A Simulation of How a Cloud Service Provider from the Midwest Should Behave When Faced with a Potential Cyber-Attack, Where Many of Its Customers Do Business in the Healthcare, Banking, and Educational Industries

Donald L. Buresh, Ph.D., Esq.

Abstract


This essay aims to explain to the senior management of a company what must be accomplished to be compliant with federal sectoral privacy laws. It is a byzantine maze of pitfalls where a single cyber-attack can lead to extensive oversight by the Federal Trade Commission. The path taken by this paper is that a cloud computing provider should implement the most stringent security framework in existence that encompasses the myriad number of privacy laws in the United States. The reason is that vigorously embracing a strict standard makes a firm likely to comply with the various sectoral privacy laws. However, suppose a company is cyber-attacked and has the misfortune of being prosecuted by the Federal Trade Commission. In that case, the article suggests that the firm take a mature approach to the litigation, not complaining to the agency that it is the victim. A mature approach to federal oversight might lessen the time of the supervisory period. By admitting security omissions and commissions and robustly accepting regulatory guidance, a firm can proceed in conducting its business, not fretting over the de facto guardianship by the Federal Trade Commission.


Full Text:

PDF


DOI: https://doi.org/10.22158/sssr.v3n4p24

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Copyright © SCHOLINK INC.   ISSN 2690-0793 (Print)    ISSN 2690-0785 (Online)