A Simulation of How a Cloud Service Provider from the Midwest Should Behave When Faced with a Potential Cyber-Attack, Where Many of Its Customers Do Business in the Healthcare, Banking, and Educational Industries

Studies in social science research Pub Date : 2022-09-28 DOI:10.22158/sssr.v3n4p24

Donald L. Buresh, Ph.D., Esq.

{"title":"A Simulation of How a Cloud Service Provider from the Midwest Should Behave When Faced with a Potential Cyber-Attack, Where Many of Its Customers Do Business in the Healthcare, Banking, and Educational Industries","authors":"Donald L. Buresh, Ph.D., Esq.","doi":"10.22158/sssr.v3n4p24","DOIUrl":null,"url":null,"abstract":"This essay aims to explain to the senior management of a company what must be accomplished to be compliant with federal sectoral privacy laws. It is a byzantine maze of pitfalls where a single cyber-attack can lead to extensive oversight by the Federal Trade Commission. The path taken by this paper is that a cloud computing provider should implement the most stringent security framework in existence that encompasses the myriad number of privacy laws in the United States. The reason is that vigorously embracing a strict standard makes a firm likely to comply with the various sectoral privacy laws. However, suppose a company is cyber-attacked and has the misfortune of being prosecuted by the Federal Trade Commission. In that case, the article suggests that the firm take a mature approach to the litigation, not complaining to the agency that it is the victim. A mature approach to federal oversight might lessen the time of the supervisory period. By admitting security omissions and commissions and robustly accepting regulatory guidance, a firm can proceed in conducting its business, not fretting over the de facto guardianship by the Federal Trade Commission.","PeriodicalId":74882,"journal":{"name":"Studies in social science research","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Studies in social science research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.22158/sssr.v3n4p24","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

This essay aims to explain to the senior management of a company what must be accomplished to be compliant with federal sectoral privacy laws. It is a byzantine maze of pitfalls where a single cyber-attack can lead to extensive oversight by the Federal Trade Commission. The path taken by this paper is that a cloud computing provider should implement the most stringent security framework in existence that encompasses the myriad number of privacy laws in the United States. The reason is that vigorously embracing a strict standard makes a firm likely to comply with the various sectoral privacy laws. However, suppose a company is cyber-attacked and has the misfortune of being prosecuted by the Federal Trade Commission. In that case, the article suggests that the firm take a mature approach to the litigation, not complaining to the agency that it is the victim. A mature approach to federal oversight might lessen the time of the supervisory period. By admitting security omissions and commissions and robustly accepting regulatory guidance, a firm can proceed in conducting its business, not fretting over the de facto guardianship by the Federal Trade Commission.

查看原文本刊更多论文

模拟美国中西部一家云服务提供商在面对潜在的网络攻击时应如何应对，该云服务提供商的许多客户从事医疗保健、银行和教育行业的业务

本文旨在向公司的高级管理层解释必须完成哪些工作才能遵守联邦部门隐私法。这是一个错综复杂的陷阱，一次网络攻击就可能导致联邦贸易委员会的广泛监督。本文所走的道路是，云计算提供商应该实施现有最严格的安全框架，其中包括美国无数的隐私法。原因是，大力采用严格的标准会使公司有可能遵守各种行业隐私法。然而，假设一家公司受到网络攻击，不幸被联邦贸易委员会起诉。在这种情况下，文章建议公司采取成熟的诉讼方式，而不是向机构投诉自己是受害者。成熟的联邦监督方法可能会缩短监督期。通过承认安全疏忽和佣金，并积极接受监管指导，公司可以继续开展业务，而不必担心联邦贸易委员会事实上的监护权。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Studies in social science research

自引率

0.00%

发文量