From: Charged Affairs
A single agency may help with coordination, but the major focus should be on the regulations and what the government is empowered to enforce. The state of New York is implementing a new set of cybersecurity regulations for major financial entities regulated by the Department of Financial Services. Compliance includes requirements for the appointment of a security officer responsible for data protection and the creation of a cybersecurity program. The problem is that the penalties for violating the law are unclear. The European Union (E.U.) has implemented the General Data Protection Regulation (GDPR), imposing privacy regulations on companies that seek to do business with or cover citizens of the E.U. Most importantly, penalties are strict, with fines of up to four percent of global annual revenue.