Threat modeling is a process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified and enumerated, and countermeasures prioritized. A cybersecurity regulation comprises directives that safeguard information technology and computer systems with the purpose of forcing companies and organizations to protect their systems and information from cyberattacks like viruses, worms, Trojan horses, and phishing. Some regulations involved with data protection and cyber security conclude that businesses must comply with various laws on cyber security, such as the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and the California Consumer Privacy Act (CCPA). Failure to comply with these laws can result in significant fines and penalties.
Lisbeth,
Good post! I think that threat modeling is a cool preventative method for cyber attacks. I like that you noted that there are regulations involved with data protection and security, when I was reading about cyber attacks for my own post I didn’t get the chance to read what I wanted, so this can help me see what I should read