A Simulation of How a Cloud Service Provider from the Midwest Should Behave When Faced with a Potential Cyber-Attack, Where Many of Its Customers Do Business in the Healthcare, Banking, and Educational Industries
Abstract
This essay aims to explain to the senior management of a company what must be accomplished to be compliant with federal sectoral privacy laws. It is a byzantine maze of pitfalls where a single cyber-attack can lead to extensive oversight by the Federal Trade Commission. The path taken by this paper is that a cloud computing provider should implement the most stringent security framework in existence that encompasses the myriad number of privacy laws in the United States. The reason is that vigorously embracing a strict standard makes a firm likely to comply with the various sectoral privacy laws. However, suppose a company is cyber-attacked and has the misfortune of being prosecuted by the Federal Trade Commission. In that case, the article suggests that the firm take a mature approach to the litigation, not complaining to the agency that it is the victim. A mature approach to federal oversight might lessen the time of the supervisory period. By admitting security omissions and commissions and robustly accepting regulatory guidance, a firm can proceed in conducting its business, not fretting over the de facto guardianship by the Federal Trade Commission.
Full Text:
PDFDOI: https://doi.org/10.22158/sssr.v3n4p24
Refbacks
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright © SCHOLINK INC. ISSN 2690-0793 (Print) ISSN 2690-0785 (Online)