{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,19]],"date-time":"2026-06-19T15:01:47Z","timestamp":1781881307756,"version":"3.54.5"},"reference-count":81,"publisher":"MDPI AG","issue":"23","license":[{"start":{"date-parts":[[2022,11,30]],"date-time":"2022-11-30T00:00:00Z","timestamp":1669766400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"SAUDI ARAMCO Cybersecurity Chair"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Smart cities assure the masses a higher quality of life through digital interconnectivity, leading to increased efficiency and accessibility in cities. In addition, a huge amount of data is being exchanged through smart devices, networks, cloud infrastructure, big data analysis and Internet of Things (IoT) applications in the various private and public sectors, such as critical infrastructures, financial sectors, healthcare, and Small and Medium Enterprises (SMEs). However, these sectors require maintaining certain security mechanisms to ensure the confidentiality and integrity of personal and critical information. However, unfortunately, organizations fail to maintain their security posture in terms of security mechanisms and controls, which leads to data breach incidents either intentionally or inadvertently due to the vulnerabilities in their information management systems that either malicious insiders or attackers exploit. In this paper, we highlight the importance of data breaches and issues related to information leakage incidents. In particular, the impact of data breaching incidents and the reasons contributing to such incidents affect the citizens\u2019 well-being. In addition, this paper also discusses various preventive measures such as security mechanisms, laws, standards, procedures, and best practices, including follow-up mitigation strategies.<\/jats:p>","DOI":"10.3390\/s22239338","type":"journal-article","created":{"date-parts":[[2022,11,30]],"date-time":"2022-11-30T08:46:41Z","timestamp":1669798001000},"page":"9338","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":32,"title":["Getting Smarter about Smart Cities: Improving Data Security and Privacy through Compliance"],"prefix":"10.3390","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3223-4234","authenticated-orcid":false,"given":"Mudassar","family":"Aslam","sequence":"first","affiliation":[{"name":"FAST School of Computing, National University of Computer and Emerging Sciences, Islamabad 44000, Pakistan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Muhammad Abbas","family":"Khan Abbasi","sequence":"additional","affiliation":[{"name":"FAST School of Computing, National University of Computer and Emerging Sciences, Islamabad 44000, Pakistan"},{"name":"Abbottabad Campus, COMSATS University Islamabad, Abbottabad 22060, Pakistan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Tauqeer","family":"Khalid","sequence":"additional","affiliation":[{"name":"FAST School of Computing, National University of Computer and Emerging Sciences, Islamabad 44000, Pakistan"},{"name":"Abbottabad Campus, COMSATS University Islamabad, Abbottabad 22060, Pakistan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Rafi us","family":"Shan","sequence":"additional","affiliation":[{"name":"Faculty of CIS, Higher College of Technology, Abu Dhabi 41012, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3925-621X","authenticated-orcid":false,"given":"Subhan","family":"Ullah","sequence":"additional","affiliation":[{"name":"FAST School of Computing, National University of Computer and Emerging Sciences, Islamabad 44000, Pakistan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8105-6791","authenticated-orcid":false,"given":"Tahir","family":"Ahmad","sequence":"additional","affiliation":[{"name":"Center for Cybersecurity, Brunno Kessler Foundation, 38123 Trento, Italy"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7136-3480","authenticated-orcid":false,"given":"Saqib","family":"Saeed","sequence":"additional","affiliation":[{"name":"SAUDI ARAMCO Cybersecurity Chair, Department of Computer Information Systems, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7624-8924","authenticated-orcid":false,"given":"Dina A.","family":"Alabbad","sequence":"additional","affiliation":[{"name":"SAUDI ARAMCO Cybersecurity Chair, Department of Computer Engineering, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4758-7895","authenticated-orcid":false,"given":"Rizwan","family":"Ahmad","sequence":"additional","affiliation":[{"name":"School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), Islamabad 44000, Pakistan"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2022,11,30]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Tang, V., Cheng, S.W., Choy, K.L., Siu, P.K., Ho, G.T., and Lam, H.Y. (2016, January 24\u201329). An intelligent medical replenishment system for managing the medical resources in the healthcare industry. Proceedings of the 2016 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE 2016), Vancouver, BC, Canada.","DOI":"10.1109\/FUZZ-IEEE.2016.7737682"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1821","DOI":"10.1109\/ACCESS.2016.2558446","article-title":"Protection of Big Data Privacy","volume":"4","author":"Mehmood","year":"2016","journal-title":"IEEE Access"},{"key":"ref_3","first-page":"1491","article-title":"Data at rest and it\u2019s security solutions\u2014A survey","volume":"8","author":"Siddiqui","year":"2017","journal-title":"Int. J. Adv. Res. Comput. Sci."