The first bill we will be elaborating is AZ H2177 which revises provisions relating to the Regulatory Sandbox Program, revises certain definitions, relates to temporary testing of an innovation without otherwise being licensed, revises provisions connecting to the application process & demands, provides for financial products & services, requires the employment of cybersecurity measures to avoid breaches (Cybersecurity Legislation. 2018). If you’re not accustomed with the significance of the Regulatory Sandbox Program it’s a framework created by a financial sector regulator to allow small scale live testing of innovations by private firms in a controlled environment under the regulators supervision (Cybersecurity Legislation.
2018). The overall intent of the bill passing in Arizona is to ensure consumers data remains private and protected.
The next act we’ll be elaborating on was enacted in Colorado and it was implemented on September 2018. Bill 18-1128 intent is to expand existing privacy & data breach notifications laws. Under Bill 18-1128 it protects entities that maintain paper or electronics documents with personal categorizing material are to implement and maintain reasonable security procedures and practices (Wells.
, White. 2018). These entities will be required to investigate suspected security breached and when a security breach occurs, numerous notifications requirement is triggered. An example of what is considered personal identifying material is social security numbers, personal identification numeral, password, an official state or government issued driver license card number, credit card number and account numbers (Wells., White. 2018). In conclusion any data that is able to be used to obtain cash, goods, property or used to make financial payment are of high priority for Bill 18-1128.
One way to prepare for a cyberattack is by working with the Enhanced Cybersecurity Services (ECS) program. ECS manages to facilitate the protection of IT networks by offering intrusion detection and prevention services. ECS is a near real time intrusion detection and prevention capability (CISA. n.d). ECS automatically receives unclassified, delicate & classified cyber threat material & use it to protect their customers. The two services that come with the ECS is Domain Name System and email filtering which assist in blocking possible malware communications and spear phishing campaigns targeting networks (CISA. n.d). ECS provides organizations quick efficient way to receive protections that use classified data to prevent malicious communications without having to meet the otherwise burdensome requirement of maintaining secure facilities.
The agencies responsible of responding throughout a cyber-attack is the FBI and the National Cyber Investigative Joint Task Force. Both forces are responsible of coordinating a answer to an immediate cyber threat. The Department of Justice will communicate with stakeholders at an affected organization & with law enforcement to collect evidence & intelligence, stop the immediate cyber threat & start the information distribution process with the DHS (Ogrysko. 2016). When a major cyber event happens, the FBI, along with asset response teams, state local & tribal governments, non-government organizations, members of industry & other federal agencies as necessary, will respond as the Cyber Unified Coordination Group (Ogrysko. 2016). The severity of the cyber-attack will determine the quantity of agencies that will be involved.
The Department of Homeland Security is the agency accountable of helping the organization that was affected by the attack to get back on their feet. The first step is to get their system back up and running. Proceeding is to locate the actor behind the attack, repair its system, patch vulnerabilities located, and reduce the risk of future incidents & preventing the incident from spreading to others. DHS also assist in generating a federal government plan for working with industry & state, local, & tribal government to respond to major cyber-attacks (Ogrysko. 2016). In the long run the Department of Justice and the Department of Homeland Security will keep a fact sheet detailing how private organizations can contact relevant federal agencies about a specific cyber-attack (Ogrysko. 2016).
Cyber threats from malicious actors are a growing concern across the U.S Voluntary sharing of incident material within state, local, tribal & territorial (SLTT) law enforcement & the federal government is important to ensuring a safe & secure cyberspace (Law Enforcement Cyber Incident Reporting. n.d). SLTT partner are encouraged to announce suspected or confirmed cyber incidents to federal entity. A cyber incident should immediately be stated if it may impact national security, economic security, or public health & safety. If the cyber attack results in a significant loss of data, system availability or control of systems it must be quickly reported. If the cyber-attack has become so severe that no information is available within a software the SLTT will be responsible in reporting what entity experience the incident, who owns the affected systems, who is the appropriate point of contact etc. (Law Enforcement Cyber Incident Reporting. n.d).