Have you been hacked yet? These days, it’s a matter of “when” rather than “if” when it comes to cybercrime. Organizations of all sizes and across all industries have become victims of hacking, and cybercriminals develop new methods of bypassing IT security defenses every day. During the first six months of 2017, 791 data breaches occurred in the U.S. alone, according to the Identity Theft Resource Center. That’s a half-year record high and a 29% increase compared to the same time period in 2016.
Why are states stepping in?
This spike in data breaches and exposure of sensitive personally identifiable information (PII) and protected health information (PHI) isn’t just bad for businesses. Cybercrime also has “enormous implications for government security, economic prosperity and public safety,” according to the National Conference of State Legislatures.
How many states have introduced and/or passed cybersecurity laws?
At least 42 states have introduced more than 240 cybersecurity bills or resolutions. As of October 2017, at least 27 states had enacted cybersecurity legislation, the NCSL states.
Has my state passed cybersecurity legislation or regulations?
The NCSL website has a full list available if you’d like to find out where your state stands. For example, Illinois has enacted a bill that amended the Data Security on State Computers Act. The legislation requires certain state workers to undergo annual cybersecurity training from the Department of Innovation and Technology. That training has to cover detecting phishing scams, preventing and responding to data breaches. Additionally, it must address preventing spyware infections and identity theft.
Are certain industries more affected than others by these cybersecurity regulations?
These regulations address a wide range of organizations, from government agencies to financial institutions and healthcare facilities. Organizations that handle PHI and/or PII often face higher levels of regulation and scrutiny from lawmakers for obvious reasons.
For example, in February of this year, the New York Department of Financial Services announced a new regulation that requires insurance companies, banks, and other financial institutions the NYDFS regulates to establish and maintain cybersecurity programs to safeguard consumer data.
What’s the best way to protect my business from data breaches?
The IT security threat landscape constantly evolves, with hackers becoming craftier every day. It’s crucial to adopt a proactive approach to protect your organization before a data breach even occurs. That includes regularly re-evaluating your security policies and solutions (in addition to conducting employee awareness training).
A thorough IT security assessment is a good place to start, since it will help you pinpoint your most vulnerable spots that hackers could exploit. If you’d like to learn more about best IT security practices, our expert team can offer insight and advice: Feel free to contact us by calling 877-599-3999 or emailing firstname.lastname@example.org.
Overall, cybersecurity is more important than ever for individuals, businesses, and government agencies. State legislatures have recognized that, and we’ll undoubtedly see lawmakers introduce and enact more cybersecurity bills going forward.