Regulations are still necessary to compel adoption of cybersecurity measures – Malware News – Ma…>
ZD Net – Eileen Yu
Regulations are crucial to ensure that organizations are compelled to enhance their cybersecurity defenses.
Singapore has released companion guides to help organizations, including small- and mid-sized businesses, understand the risks associated with using cloud services and what measures they and their cloud providers need to take to secure cloud environments.
These guides aim to promote the adoption of national cybersecurity standards and provide specific guidance for cloud environments running on Amazon Web Services (AWS), Microsoft, and Google platforms.
The guides outline organizations’ responsibilities and steps they should take to protect their cloud environments, including staff training and monitoring of cloud services.
They also address the shared responsibility between organizations and cloud providers in cloud deployments, aiming to reduce misconfigurations, malicious attacks, and data breaches.
The guides were developed in collaboration with AWS, Microsoft, and Google.
Additionally, Singapore is expanding its national security labeling initiative to include medical devices due to the increasing cybersecurity risks associated with connected medical devices.
The initiative aims to motivate manufacturers to embed security into their product design and enable healthcare operators to make informed decisions regarding device usage.
The labeling scheme will involve various assessments, including software analysis, penetration testing, and security evaluation.
While these initiatives and best practices are valuable, industry experts suggest that clear regulations are necessary to ensure compliance and drive the industry toward specific outcomes.
Such requirements may include patch management strategies and robust monitoring systems, accompanied by roadmaps for implementation.
Governments can enforce industry requirements and penalize vendors that fail to comply, facilitating the establishment of regulatory frameworks to safeguard organizations and citizens.
As cyber threats continue to grow, particularly in operational technology (OT) sectors, governments are helping navigate these challenges.
OT sectors require different management approaches from traditional IT infrastructures, and measures such as clear inventory of systems, secure third-party tools, and comprehensive visibility across the supply chain should be implemented.
Governments can enforce contractual agreements and penalize non-compliance to push industry players toward better cybersecurity practices.
In conclusion, regulations, along with collaboration between governments, device manufacturers, and security players, are vital to establish robust cyber resilience in the face of evolving threats in cloud environments, medical devices, and operational technology sectors.
Link: https://www.zdnet.com/article/regulations-still-necessary-to-compel-adoption-of-cybersecurity-measures/#ftag=RSSbaffb68
Regulations are still necessary to compel adoption of cybersecurity measures – Malware News – Ma…
Categories:
Tags: