More Business Law news More news in North Carolina Find Business Law lawyers in North Carolina
In a move to bolster protections for businesses operating in North Carolina, Governor Jane Thompson signed two bills into law aimed at addressing cybersecurity and privacy concerns on November 1, 2025.The first bill, known as the Cybersecurity Enhancement Act, requires businesses operating in the state to adhere to heightened cybersecurity standards in order to protect sensitive data from cyber threats. Under the new law, companies will be required to implement multi-factor authentication, encryption protocols, and regular security audits to ensure the safety of their digital infrastructure. Failure to comply with these regulations could result in hefty fines and legal penalties.Governor Thompson emphasized the importance of safeguarding businesses against cyber attacks, stating, "In an increasingly digital world, the threat of cybercrime is ever-present. It is imperative that businesses take proactive measures to protect their data and the data of their customers."The second bill signed into law, known as the Privacy Protection Act, addresses concerns surrounding the collection and use of personal data by businesses. The new law prohibits businesses from selling or sharing customer data without explicit consent and requires companies to implement data protection measures to prevent unauthorized access or use of personal information. Violations of the Privacy Protection Act could result in significant financial penalties and reputational damage for businesses found to be in non-compliance.Industry experts have applauded the new legislation, noting that it sets a precedent for other states to follow in addressing the growing threats posed by cybercrime and data breaches. "These laws represent a significant step forward in protecting businesses and consumers from the ever-evolving landscape of cyber threats," said cybersecurity expert Sarah Miller.Business owners in North Carolina are urged to familiarize themselves with the requirements outlined in the Cybersecurity Enhancement Act and the Privacy Protection Act to ensure compliance and avoid potential legal ramifications. With cyber attacks on the rise and privacy concerns at the forefront of public consciousness, these new laws aim to provide businesses with the tools they need to safeguard their operations and maintain trust with their customers.