• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

Ex-PepsiCo CEO Indra Nooyi worked from midnight until 5 a.m. as a receptionist to pay for her Yale degree—and she says ‘respect went up’ because of it

2

Shark Tank's Kevin O'Leary says if he were 25 today, he'd chase these two booming opportunities in the world of AI

3

China’s birth rate just hit its lowest point since 1949—and Trip.com cofounder James Liang thinks that’s a threat to innovation

1

Ex-PepsiCo CEO Indra Nooyi worked from midnight until 5 a.m. as a receptionist to pay for her Yale degree—and she says ‘respect went up’ because of it

2

Shark Tank's Kevin O'Leary says if he were 25 today, he'd chase these two booming opportunities in the world of AI

3

China’s birth rate just hit its lowest point since 1949—and Trip.com cofounder James Liang thinks that’s a threat to innovation
CommentaryCybersecurity
Europe

A quiet cybersecurity revolution is touching every corner of the economy as U.S., allies ‘pull all the levers’ to face new threats

By
Eric Noonan
Eric Noonan
Down Arrow Button Icon
By
Eric Noonan
Eric Noonan
Down Arrow Button Icon
December 20, 2023, 7:36 AM ET
U.S. Treasury Secretary Janet Yellen speaks with U.S. Securities and Exchange Commission (SEC) chairman Gary Gensler during a meeting of the Financial Stability Oversight Council at the U.S. Department of Treasury on Dec. 14. The group has published their 2023 annual report, which takes a look at the past year in climate, banking, cybersecurity, artificial intelligence, cryptocurrency, and other issues.
U.S. Treasury Secretary Janet Yellen speaks with U.S. Securities and Exchange Commission (SEC) chairman Gary Gensler during a meeting of the Financial Stability Oversight Council at the U.S. Department of Treasury on Dec. 14. The group has published their 2023 annual report, which takes a look at the past year in climate, banking, cybersecurity, artificial intelligence, cryptocurrency, and other issues.Drew Angerer - Getty Images
Add Fortune on Google for similar content.

On Dec. 15, the Securities and Exchange Commission’s (SEC’s) expanded cybersecurity rules came into effect, requiring public companies to disclose incidents within four business days. That means headline-grabbing breaches–such as the one that affected all Okta customer support system users or the 23andMe hack that included the information of nearly 7 million customers–will have even greater consequences than whatever data was compromised. And the SEC rules are only the tip of the iceberg of changes to regulatory compliance.

With little fanfare and largely unnoticed by the press, institutional investors, or anyone else, the federal government is quietly directing a seismic shift in the economy by mandating stringent cybersecurity compliance across all 16 critical infrastructure sectors.

These sectors include well-known and highly relegated markets such as the defense industrial base, financial services, and energy–regulated by the Department of Defense (DoD), SEC, and Department of Energy (DoE), respectively. However, often overlooked are the subsectors beneath those 16 sectors, which essentially combine to comprise nearly every company and component of our economy, making nearly every business in scope for the emerging cybersecurity compliance regulations flowing down across the federal government at an increasingly rapid pace. The commercial facilities sector, for instance, consists of eight subsectors, including real estate, retail, sports leagues, and entertainment venues. There is no place to hide from cybersecurity regulation and mandatory minimum cybersecurity requirements.

A boon for the industry

While some argue government overreach, it’s clear why these regulations are coming fast and furious. Russia poses a tremendous cyber threat–it even breached the DoE–and intelligence officials have warned of potential threats from China.

This heightened cybersecurity revolution began last year with the White House’s executive order and unfolds as a movement that transcends borders. A dozen nations have aligned with the U.S. cybersecurity efforts, reflecting a collective endeavor toward a fortified global digital economy.

We’re heading toward a burgeoning market for cybersecurity compliance, with the ripple effects resonating through legal corridors as fraudulent cybersecurity claims come under the judicial scanner. Proper security controls will no longer be a choice, but a legal and economic imperative, marking a new epoch of digital resilience and a reinforced economic structure.

This is already required for DoD contractors through the Defense Federal Acquisition Regulation Supplement (DFARS), and soon the Cybersecurity Maturity Model Certification (CMMC) 2.0 program. Within a few years, it’s likely government contractors outside of defense efforts will also be required to meet mandatory minimum cybersecurity requirements as a condition of being awarded any federal contract.

The executive order calls for mandatory baseline standards for all federal contractors to replace the patchwork of inconsistent and unenforced agency-specific policies that exist today. Individual departments and agencies are not waiting for that day to come and are furiously issuing their own regulatory requirements.

We’ve already seen the Transportation Security Administration (TSA) issue new requirements for airport and aircraft operators, the Department of Homeland Security (DHS) act to protect controlled unclassified information (CUI), the Environmental Protection Agency (EPA) aim to safeguard the water sector, and the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA).

Pulling all the levers

The government is pulling every regulatory lever available to quietly define and enforce mandatory cybersecurity minimums on the entire economy in the same way it mandates seatbelts, airbags, and other safety features in automobiles. 

