The three "biggest" U.S I.T Regulatory Compliance laws every Information Security professional should know by heart!
Introduction Everyone knows how complicated regulatory laws can become, luckily for us our "good friends" over at Microsoft have put together a page that sums up what you need to know about I.T regulatory compliance laws. Microsoft summarizes each one and goes into more depth. I am just going to provide a brief overview of what federal laws, you need to focus on if your organization is part of any of the industries, mentioned on the Microsoft page I referenced and below. Note: Some states have state law statutes surrounding regulatory compliance frameworks, such as California and my home state of Massachusetts! Microsoft does NOT mention every state law statue below (just California). The United States is one of the "few" countries in the world that has "strict" state and federal laws surrounding regulatory compliance, unlike i.e United Kingdom. Keep that in mind as you move forward, due to the fact that these laws may overlap and you might have to u