Skip to content

What is it?

A set of rules, usually backed by a legal mandate, that control an activity or environment and provide a means for compliance to be inspected and enforced.

Why is it important?

The internet is an ever-changing environment where the rules are constantly being amended and updated as new technologies emerge. Regulations attempt to control the technological environment and the human behavior associated with it.

Why does a business professional need to know this?

The internet, being a relatively new and rapidly evolving environment, has been perceived as inherently devoid of control in its creation and, therefore, a space of perceived freedom. Freedom and control can be seen in both positive and negative lights. They present a double-edged sword; controlled environments may actually allow for more freedom, whereas free environments may encourage a lack of control and, therefore, chaos. The existence (or lack) of safety and security is a preoccupation for many, both personally and professionally.

In reality, the web environment has always been subject to control. There are many ways to regulate an environment: by law, through social norms, through market forces, or by imposing physical and logical constraints. Each of these has been applied to the internet.

In a business context, it is important to understand what is behind the setting of new rules and norms online and to know how those changes will affect us, either directly or indirectly(CSO 2012). Of course, as business professionals, we need to be prepared for new political, environmental, sociological, technological, legal, and economic factors that might have an impact on our organization. We must be prepared to adjust our business practices to react to new regulations related to cybersecurity.

References

About Vanessa Harrison

Photo of Vanessa Harrison

Vanessa Harrison, BA (Hons), CELTA, DELTA, MBA, MSc, is a management systems consultant, course writer and associate tutor for the British Standards Institution (BSI) in the EMEA region. She specializes in ISO 27001, ISO 22301, ISO 31000, and ISO 9001. Vanessa implements and audits the aforementioned standards and teaches the same at all levels, including the lead implementer and lead auditor qualifications.

Vanessa also works with the anti-bribery standard ISO 37001, manages the risk and compliance for 2CVGB Ltd, as a volunteer, and is a member of BSI committees RM/1 and CAR/1. These committees are responsible for revising and updating risk management standards, including ISO 31000, and Vanessa represents the UK at the international level.

Term: Regulation

Email: vanessa.harrison@hatseu.com

LinkedIn: linkedin.com/in/vanessa-harrison-ba-hons-celta-delta-mba-msc-a9868b14

What is it?

A common set of rules designed to ensure interoperability between different products, systems, and organizations.

Why is it important?

Standards provide stable, long-term guidelines that products can be validated against to ensure they will operate correctly and securely with other products that adhere to the same standard. Standards reflect the best practices of experienced cybersecurity professionals.

...continue reading "Term of the Week: Standards"

What is it?

A set of mandatory requirements that apply to specific areas of an organization’s operations, including cybersecurity.

Why is it important?

Policies are important because they define the strategic intent for rules, regulations, protocols, and procedures that the organization or industry implement.

...continue reading "Term of the Week: Policy"