17Cyber Legislation, Standards, and Practices: An Overview for Directors

S. David Craig, PEng, MBA, CRISC, ICDD

Retired Partner from PricewaterhouseCoopers (PwC), where he led the Cybersecurity and Privacy practice

Purpose

The purpose of this chapter is to highlight a growing trend for governments around the world to legislate cybersecurity protections. Cybersecurity is defined, legislation is discussed, governance frameworks are highlighted, and good practices for those in governance roles are given.

Content

Background
Definition
Reasons for Legislation
Legislation Moves from Personal Data to Critical Infrastructure
Cybersecurity Legislation
Cybersecurity Standards and Frameworks
Trends
Summary and Recommendations
Useful Resources
About the Author
Notes

Background

While privacy and personal information protection, especially personal health information, have been the subject of legislation globally for many years, cybersecurity legislation is relatively new. Compliance to the legislation will be a challenge for companies with immature cyber practices, and compliance to the legislation will be no guarantee against a data breach.

This legislation is being introduced in an era of increasing cybersecurity risks. Financial reward is consistently the primary rationale for attacks; however, social activists may be motivated to create operational ...

Get The Handbook of Board Governance, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Handbook of Board Governance, 3rd Edition by Richard Leblanc

17Cyber Legislation, Standards, and Practices: An Overview for Directors

Purpose

Content

Background

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly