DFARS D041 balancing act

Cyber regulation and compliance is a rapidly developing field

Governments need to show stronger leadership for cyber regulation. “The government needs to get involved… there will be more regulation of the tech sector”, Bill Gates, co-founder of Microsoft, said in October 2019 to the Bloomberg news agency.  A bit earlier, Facebook founder and CEO Mark Zuckerberg publicly voiced the same idea.  The regulatory road in the tech space will be an inevitable one for all governments and corporates to follow.  Our dependence on technology and data has driven the cyber market and with technology playing such an important part of our lives, more state level regulation will follow.

Regulation has a habit of following changes in circumstance. The regulatory environment changed across financial markets in response to the financial crisis in 2009 with Basel II and III.  Cyber/ data regulation is already developing but it is sporadic, a mix of state or sector specific rules. GDPR is an example of standardised data regulation, the US DoD CMMC programme aims to embed cyber security controls into the US DoD global supply chain and the Chinese internet security law mandates companies secure their networks, prevent data leaks and thefts and report incidents.

Regulation brings certainty, standardisation, rules and inevitably the mechanisms to align corporate strategies and operations with government priorities such as protection, economic stability and healthcare.

Article from Modern Diplomacy (2020)

About CMMC Europe

Experienced cyber security professional with 20 years experience as CISO and global head of cyber risk. Advising boards of Engineering and Manufacturing, Publish and Media and Financial Services meet and maintain cyber risk management and regulatory compliance.

Leave a Comment

Your email address will not be published. Required fields are marked *

I accept the Privacy Policy