Complying with Privacy and Security Regulations: An organization’s security management policies don’t exist in a vacuum. Regulatory and governmental agencies are key components of a security management policy.
These agencies have made large improvements over the last several years to ensure the privacy of information; several laws have been passed to help ensure that information isn’t disclosed to unauthorized parties.
The following sections provide a brief overview of a few of these regulations.
As a Security professional, you must stay current with these laws because you are one of the primary agents to ensure compliance.
Not only do you need to know them for the day-to-day grind, but ComTIA also expects you to have basic knowledge of them for the Security+ exam.
NOTE: In addition to the federal law, most states have laws covering computer crime. Check with your state attorney generals’ office for specific IT legislation that applies in your state.