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1145\/2500873","article-title":"Big-data applications in the government sector","volume":"57","author":"Kim","year":"2014","journal-title":"Commun. ACM"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"973","DOI":"10.1016\/j.jcss.2014.02.005","article-title":"A survey of emerging threats in cybersecurity","volume":"80","author":"Nepal","year":"2014","journal-title":"J. Comput. Syst. Sci."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Razzaq, A., Hur, A., Ahmad, H.F., and Masood, M. (2013, January 6\u20138). Cyber security: Threats, reasons, challenges, methodologies and state of the art solutions for industrial applications. Proceedings of the 2013 IEEE Eleventh International Symposium on Autonomous Decentralized Systems (ISADS), Mexico City, Mexico.","DOI":"10.1109\/ISADS.2013.6513420"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Fonseca, B., and Rosen, J.D. (2017). Cybersecurity in the US: Major Trends and Challenges. The New US Security Agenda, Springer.","DOI":"10.1007\/978-3-319-50194-9"},{"key":"ref_8","unstructured":"(2017). Verizon. 2017 Data Breach Investigations Report 10th Edition. Technical Report. arXiv."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"(2019). Verizon: 2019 Data Breach Investigations Report. Comput. Fraud. Secur., 2019, 4.","DOI":"10.1016\/S1361-3723(19)30060-0"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"339","DOI":"10.1007\/s12599-014-0351-3","article-title":"The economic impact of privacy violations and security breaches","volume":"6","author":"Nofer","year":"2014","journal-title":"Bus. Inf. Syst. Eng."},{"key":"ref_11","first-page":"247","article-title":"Anatomy of a data breach","volume":"17","author":"Sherstobitoff","year":"2008","journal-title":"Inf. Secur. J."},{"key":"ref_12","first-page":"17","article-title":"A foundation for breach data analysis","volume":"2","author":"Adebayo","year":"2012","journal-title":"J. Inf. Eng. Appl."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"68","DOI":"10.1109\/MSP.2016.90","article-title":"Global InfoSec and Breach Standards","volume":"14","author":"Heimes","year":"2016","journal-title":"IEEE Secur. Priv."},{"key":"ref_14","unstructured":"Acquisti, A., Friedman, A., and Telang, R. (2006, January 10\u201313). Is there a cost to privacy breaches? An event study. Proceedings of the ICIS 2006 Proceedings, Milwaukee, WI, USA."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"d8158","DOI":"10.1136\/bmj.d8158","article-title":"Missing clinical trial data","volume":"344","author":"Lehman","year":"2012","journal-title":"BMJ"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"154","DOI":"10.1016\/j.dss.2009.02.005","article-title":"Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness","volume":"47","author":"Herath","year":"2009","journal-title":"Decis. Support Syst."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"719","DOI":"10.1016\/j.cose.2011.08.004","article-title":"The cyber threat landscape: Challenges and future research directions","volume":"30","author":"Choo","year":"2011","journal-title":"Comput. Secur."},{"key":"ref_18","unstructured":"PwC (2022, November 20). A matter of when, not if, a breach will occur. Information Security Breaches Survey 2016. Available online: https:\/\/www.pwc.be\/en\/documents\/media-centre\/publications\/2016\/information-security-breaches-survey-2016.pdf."},{"key":"ref_19","first-page":"86","article-title":"After the data breach: Notification laws and more","volume":"16","author":"Ford","year":"2015","journal-title":"Issues Inf. Syst."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"492","DOI":"10.1016\/j.emj.2019.01.007","article-title":"Effects of data breaches from user-generated content: A corporate reputation analysis","volume":"37","author":"Confente","year":"2019","journal-title":"Eur. Manag. J."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1002\/pam.20567","article-title":"Do data breach disclosure laws reduce identity theft?","volume":"30","author":"Romanosky","year":"2011","journal-title":"J. Policy Anal. Manag."},{"key":"ref_22","first-page":"109","article-title":"Choice or consequences: Protecting privacy in commercial information","volume":"75","author":"Beales","year":"2008","journal-title":"Univ. Chic. Law Rev."