A multinational corporation headquartered in the United States is reviewing its policies to ensure its security practices conform to national regulations. Which of the following initiatives should the company prioritize to align its general cybersecurity posture with federally recommended best practices in the United States?
Focusing on safeguarding electronic protected health information (ePHI)
Aligning its security controls with the NIST Cybersecurity Framework
Implementing data protection measures required by the Payment Card Industry Data Security Standard (PCI DSS)
Adhering to international regulations on privacy and cross-border data transfers
Aligning with the NIST Cybersecurity Framework would be the best course of action for a multinational corporation to establish a strong, federally recommended cybersecurity posture in the United States. While safeguarding electronic protected health information (ePHI) is crucial under HIPAA, it is a legal requirement specific to the healthcare industry and its associates, not a general requirement for all corporations. Similarly, implementing data protection measures for payment processing is mandated by the Payment Card Industry Data Security Standard (PCI DSS), which is an industry requirement, not a federal law. Adhering to international privacy regulations is important for a multinational company, but the question prioritizes alignment with US-specific practices.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are federally recommended cybersecurity practices?
Open an interactive chat with Bash
Why does domestic compliance take precedence over international privacy regulations?
Open an interactive chat with Bash
What industries require a focus on safeguarding electronic protected health information (ePHI)?