Gramm-Leach-Bliley Gets a Systems Upgrade: What the Ftc’s Proposed Safeguards Rule Changes Mean for Small and Medium American Financial Institutions

Ryle, Patrick; Jie, Yan; Gardiner, Lorraine R.

doi:10.1080/07366981.2021.1911387

Cited by 3 publications

(2 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In some countries, specific regulations exist for specific types of data. In the United States, for example, the Sarbanes-Oxley Act (SOX) regulates data security in publicly listed companies [72], the Gramm-Leach-Bliley Act (GLBA) in financial organizations, [73], the Federal Information Security Modernization Act (FISMA) in the U.S. federal government agencies [74], the Family Educational Rights and Privacy Act (FERPA) in education organizations [75], and the Children's Online Privacy Protection Act (COPPA) related to children [76]. However, this work focuses on federal-level data protection laws, and we do not discuss sectoral regulations such as the aforementioned.…”

Section: Regulatory Measures For Mitigating Data Breachesmentioning

confidence: 99%

Understanding Data Breach from a Global Perspective: Incident Visualization and Data Protection Law Review

Pimenta Rodrigues,

Marques Serrano,

Lopes Espiñeira Lemos

et al. 2024

Data

View full text Add to dashboard Cite

Data breaches result in data loss, including personal, health, and financial information that are crucial, sensitive, and private. The breach is a security incident in which personal and sensitive data are exposed to unauthorized individuals, with the potential to incur several privacy concerns. As an example, the French newspaper Le Figaro breached approximately 7.4 billion records that included full names, passwords, and e-mail and physical addresses. To reduce the likelihood and impact of such breaches, it is fundamental to strengthen the security efforts against this type of incident and, for that, it is first necessary to identify patterns of its occurrence, primarily related to the number of data records leaked, the affected geographical region, and its regulatory aspects. To advance the discussion in this regard, we study a dataset comprising 428 worldwide data breaches between 2018 and 2019, providing a visualization of the related statistics, such as the most affected countries, the predominant economic sector targeted in different countries, and the median number of records leaked per incident in different countries, regions, and sectors. We then discuss the data protection regulation in effect in each country comprised in the dataset, correlating key elements of the legislation with the statistical findings. As a result, we have identified an extensive disclosure of medical records in India and government data in Brazil in the time range. Based on the analysis and visualization, we find some interesting insights that researchers seldom focus on before, and it is apparent that the real dangers of data leaks are beyond the ordinary imagination. Finally, this paper contributes to the discussion regarding data protection laws and compliance regarding data breaches, supporting, for example, the decision process of data storage location in the cloud.

show abstract

Section: Regulatory Measures For Mitigating Data Breachesmentioning

confidence: 99%

Understanding Data Breach from a Global Perspective: Incident Visualization and Data Protection Law Review

Pimenta Rodrigues,

Marques Serrano,

Lopes Espiñeira Lemos

et al. 2024

Data

View full text Add to dashboard Cite

show abstract

“…Compliance behavior adheres to cybersecurity laws, regulations, and procedures [64]. An example of a regulation that must be complied with within the cybersecurity realm is the Gramm-Leach-Bliley Act, which requires financial institutions to explain their information-sharing practices and safeguard sensitive information [65]. On the contrary, cybersecurity behavior is specific to cybersecurity but not limited to laws and regulations.…”

Section: Common Research Themesmentioning

confidence: 99%

Exploring the Frontiers of Cybersecurity Behavior: A Systematic Review of Studies and Theories

2023

View full text Add to dashboard Cite

Cybersecurity procedures and policies are prevalent countermeasures for protecting organizations from cybercrimes and security incidents. Without considering human behaviors, implementing these countermeasures will remain useless. Cybersecurity behavior has gained much attention in recent years. However, a systematic review that provides extensive insights into cybersecurity behavior through different technologies and services and covers various directions in large-scale research remains lacking. Therefore, this study retrieved and analyzed 2210 articles published on cybersecurity behavior. The retrieved articles were then thoroughly examined to meet the inclusion and exclusion criteria, in which 39 studies published between 2012 and 2021 were ultimately picked for further in-depth analysis. The main findings showed that the protection motivation theory (PMT) dominated the list of theories and models examining cybersecurity behavior. Cybersecurity behavior and intention behavior counted for the highest purpose for most studies, with fewer studies focusing on cybersecurity awareness and compliance behavior. Most examined studies were conducted in individualistic contexts with limited exposure to collectivistic societies. A total of 56% of the analyzed studies focused on the organizational level, indicating that the individual level is still in its infancy stage. To address the research gaps in cybersecurity behavior at the individual level, this review proposes a number of research agendas that can be considered in future research. This review is believed to improve our understanding by revealing the full potential of cybersecurity behavior and opening the door for further research opportunities.

show abstract

Investigation of Trust Models to Alleviate the Authentication Challenge in FinTech

Abbas

Ahmad

Qazi

et al. 2022

Handbook of Research on Cybersecurity Issues and Challenges for Business and FinTech Applications

View full text Add to dashboard Cite

FinTech applications are increasingly vulnerable to cyber-attacks (identity theft, data breaches, distributed denial of service attacks, phishing attacks, insider threats), which have become a threat to many firms. These threats against FinTech services have the potential to wreak enormous societal, economic, and organizational harm. It is noted that various proposed methods failed to address the fundamental FinTech security issues of scalability, privacy, and trust distribution. Various well-known compliances of all FinTech are being adopted by developed countries to counter these cyber-attacks. Blockchain arouses increasing interest in different economic sectors, with confidentiality, availability, and integrity being fundamental factors. The study shows that the mass adoption of blockchain-based trust models has accelerated in the financial industry with private permissioned blockchain. The primary goal of these trust models is to assure the security, reliability, trustworthiness, and implementation of FinTech compliance.

show abstract

Gramm-Leach-Bliley Gets a Systems Upgrade: What the Ftc’s Proposed Safeguards Rule Changes Mean for Small and Medium American Financial Institutions

Cited by 3 publications

References 1 publication

Understanding Data Breach from a Global Perspective: Incident Visualization and Data Protection Law Review

Understanding Data Breach from a Global Perspective: Incident Visualization and Data Protection Law Review

Exploring the Frontiers of Cybersecurity Behavior: A Systematic Review of Studies and Theories

Investigation of Trust Models to Alleviate the Authentication Challenge in FinTech

Contact Info

Product

Resources

About