Tom Olzak

Patchwork Security Regulations: Politics as usual

In Uncategorized on July 6, 2015 at 04:00

In an article for SearchSecurity, Mike Chapple writes about the potential for states to begin passing their own information security laws.  I agree with him that a patchwork of local and state laws could present a big problem.  But there is also another issue here: politics as usual.

We have enough regulations on the books, and the vast majority of large companies follow them.  Although no organization can block all breach attempts, our politicians take opportunities like the Anthem breach to make it look like they’re doing something about the problem.

“Doing something” usually translates into legislating or bureaucratic regulating.  Over time we end up with a quagmire of laws and regulations, most of which are redundant or reflect lack of technical understanding.  The real effects are felt by organizations or individuals who have to contend with disparate compliance challenges.

%d bloggers like this: