Data breaches have become notorious across the media in the past few years. With the potential of lax security, businesses may end up not complying with federal laws. To that end, it may be a good idea to get familiar with these cyber security laws. As well as what is required under federal law and what is not.
A brand’s reputation and revenue can be tarnished by a data breach. It is also possible that numerous lawsuits can occur as a result. In some cases, you may also face other problems such as penalties and fees. When you work in cyber sec, there are five federal cyber security laws that you should be aware of:
Gramm Leach Billey Act (also known as GLBA) of 1999
This law is for companies that have access to private and personal financial info. This law includes standards for who has access to it as well as how it is stored and how it is collected. As these agencies hold a lot of info that must be kept private, cyber sec pros are often hired in order to input measures that will protect the info and to make sure that no risks or threats occur.
Health Insurance Portability and Accountability Act (also known as HIPPA) of 1996
This cyber security law applies to companies that have access to sensitive medical info – such as a hospital or clinic. Within the law, the medical institution will have to comply by stating how the info is shared and stored. This is key to those who that work in a cyber sec company. Especially those that are out sourced for work in a medical institution.
Cyber security Information Sharing Act (also known as CISA) of 2015
This cyber security law works with tech companies and the gov’t to share data so that any threats can be identified sooner and dealt with more efficiently. This act is key for companies that deal with a large amount of personal data. It is key to cyber sec pros as they are currently employed within these fields. And, therefore will have to have the knowledge of how to respond to threats that arise.
Federal Information Security Management Act (also known as FISMA), of 2002 is targeted at companies that deal solely with gov’t info. To comply with this law, the supplier, contractor or agency will have to explain what info is being stored. They also explain what security is in place to protect it and what risks the info has. And, they will also have to produce a water tight system security plan.
Similarly to the above acts, this is applicable to those that work as a cyber sec pro as the info held within the gov’t agencies are so sensitive, they will have to make sure that the security systems are frequently audited, risk assessments are carried out and any security updates are implemented quickly and efficiently.
Purdue University Global
- Experience world class education online!
- Purdue Global offers 180 programs at associate’s, bachelor’s, master’s and doctoral levels
- Competency-based ExcelTrack™ Programs may allow you to earn your degree faster and for less money
- Cyber Security Programs Include:
BS in Cyber Security
MS in Cyber Security Management
Graduate Certificate in Information Security