Yes, I would obligate companies with more than 20 employees to implement a minimum set of cybersecurity requirements. I would obligate them to at least have cybersecurity company policies, training, education, and technology. Companies would need to give their employees at least basic training and information to protect their valued information. I think that for a company to grow and be successful they must know how to protect their information, so no hackers can gain access to it. When companies don’t have basic cybersecurity, policies implemented into their companies it could be very dangerous for the success of the company. The company’s IT department should make passwords for each employee, so their accounts are harder to hack. Companies should have a policy that states that employees should not be sending anything having to do with company information to or from their private emails. The IT department also

No, I would not fine companies if they did not implement any cybersecurity methods. There’s only one reason I wouldn’t fine them, and it is because cybersecurity methods are placed to help them and not for any other reason. If they do not want to protect themselves than that is their choice. The company is putting its growth and success at risk. They would only be hurting themselves and their company. I said yes for implementing cybersecurity methods because I believe it is what’s best for every company. If a hacker can gain access to company information, there are many things they could do with it. For example, they could sell it, or they could use it to start a rival company.