Question

In: Computer Science

What is the Cyber Security Enhancement Act? Provide some examples of court cases that involved violations...

What is the Cyber Security Enhancement Act? Provide some examples of court cases that involved violations of this act. What are some of the punishment(s) if someone is found guilty? (150+ words, no copy and paste from other sources please.)

Solutions

Expert Solution

In USA, cyber security has been a long time concern for the government and private sector. The growth in Information Technology and E-commerce sector in the United States have given rise to cyber crimes, causing a huge loss to the US government and its people. Cybersecurity regulation has directives that safeguard information technology and computer systems with the purpose of forcing companies and organizations to protect their systems and information from cyberattacks like viruses, worms, Trojan horses, phishing, denial of service (DOS) attacks, unauthorized access to systems which make private data of the individuals vulnerable to public domain.

The Cybersecurity Information Sharing Act was introduced on July 10, 2014 during the 113th Congress and was approved on Dec 18, 2014. This act was brought to provide security for ongoing projects, voluntary public-private partnership to improve cybersecurity, and to strengthen cybersecurity research and development, workforce development and education, and public awareness and preparedness, and for other purposes.

There are three main federal cybersecurity regulations -
- 1996 Health Insurance Portability and Accountability Act (HIPAA)
- 1999 Gramm-Leach-Bliley Act
- 2002 Homeland Security Act, which included the Federal Information Security Management Act (FISMA)

This regulation mandated that healthcare organizations, financial institutions, and federal agencies should protect their systems and information. However, these rules are not foolproof in securing the data and require only a “reasonable” level of security. It is advisable that organizations become proactive about the security of their apps and data. Cyber criminals are always on the prowl & are becoming sophisticated in their approach to attack. For the same reason, companies should keep a regular check on their systems to identify any vulnerabilities and address the loopholes immediately.

Number of data breaches in the United States from 2013 to 2018 has been constantly rising in the various sectors of Banking and Financial, Business, Educational, Government & Military, Medical & Healthcare. Few examples taken here to explain violations and punishments :-

1. July 2019 - Federal Trade Commission (FTC) Fined Facebook Company - $5 Billion for data breach of its users

The U.S. Justice Department and the FTC officially announced a privacy settlement with Facebook that includes a record-setting $5 billion fine. Now for this violation, CEO Mark Zuckerberg has been ordered to submit quarterly and annual reports to show that the company is in compliance with the FTC order.

2. Aug 2019 - Health Insurer Premera Blue Cross was fined for 2014 data breach

A federal judge has granted preliminary approval for a $74 million settlement of a consolidated class action lawsuit against health insurer Premera Blue Cross stemming from a 2014 data breach that affected 11 million individuals. The penalty for this violation includes Fines, Damages to person, Settlement Amount for victims and 2 years credit monitoring and insurance services. Now organization will have to invest more money to security enhancements than to victim reimbursement.

3. Aug 2019 - Another major IT and Networking company CISCO was caught under False Claims Act, for glitch in security software sold to government

Cisco has agreed to pay $8.6 million to settle a whistleblower lawsuit that claimed the networking company sold video surveillance software to local, state and federal agencies over a six-year period that contained serious security vulnerabilities. Despite knowing about the flaws in the software, Cisco continued to sell these products to various government agencies and organization between 2008 and 2014, according to the attorneys' statement.

Glenn brought the lawsuit against Cisco in 2011 under a U.S. law called the which permits individuals to report fraud and misconduct in federal government contracts and programs by filing a lawsuit on the government's behalf. The act also provides for financial compensation to person who reported crime, based on recovery by the government.

Therefore, this act helps to protects the User Data by ensuring IT security are being implemented and followed by all, Governments, Private companies and Users and any violations are correctly reported and handled by judiciary.


Related Solutions

Learn all you can about the Cyber Security Enhancement Act. What is it? Provide some examples...
Learn all you can about the Cyber Security Enhancement Act. What is it? Provide some examples of court cases that involved violations of this act. What are some of the punishment(s) if someone is found guilty?
(Cyber security) What are your tips for protecting yourself against identity theft? Provide relevant examples to...
(Cyber security) What are your tips for protecting yourself against identity theft? Provide relevant examples to support your suggestions? Please provide your own words. No copy from the internet. 150 to 200 words.
This is for CYBER SECURITY 1)What are the 3 factors of Authentication and provide at least...
This is for CYBER SECURITY 1)What are the 3 factors of Authentication and provide at least 3 examples for each? 2) Please compare and contrast the following 4 Access Control Models and let me know how they work and give me an example of each. 1. Discretionary Access Control 2. Mandatory Access Control 3. Rule Based Access Controls 4. Role Based Access Controls
Discuss Cyber Security as it relates to the role of the US government. Discuss Cyber Security as it relates to the responsibilities of the individuals who are involved in creating the technology.
(a) – Discuss Cyber Security as it relates to the role of the US government. (b)– Discuss Cyber Security as it relates to the responsibilities of the individuals who are involved in creating the technology.  
What are some of the limits that are placed on who may take cases to court...
What are some of the limits that are placed on who may take cases to court and the types of cases courts will consider? How does this differ between federal and state courts? This is one of the disussion questions in the book: Problems in Healthcare)
Choose a firm that has been involved in a recent Foreign Corrupt Practice Act violations or...
Choose a firm that has been involved in a recent Foreign Corrupt Practice Act violations or the Sarbanes Oxley law violations controversy ( get 2018 recent event) - Analyze in 300-500 words a) Describe the firm's operations b) Identify the firm's CEO, CFO and external auditors c) Denote the circumstances surrounding the violation.
Explain using several examples, what types of cases the Supreme Court of Erie County and the...
Explain using several examples, what types of cases the Supreme Court of Erie County and the Western District of New York, United States District Court have Subject Matter Jurisdiction over?
(cyber security ) What is the difference between Cyber Espionage and Nation State Hacking? Explain the...
(cyber security ) What is the difference between Cyber Espionage and Nation State Hacking? Explain the differences with the help of appropriate examples. Please provide your own words. No copy from the internet. 150 to 200 words.
Provide two (2) examples that demonstrate an enhancement or change in your own theories of international...
Provide two (2) examples that demonstrate an enhancement or change in your own theories of international finance since the beginning of this course. Rate the three (3) most important concepts that you learned in this course in order of importance, with one (1) being the most important and three (3) the least. Provide a rationale for your ratings.
What are some court cases where individual tax payer relies on tax preparer, but gets understatement...
What are some court cases where individual tax payer relies on tax preparer, but gets understatement and negligence penalties form the irs? Is the tax payer subject to these penalties although they were not responsible for the mistakes on the 1040?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT