What is it?
A set of rules, usually backed by a legal mandate, that control an activity or environment and provide a means for compliance to be inspected and enforced.
Why is it important?
The internet is an ever-changing environment where the rules are constantly being amended and updated as new technologies emerge. Regulations attempt to control the technological environment and the human behavior associated with it.
Why does a business professional need to know this?
The internet, being a relatively new and rapidly evolving environment, has been perceived as inherently devoid of control in its creation and, therefore, a space of perceived freedom. Freedom and control can be seen in both positive and negative lights. They present a double-edged sword; controlled environments may actually allow for more freedom, whereas free environments may encourage a lack of control and, therefore, chaos. The existence (or lack) of safety and security is a preoccupation for many, both personally and professionally.
In reality, the web environment has always been subject to control. There are many ways to regulate an environment: by law, through social norms, through market forces, or by imposing physical and logical constraints. Each of these has been applied to the internet.
In a business context, it is important to understand what is behind the setting of new rules and norms online and to know how those changes will affect us, either directly or indirectly(CSO 2012). Of course, as business professionals, we need to be prepared for new political, environmental, sociological, technological, legal, and economic factors that might have an impact on our organization. We must be prepared to adjust our business practices to react to new regulations related to cybersecurity.
- (CSO 2012) The security laws, regulations and guidelines directory: CSO Magazine (2012). An international compendium of security laws, regulations, and guidelines with summaries and links to the full text of each law.