations Affect You?

The number of cyberattacks that occur in the United States are increasing every year. Will governmental regulations help to ease the onslaught?

James Lee user avatar by
James Lee
·
Apr. 28, 17 · Opinion
Like (1)
Save
Tweet
Share
3.41K Views

Join the DZone community and get the full member experience.

Join For Free

The progress of technology has always outpaced public policy. Steam locomotives had been delivering goods and passengers on British railroads for nearly two decades before Parliament passed the first set of railroad acts. The US Congress didn’t pass laws until after the Civil War.

Cyber Security RegulationsMore recently, the state of California enacted a mandatory consumer notice of when personal data is breached back in 2002. The European Union passed a breach law in 2009 – Congress has yet to set a US standard. That leaves the citizens of Alabama and South Dakota to fend for themselves as their legislators have yet to enact any breach law at a time when cyberattacks are at an all time high.

Crafting laws and regulations that attempt to address technology driven issues are notoriously difficult to write. Since the advent of Moore’s Law1 and the Kami Corollary2, technology moves at a pace that even the most devoted of policy wonks struggle to keep up with the pace of change.

Yet, events occur every so often that cry out for government action to help put some boundaries around ever advancing technology. According to the non-profit Identity Theft Resource Center, there have been more than 7,100 publicly disclosed breaches in the US alone since 2005. The rate of reported breaches grew 40% year over year in 2016.

And cyberattacks are not just a large enterprise issue. According to the National Cybersecurity Alliance and US Senator John Thunder (R-SD), 60% of small business are forced to close their doors after a cyber breach.

The rate and severity of breaches continues to increase at the same time we’re seeing more and more complex software solutions enter the marketplace. Virtually every organization from the corner drug store to the largest global business relies on web-enabled applications. Some are public and some serve only internal processes, but they all have one thing in common – software flaws that malicious hackers can exploit.

It’s against this background that New York State regulators have enacted new policies and two bipartisan groups of US Senators have proposed legislation to help protect consumers and the businesses that serve them. Considered to be a model for other states to follow, new regulations from the New York Department of Financial Services require banks, insurance companies, and other financial services institutions regulated by the department to have a cybersecurity program aimed at protecting consumers.

The regulations require written policies and procedures, the appointment of a Chief Information Security Officer, and the reporting to the Department within 72 hours of any attacks that could harm the firm’s normal operations.

In Washington, DC, Senators Mark Warner (D-VA), Jack Reed (D-RI) and Susan Collins (R-ME) have joined together to introduce a bill to encourage public companies to appoint cybersecurity experts to their Board of Directors. A separate group of Senators – John Thune (R-SD), Brian Schatz (D-HI), James Risch (R-ID), Maria Cantwell (D-WA), and Bill Nelson (D-FL) – have introduced legislation to increase the support available to small businesses to help respond to cyber threats.

It’s a given that traditional approaches to cybersecurity are failing to address the complex nature of today’s threats. New approaches and new technologies are required – like Waratek’s Application Security Platform – that offer instant protection from known and unknown vulnerabilities at the application layer without the negative side effects of heuristic-based approaches:  high false positives, negative performance impact, labor intensive tuning, and costly code changes.

Application security IT Law (stochastic processes) philosophy Personal data Small business Information security consumer Software

Published at DZone with permission of James Lee, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • A Brief Overview of the Spring Cloud Framework
  • ChatGPT Prompts for Agile Practitioners
  • Load Balancing Pattern
  • Top 5 Node.js REST API Frameworks

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: