What's Happening?
A survey conducted by the Chartered Institute of Information Security (CIISec) reveals that 69% of cybersecurity professionals believe current laws are insufficiently strict. The survey highlights the impact of recent regulations such as the EU AI Act, DORA, and NIS2, which have influenced the cybersecurity landscape. Respondents emphasized the need for senior management to be held accountable for breaches, with 91% suggesting that boards should bear responsibility. The survey indicates a shift towards making senior leadership personally liable for cybersecurity infractions, aligning with new laws like NIS2 and DORA.
AD
Why It's Important?
The call for stricter cybersecurity regulations reflects growing concerns about the adequacy of current laws in protecting against cyber threats. As cyber incidents become more frequent and severe, the demand for accountability at the senior management level underscores the need for comprehensive security strategies. This shift could lead to more robust regulatory frameworks, enhancing the overall resilience of organizations against cyber attacks. The emphasis on board-level responsibility may drive changes in corporate governance, prioritizing cybersecurity as a critical component of business operations.
What's Next?
The survey results may influence policymakers to consider more stringent cybersecurity regulations, potentially leading to legislative changes that hold senior management accountable for breaches. Organizations might need to adapt their security practices to comply with evolving regulations, focusing on board-level engagement and risk management. As the Cyber Security and Resilience Bill progresses, its provisions, such as banning ransomware payments and mandatory incident reporting, could further shape the cybersecurity landscape.
