The cyber-security issues have already gained immense importance because of rampant cyber-attacks or hacking which you can come across almost every day in the news headlines. The world has already experienced numerous cyber-related hazards beginning from the US Office of Personnel Management to the case of Ashley Madison, from Sony to the Ukraine crisis and Saudi Aramco, and many other small and gigantic hackings may not be thousands but hundreds in numbers across the globe. The hackers have no preferences in terms of field of operations. They have been rampantly targeting any and every segments and sectors such as business, security, international economics and geopolitics, education, health, law, banking, transportation and anything that are existing and operational in the world. On the other hand, in spite of the growing and sophisticated cyber threats, the international laws and policies of cybersecurity are still in the inception stage and standard because of cybersecurity due diligence.
The term cybersecurity due diligence refers to the review of processes, governance and several controlling mechanisms which are meant for securing the data, information and assets. These cases of due diligence particularly of cybersecurity may be existing in many sectors including governments as well as non-government actors such as private corporations and businesses. The existing international laws regarding cybersecurity are though exclusively informative but they seriously lack in articulating how the countries or governments, as well as corporate who come under the jurisdiction, should enhance their cybersecurity systems in terms of accountability to the obligations of cybersecurity due diligence.
Above all, you may not find any consensus between the international court of law as well as any other relevant segments or sectors regarding uniformed cybersecurity rules and regulations. For example, you may not find a uniformed and internationally agreed upon policy on when countries especially the neutral transit nations should necessarily police their respective networks by blocking their cyber-attacks. In this regard, the cybersecurity due diligence gets more confirmed as well as should be dealt with more importance especially by the leading cpowers of the world namely the US, Germany and China.
The former deputy assistant attorney general Jason Weinstein summarised the cof cybersecurity due diligence as when somebody buys a company, he or she buys the data and information of the company and at the same time he or she also buys the data-security problems of the company. In other words, the risks of cybersecurity should be seen with the considerations of financial and legal due diligence which is extremely important and essential.