Many organizations are unaware of the intrusion in their networks until the FBI comes calling. An Inspector General audit found that poor record keeping means some organizations don't hear from the FBI, or hear too late to do anything about it.
Absent any move on the federal level for a consumer data privacy law, states have passed their own laws. Utah is about to have a law that would require government to have a warrant to get any consumer data stored by third-party providers.
Bills introduced in the House and Senate this week would require vendors selling IoT devices to the government to adhere to strict security guidelines.
Ron Wyden and Tom Cotton are asking the Senate Sergeant at Arms for numbers on cyber attacks on Senate computers.
In the era of disinformation, manipulation and influence operations, platform providers, enterprises, and government agencies are working to find policy and technical solutions.