This addressable market expansion doesn’t stop at the border: Canada recently adopted CMMC for its defense industrial base, and Japan will also require government contractors to meet U.S. cybersecurity rules.

The pressure to meet mandatory cybersecurity minimums isn’t just about winning federal contracts. The Department of Justice is actively looking for fraud by using the False Claims Act to pursue cybersecurity-related fraud by government contractors and grant recipients. Cases have begun piling up as whistleblower employees come forward to collect large rewards.

Last October, Pennsylvania State University was sued by a former chief information officer (CIO) for allegedly failing to safeguard CUI and falsifying security compliance reports. The case is ongoing, but there’s already precedent. Last July, Aerojet Rocketdyne agreed to pay $9 million to resolve a similar case. More than $2.2 billion was paid out in settlements and judgments in False Claims Act cases last year–and over $1.7 billion was related to the healthcare industry.

To further cement the government’s resolve to put teeth to these regulations, it has begun suing individual companies and employees for defrauding investors by misleading them about cyber vulnerabilities as it did SolarWinds and its former vice president of security, Tim Brown.

Every sector of the economy is under a transformative directive to fortify its digital defenses. Security posture has evolved from a superlative to a crucial factor that affects the bottom line. This isn’t just a policy change–it’s a paradigm shift, making cybersecurity compliance a legal imperative because its implications are more far-reaching than ever before.

Eric Noonan served with the United States Marine Corps, Central Intelligence Agency, and is the CEO of CyberSheath.

More must-read commentary published by Fortune:

  • Economic pessimists’ bet on a 2023 recession failed. Why are they doubling down in 2024?
  • COVID-19 v. Flu: A ‘much more serious threat,’ new study into long-term risks concludes
  • Access to modern stoves could be a game-changer for Africa’s economic development–and help cut the equivalent of the carbon dioxide emitted by the world’s planes and ships
  • The U.S.-led digital trade world order is under attack–by the U.S.

The opinions expressed in Fortune.com commentary pieces are solely the views of their authors and do not necessarily reflect the opinions and beliefs of Fortune.

About the Author
By Eric Noonan
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Commentary

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Commentary

heat
Commentaryclimate change
McKinsey Global Institute: Climate planning has prioritized floods. Heat demands equal attention
By Sylvain Johansson, Mekala Krishnan, Kanmani Chockalingam and Annabel FarrJuly 7, 2026
15 hours ago
j
CommentaryEducation
AI didn’t break higher education—It exposed the credential trap
By Jason BenedictJuly 7, 2026
16 hours ago
e
CommentaryEntrepreneurship
I skipped college and founded a company at 18. Several exits later, this is what I learned
By Eric FranciaJuly 7, 2026
17 hours ago
mw
Commentaryregulation
Virtual Assets Regulatory Authority CEO: Finance’s AI future moves at the speed of its slowest regulator
By Matthew WhiteJuly 7, 2026
18 hours ago
t
CommentaryParenting
Babylist CEO: The Trump Accounts gold rush is overlooking moms
By Natalie GordonJuly 6, 2026
1 day ago
e
CommentaryCorporate Governance
SpaceX’s supervoting shares put a decades-old governance debate back in play
By Jeffrey Sonnenfeld and Steven TianJuly 6, 2026
1 day ago

Most Popular

Ex-PepsiCo CEO Indra Nooyi worked from midnight until 5 a.m. as a receptionist to pay for her Yale degree—and she says ‘respect went up’ because of it
Success
Ex-PepsiCo CEO Indra Nooyi worked from midnight until 5 a.m. as a receptionist to pay for her Yale degree—and she says ‘respect went up’ because of it
By Preston ForeJuly 6, 2026
1 day ago
Shark Tank's Kevin O'Leary says if he were 25 today, he'd chase these two booming opportunities in the world of AI
AI
Shark Tank's Kevin O'Leary says if he were 25 today, he'd chase these two booming opportunities in the world of AI
By Marco Quiroz-GutierrezJuly 5, 2026
3 days ago
China’s birth rate just hit its lowest point since 1949—and Trip.com cofounder James Liang thinks that’s a threat to innovation
Asia
China’s birth rate just hit its lowest point since 1949—and Trip.com cofounder James Liang thinks that’s a threat to innovation
By Nicholas GordonJuly 7, 2026
18 hours ago
Current price of oil as of July 6, 2026
Personal Finance
Current price of oil as of July 6, 2026
By Joseph HostetlerJuly 6, 2026
2 days ago
The man who ran Bernie's campaign says Democrats are still making the same mistakes with Democratic Socialists, and they should laud Mamdani's win
Politics
The man who ran Bernie's campaign says Democrats are still making the same mistakes with Democratic Socialists, and they should laud Mamdani's win
By Catherina GioinoJuly 6, 2026
1 day ago
Even as Elon Musk calls philanthropy ‘very hard,’ everyday Americans gave a record $617 billion—despite feeling the squeeze over the cost of living
Success
Even as Elon Musk calls philanthropy ‘very hard,’ everyday Americans gave a record $617 billion—despite feeling the squeeze over the cost of living
By Preston ForeJuly 4, 2026
4 days ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.