Should an equivalent of the GPDR be implemented in the US The short answer to

Should an equivalent of the gpdr be implemented in

This preview shows page 11 - 14 out of 21 pages.

Should an equivalent of the GPDR be implemented in the U.S.? The short answer to that question is yes. Over the past few years, there have been significant data breaches involving personal identifiable information (PII). In many of the cases, the individuals involved are not notified until a few months or years after the incident has occurred. One example is the Equifax breach of 2017 where almost 150 million U.S. citizens had there PII leaked. Equifax took almost 7 months to finally notify their customers of the breach. In the final report, it was found that Equifax was simply not keeping their computer systems up to date (Fung, 2018). This is a prime example of why transparent regulations like as the GPDR are needed in the US. Citizens need to be informed on how their data is being used, processed, and stored. US citizens should know what security measures are being put in place to protect their data. Equifax is just one of the many organizations that have been compromised by cyber theft. There have been various others like OPM, Target, Lord & Taylor, Uber, Home Depot; the list goes on and on. The data theft isn’t limited to PII either; credit cards, financial records, and health records 10
Image of page 11
have also been leaked. As paying customers, the citizens of the U.S. deserve to know how their information is being used. The Department of Defense (DoD) Cyber Strategy What drove the DoD to develop a cyber strategy? Three major situations drove the DoD to develop a cyber strategy. The first was the ever-increasing sophistication and severity of the cyber threat to US interests, including the DoD. Second, in 2012 President Obama directed the DoD, in concert with the DHS and other government agencies, to plan to defend the nation against cyberattacks. Third, in 2012 the DoD began to build the Cyber Mission Force (CMF) to carry out the DoD’s newly tasked mission. In April 2015, the Secretary of Defense released the Department of Defense (DoD) Cyber Strategy document. The purpose of this document was to guide the development of the DoD’s cyber forces and strengthen the nation’s cyber defense and cyber deterrence posture. Contained within the document are five strategic goals (Department of Defense, 2015): I. Build and maintain ready forces and capabilities to conduct cyberspace operations. II. Defend the DoD information network, secure DoD data, and mitigate risks to DoD missions. III. Be prepared to defend the US homeland and US vital interests from disruptive or destructive cyberattacks of significant consequence. IV. Build and maintain viable cyber operations and plan to use those options to control conflict escalation and to shape the conflict environment at all stages. V. Build and maintain robust international alliances and partnerships to deter shared threats and increase international security and stability. 11
Image of page 12
Strategic goal III, the ability to be prepared to defend the US homeland from disruptive or destructive cyberattacks and how to mitigate the impact on the privacy of commercial critical infrastructures and the private citizen, is the topic of this section.
Image of page 13
Image of page 14

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture