- The government's role in cybersecurity…is a little bit of a tricky one.…It's certainly the government's responsibility…to protect the public interest.…What we have here in the United States…is a situation where we have a patchwork of law…that sometimes conflict with each other…and certainly lead to confusion in information security.…We have different law for personal health information.…We have HIPAA, the Health Insurance Portability…and Accountability Act.…We have laws for financial institutions,…like Gramm-Leach-Bliley.…Publicly traded corporations are covered…under Sarbanes-Oxley.…
There are non-legal regulations as well.…Things like the Payment Card Industry…Data Security Standard, PCI DSS.…We're left with this alphabet soup of regulations…and it really can be very confusing…from a security perspective, because many organizations…are subject to two, three, four, or more of these laws…at the same time, and security professionals are left trying…to sort that out and figure out how do the controls…that we're putting in place map back…
- How does one break into the cybersecurity field?
- What are the various career tracks?
- How do organizations prevent a security breach?
- What are the compliance issues?
- Who is responsible for security in the cloud?
- How does IT security impact other business divisions?
These are the kinds of insights that can help you explore a new career, focus on a course of study, or even prepare for an interview.
- Recognize the priority levels of the different types of cybersecurity risks.
- Recall three common responsibilities for cybersecurity professionals.
- Identify strategies for minimizing the impact of a security incident.
- Name three cornerstones of the information security profession.
- Explain the primary objective of cybersecurity professionals.
- Determine when it is appropriate to utilize encryption to protect information.