The Cybersecurity Concerns and Measures in the US
The NCSD or the national cybersecurity division is the respective division of the office of the cybersecurity and communications assigned for the cybersecurity concerns and measures under the cybersecurity and infrastructure security agency of the US Department of Homeland Security. The NCSD was formed and opened on 6th June 2003 to ensure the us cyber security concerns and measures with specific mission of conducting risk assessment and performing vulnerability and threat mitigation measures in the assets of information technology as well as on the activities that are affecting the operation of civilian government and the cyber-related infrastructure of the private sector. In addition to this, the NCSD also extends assistance in analysing various cyber threats and vulnerabilities, helps in early warning of probable cyber-attacks, provides security breach incident response assistance for both private as well as public sector organizations.
The United States has a number of medium-specific and sector-specific national data or privacy security laws along with laws, rules and regulations in relation to telecommunication companies, financial institutions, credit report information, personal health and wellness information, telemarketing, children’s information etc. In addition to this, the US also has mechanisms, laws, rules and regulation that addresses the issues and concerns of safeguarding of data and information, data disposal, matters of privacy policies, and appropriate usages of social security numbers notification of data breach. The State of California alone has around 25 security and privacy laws along with the recent enactment of CCPA or California consumer privacy Act-2018 duly effective till 2020 January 1st.
Above all, the FTC or the US Federal Trade Commission has several jurisdictions in order to protect and prevent the consumers against deceptive or unfair trade and business practices along with unfair data security performances and practices. The FTC takes appropriate measures by issuing regulations and enforcing appropriate laws and eventually takes action for not implementing measures for data security, not abiding with the self-regulatory principles of the industry, and in the cases of transfer or attempt to transfer personal, confidential and sensitive information through a wrong transaction in the manner that is beyond the privacy policy.
Similarly, many state attorney Generals in the US are bestowed with numbers of enforcement powers over deceptive and unfair trade and business practices, along with the unsuccessful implementation of appropriate security measures as well as the violation of privacy rights of the consumers which are considered harmful for the consumers in the respective states.