Required 8-10 pages.
Abstract
Introduction
Body
Conclusion
References
Topic:
Laws Influencing Information Security and Privacy in the Financial Sector
Select one American financial institution that frames your research. Describe the organization, its business(es), its scope, and any additional descriptive information that will inform your reader about your subject matter.
Describe and define at least one the laws focused on compliance within the financial sector that came up during our course. Research the law itself, any legal cases that were based on that law, and the critique of the law that you found through your research. Of course, if your selected financial institution was involved in such litigation, or has published their critique, include that information too.
In addition to compliance laws that directly target financial institutions, countless other laws apply to them. Use the U.S. Patent and Trademark Office’s website to discover whether your selected institution has been awarded intellectual property rights for their trademarks, patents, or IP. Describe whether and how it protects its trade secrets. Describe for your reader some of the most prominent criminal or tort risks that your entity faces; or perhaps has been involved in.
In addition to risks in the realms of criminal or tort law, every organization faces the potential risk of enduring a cyber-attack or other incident that must be followed by a forensics investigation. Keeping the focus on your organization and the financial sector, research and discuss an incident or case in which such an institution was compelled to go through the forensic investigation process. There are no sectors exempt from those incidents or cases, regrettably, so be diligent and you will find one to discuss.
Conclude the Portfolio with your overall assessment of whether the legal system—from compliance mandates, to IT, criminal, and tort laws, to forensic investigations—benefits, hurts, or otherwise affects the organization. Assume the role of information security and privacy risk consultant in this section.