A Simulation of How a Cloud Service Provider from the Midwest Should Behave When Faced with a Potential Cyber-Attack, Where Many of Its Customers Do Business in the Healthcare, Banking, and Educational Industries
{"title":"A Simulation of How a Cloud Service Provider from the Midwest Should Behave When Faced with a Potential Cyber-Attack, Where Many of Its Customers Do Business in the Healthcare, Banking, and Educational Industries","authors":"Donald L. Buresh, Ph.D., Esq.","doi":"10.22158/sssr.v3n4p24","DOIUrl":null,"url":null,"abstract":"This essay aims to explain to the senior management of a company what must be accomplished to be compliant with federal sectoral privacy laws. It is a byzantine maze of pitfalls where a single cyber-attack can lead to extensive oversight by the Federal Trade Commission. The path taken by this paper is that a cloud computing provider should implement the most stringent security framework in existence that encompasses the myriad number of privacy laws in the United States. The reason is that vigorously embracing a strict standard makes a firm likely to comply with the various sectoral privacy laws. However, suppose a company is cyber-attacked and has the misfortune of being prosecuted by the Federal Trade Commission. In that case, the article suggests that the firm take a mature approach to the litigation, not complaining to the agency that it is the victim. A mature approach to federal oversight might lessen the time of the supervisory period. By admitting security omissions and commissions and robustly accepting regulatory guidance, a firm can proceed in conducting its business, not fretting over the de facto guardianship by the Federal Trade Commission.","PeriodicalId":74882,"journal":{"name":"Studies in social science research","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Studies in social science research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.22158/sssr.v3n4p24","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
This essay aims to explain to the senior management of a company what must be accomplished to be compliant with federal sectoral privacy laws. It is a byzantine maze of pitfalls where a single cyber-attack can lead to extensive oversight by the Federal Trade Commission. The path taken by this paper is that a cloud computing provider should implement the most stringent security framework in existence that encompasses the myriad number of privacy laws in the United States. The reason is that vigorously embracing a strict standard makes a firm likely to comply with the various sectoral privacy laws. However, suppose a company is cyber-attacked and has the misfortune of being prosecuted by the Federal Trade Commission. In that case, the article suggests that the firm take a mature approach to the litigation, not complaining to the agency that it is the victim. A mature approach to federal oversight might lessen the time of the supervisory period. By admitting security omissions and commissions and robustly accepting regulatory guidance, a firm can proceed in conducting its business, not fretting over the de facto guardianship by the Federal Trade Commission.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
