#37 - Cyber Security Laws & Regulations

CISO Tradecraft® - En podcast af CISO Tradecraft® - Mandage

Kategorier:

On this episode of CISO Tradecraft, you will hear about the most prominent Cyber Security Laws and Regulations: The Health Insurance Portability and Accountability Act (HIPAA) advocates the security and privacy of personal health information Administrative Safeguards Physical Safeguards Technical Safeguards The Sarbanes-Oxley Act (SOX) is designed to provide transparency on anything that could cause material impact to the financials of a company Cyber Risk Assessment Identify Disclosure Controls and Policies Implementing Cyber Security Controls Using a Reliable Framework (NIST CSF / ISO 27001) Monitor and Test SOX Controls The Gramm Leach Bliley Act (GLBA) requires Financial Institutions to protect Personally Identifiable Information (PII)  The Federal Information Security Management Act (FISMA) requires executive agencies in the federal government to address cyber security concerns Plan for security Assign responsibility Periodically review security controls on systems Authorize systems to Operate The Payment Card Industry Data Security Standards (PCI-DSS) is a framework required to protect payment card information The General Data Protection Regulation (GDPR) - Data Compliance and Privacy law for European citizens Consent Data Minimization Individual Rights The California Consumer Protection Act (CCPA) - Data Compliance and Privacy law for California residents.  This law provides Californians the right to know what data is collected or sold, the right to access data, the ability to request its deletion, and the ability to opt out of it being collected or sold. The Cybersecurity Maturity Model Certification (CMMC)- combines various cybersecurity standards and best practices and maps these controls and processes across maturity levels for Department of Defense contractors.

Visit the podcast's native language site