Senate Bill 220, the Data Protection Act, went into law on November 2, 2018. This legislation will provide a legal safe harbor to entities that implement a specified cybersecurity program and will allow transactions and contracts recorded through blockchain technology under the Uniform Electronic Transactions Act to be protected.
It’s an affirmative approach to action relating to data breaches and applies to all Ohio businesses, forcing compliance with cybersecurity frameworks. In short, now is the time to embrace cybersecurity to protect your business, workforce, and clientele. Much of this effort starts with proper employee training.
This bill also addresses blockchain financial transactions, such as the type Bitcoin has used, which is the future of global monetary dealings.
Today’s blog sheds light on the terms within SB 220 and how you can prepare for its implementation.
What is Blockchain?
Blockchain is a distributed peer-to-peer topology system storing data on thousands of global servers. Anyone on the network can always see everyone else’s transactions in real-time, making it virtually impossible for one person to gain control of the data.
Blockchain creates unchangeable records that are time-stamped and linked to a specified user’s previous threads (a block).
It has great potential for implementation with real estate transactions, supply chain management, electronic medical records, and even voting.
What is Cybersecurity?
Cybersecurity is defined as the prevention of, damage to, protection of, and restoration of computers and electronic communications. It is intended to ensure business data availability, authentication, and confidentiality.
Cybersecurity works hand-in-hand with:
- Physical Security – the protection of property
- Personnel Security
- Contingency Planning and Disaster Recovery
- Operational Security and
- Privacy
It is of great concern to many organizations and requires a proactive approach.
Tim’s Talking Points Regarding SB 220
When SB 220 goes into law, it will apply to all businesses, from the smallest solopreneur to the most prominent businesses, including Goodyear Tire & Rubber Company and Sherwin-Williams. Here are some practical ways to get started:
- Make sure all computer operating systems and applications are up-to-date. This includes software patches, too.
- Don’t use any outdated or unsupported software apps.
- Assess your encryption levels. If necessary, impose higher standards. If you are a retail organization, make sure you have end-to-end encryption.
- Write and enforce cybersecurity policies.
- Understand how cybersecurity talent differs from IT staffing and hire accordingly.
- Hire an outside cybersecurity firm if you can’t recruit talent in-house to monitor and prevent data breaches, information losses, and ransomware.
- Conduct outside training on at least a yearly basis with all your employees.
- Read the entire legislation and have your attorney make additional recommendations.
- When implementing a blockchain app like Bitcoin, ensure it is entirely cybersecurity compliant.
SACS Consulting & Investigative Services is Here to Help
Our professionals can help you with additional ways to prevent cybersecurity threats from impacting your organization! Contact us today at 330-255-1101 or 888-722-7937 to learn more about our training and physical security options.