Legal Consequences Possible by Cybersecurity Standards Non-Compliance

With an average cost of a data breach reaching an all-time high of $4.24 million, still some companies fail to see the full picture and don't meet modern cybersecurity standards, according to Tripwire.  

Despite the fact that online threats are increasing on a daily basis, numerous firms fail to recognize the importance of proper cybersecurity. Interestingly enough, many companies are not aware that they are bound by state, industry, and international laws. Although there is no uniform national or global cybersecurity law in place, companies that fail to meet certain legislation can face legal consequences.

As cybersecurity becomes more of a serious concern, the need for online defense is starting to worry more governments around the world. Aside from the potential data loss, companies that fail to comply can face hefty fines, lost revenue, and even jail time.

Most known cybersecurity legislation across the world

The EU's General Data Protection Regulation (GDPR) is perhaps one of the most well-known data protection laws in the world. Although an European law, it also applies to some companies outside of the Old Continent. Essentially, the personal data of European consumers and partners must be stored in the EU or collected only when necessary, as otherwise noncompliers face millions of Euros fines, revoked licenses or banned operations.

A similar rule exists in China, as foreign companies that store or collect data need to follow the new and stricter security laws. While it is true that the rules do not apply to most U.S. companies, the repercussions of non-compliance are harsh and could have long-term consequences. The fines for failing to follow China's security legislation, for example, vary between $15,000 and $1.55 million. .

Back in the US, one of the most influential government cybersecurity regulations is the California Consumer Privacy Act (CCPA) that applies to some organizations outside California. Failing to comply to CCPA brings hefty fines that start with $750 for each consumer for each occurrence. In addition, if the company fails to correct the violation within 72 hours of notification, it can be fined an extra $7,500 for each violation.