Regulation and management of personal data
Several cybersecurity regulations are already applicable. In the United States, implemented in January 2020, enforceable regulations in California and Oregon require that products have a “reasonable” level of cybersecurity. The laws are already applicable in Finland and Japan.
In Europe, GDPR is applicable. The NSCS UK Code of Conduct has been mandatory since 2020.