| Although the Sarbanes-Oxley Act of 2002 is starting to gain the attention of corporate executives, the fact is that it is part of a trend in increased regulatory attention given to information security. The world is in the midst of a rapid rate of change that continues to accelerate. As the way we do business continually changes (rapidly), people with mischievous or malicious intent continue to find new ways to circumvent regulations and cause harm. In turn, regulators continue to try to find ways to find legal ways to thwart the violators.
Early regulations regarding the "cyber world" were focused on the perpetrators. This trend was started by the Computer Fraud and Abuse Act that was first enacted in 1984, amended in 1994 and 1996, and amended again by the Patriot Act in 2001. The regulation made unauthorized access or transmission of data an illegal act for the perpetrator.
Legislative attention started to expand to service providers (primarily in the financial community) around the turn of the century. Click here for more details on the trend.
The key federal legislations related to information security are:
|
