March 24, 2017
The European Union’s Global Data Protection Regulation (GDPR), the EU’s most high-profile cyber regulation to date, goes into effect May 25, 2018, and is intended to bring a greater degree of data protection harmonization across EU nations.
Why pay attention if you are not running a business in the EU? GDPR applies to every company processing personal data of EU citizens, not just those inside the EU.
A recent publication by Swiss Re breaks down GDPR and compares the consequences of data breaches in Europe with the U.S. and looks at the EU approach to cybersecurity regulation.
The GDPR, EU-U.S. Privacy Shield and the New York Department of Financial Services’ (NYDFS) cybersecurity rules have been indicative of the expanding frontier of cyber regulation in 2017. A recent Advisen paper, The Next Wave of Cyber Regulation, discusses these three massive cyber regulations and provides guidance on working towards operational compliance.
Finally, today, Treasury Secretary Steven Mnuchin said cybersecurity is his biggest concern for the financial sector. At an event this morning hosted by Axios, Secretary Mnuchin went on to say “This is something that requires a coordinated investment across various financial regulators through preparation as well as funding. Even within the budget, a major priority for us is to spend that on technology.” Mnuchin said he plans to use his role as chair of the FSOC to make sure that all the regulatory agencies incorporate cybersecurity in their oversight duties.