State Legislation May Drive Federal Security Compliance Regulations in 2020
State governments are taking the lead in developing cybersecurity regulations as cyberattacks and data breaches continue to skyrocket.
There’s a huge need for privacy regulations in the U.S. as the federal government has been deficient in adopting regulations. To help drive home the need for cybersecurity policies, states are attempting to push forward some type of standard or regulation that, eventually, the federal government can adopt. Here’s what we’re seeing:
- This past year was marked by litigation and some notable fines levied against enterprises for lack of compliance with GDPR.
- In addition to GDPR, state legislation such as the California Consumer Privacy Act (CCPA), and New York’s DFS 500 are also gaining traction in states taking a proactive stance in establishing security protections.
- Rapid change to legislation in Washington and Nevada around privacy regulation in cybersecurity, which will drive federal action as states put pressure on the federal government to develop standards.
As the number of fines for non-compliance with GDPR rises, a question on some observers’ minds is whether companies missed a few key pieces of implementation or whether they are willfully disregarding GDPR, thinking the fine may be small enough to absorb.
It will be interesting to see how all this plays out as more and more individual states develop their own regulations. Eventually, the federal government will need to step up in adopting policies, as multi-state regulations required for businesses grow more complex. We’ll continue to watch this throughout the year to see what happens with regulation.
2020 is going to be pivotal for cybersecurity and privacy regulation in the U.S. Stay tuned as the team at CRITICALSTART monitors the security and privacy landscape throughout the year to see how the predictions we made at the beginning of the year related to state legislation play out.
By Jordan Mauriello | SVP of Managed Security, CRITICALSTART
February 6, 2020
SVP of Managed Security
With a diverse background ranging from penetration testing and malware reverse engineering to physical security and executive protection, Jordan possesses a unique understanding of the impact of information security. His deep technical expertise includes security event monitoring and correlation, content and rule development for SIEM tools, vulnerability research, and penetration testing.
You may also be interested in…
- Consumer Education(40)
- Consumer Stories(2)
- Cybersecurity Consulting(7)
- Data Breaches(15)
- Data Privacy(43)
- Incident Response(2)
- MDR Services(69)
- Penetration Testing(5)
- Press Release(65)
- Research Report(10)
- Security Assessments(4)
- Thought Leadership(18)
- Threat Hunting(3)
- Vulnerability Disclosure(1)