The federal government is trying to find as many ways as possible to handle the cybersecurity crisis facing the United States. While it is unlikely that Congress will pass a comprehensive federal cybersecurity law, for the private sector the Executive Branch and its many agencies are issuing directives and guidelines with far-reaching impacts. Additionally, states across the nation are passing their own data protection and cybersecurity laws with whiplash speed. The U.S. doesn't have a federal cybersecurity law, but the new regulatory and state landscape is changing the way companies do business. This basketweave of new laws provides a boost to existing cybersecurity guidelines. However, the industry standard for almost all organizations is the National Institutes of Standard and Technology (NIST) Cybersecurity Framework and NIST Privacy Framework.