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"46","DOI":"10.1109\/MC.2013.195","article-title":"Big data\u2019s big unintended consequences","volume":"46","author":"Wigan","year":"2013","journal-title":"Computer"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Ponemon Institute (2019). Cost of a Data Breach Report, Ponemon Institute. Technical Report.","DOI":"10.1016\/S1361-3723(19)30081-8"},{"key":"ref_25","unstructured":"(2022). ITRC Data Breach Analysis H1 2022, Identity Theft Resource Center. Technical Report."},{"key":"ref_26","unstructured":"(2022). Cost of a Data Breach, IBM. Technical Report."},{"key":"ref_27","unstructured":"Filkins, B. (2014). Health Care Cyberthreat Report: Widespread Compromises Detected, Compliance Nightmare on Horizon, SANS Institute."},{"key":"ref_28","first-page":"1","article-title":"Assessing the cost of security breach: A marketer\u2019s perspective","volume":"Volume 21","author":"Choong","year":"2016","journal-title":"Allied Academies International Conference, Academy of Marketing Studies. Proceedings"},{"key":"ref_29","unstructured":"Ponemon Institute (2015). Cost of Data Breach Study: Global Analysis, Ponemon Institute. Technical Report."},{"key":"ref_30","unstructured":"Harris, K.D. (2016). California Data Breach Report."},{"key":"ref_31","unstructured":"Smith, T.T. (2016). Examining Data Privacy Breaches in Healthcare, Walden University."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"904","DOI":"10.1080\/07421222.2015.1138375","article-title":"Influence of firm\u2019s recovery endeavors upon privacy breach on online customer behavior","volume":"33","author":"Choi","year":"2016","journal-title":"J. Manag. Inf. Syst."},{"key":"ref_33","first-page":"321","article-title":"A methodology for estimating the tangible cost of data breaches","volume":"19","author":"Layton","year":"2014","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_34","first-page":"257","article-title":"The relation between information security events and firm market value, empirical evidence on recent disclosures: An extension of the GLZ study","volume":"19","author":"Pirounias","year":"2014","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1109\/MSP.2015.12","article-title":"Policy framework for data breaches","volume":"13","author":"Telang","year":"2015","journal-title":"IEEE Secur. Priv."},{"key":"ref_36","unstructured":"Azmi, I.M.A.G., Zulhuda, S., and Jarot, S.P.W. (2012, January 26\u201328). Data breach on the critical information infrastructures: Lessons from the wikileaks. Proceedings of the 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), Kuala Lumpur, Malaysia."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Huson, M.L., and Hewitt, B. (2016, January 5\u20138). Would Increased Regulation Reduce the Number of Information Breaches?. Proceedings of the 2016 49th Hawaii International Conference on System Sciences (HICSS), Koloa, HI, USA.","DOI":"10.1109\/HICSS.2016.330"},{"key":"ref_38","first-page":"92","article-title":"ISO\/IEC 27000, 27001 and 27002 for information security management","volume":"4","author":"Disterer","year":"2013","journal-title":"J. Inf. Secur."},{"key":"ref_39","unstructured":"(2022). Payment Card Industry Data Security Standard, PCI Security Standards Council. Version 4.0."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"139","DOI":"10.1007\/s11235-009-9248-8","article-title":"Information system security compliance to FISMA standard: A quantitative measure","volume":"45","author":"Hulitt","year":"2010","journal-title":"Telecommun. Syst."},{"key":"ref_41","first-page":"1219","article-title":"The Gramm-Leach-Bliley Act, information privacy, and the limits of default rules","volume":"86","author":"Janger","year":"2001","journal-title":"Minn. L. Rev."},{"key":"ref_42","unstructured":"Federal Trade Commission (2000). Marketing Violent Entertainment to Children: A Review of Self-Regulation and Industry Practices in the Motion Picture, Music Recording & Electronic Game Industries [with] Appendices AK. Report."},{"key":"ref_43","unstructured":"Henderson, G.C. (1924). The Federal Trade Commission: A Study in Administrative Law and Procedure, Yale University Press."},{"key":"ref_44","first-page":"191","article-title":"Health insurance portability and accountability act of 1996","volume":"104","author":"Act","year":"1996","journal-title":"Public Law"},{"key":"ref_45","first-page":"3","article-title":"VOIP for telerehabilitation: A risk analysis for privacy, security and HIPAA compliance: Part II","volume":"3","author":"Watzlaf","year":"2011","journal-title":"Int. J. Telerehabilit."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Rajkumar, R., Lee, I., Sha, L., and Stankovic, J. (2010, January 13\u201318). Cyber-physical systems: The next computing revolution. Proceedings of the Design Automation Conference, Anaheim, CA, USA.","DOI":"10.1145\/1837274.1837461"},{"key":"ref_47","unstructured":"Levy, M.J., and Bissell, R. (2013). Overview of Critical Infrastructure. Preparedness and Response for Catastrophic Disasters, Taylor & Francis Group."},{"key":"ref_48","unstructured":"Austin, A., and Wetle, V. (2011). The United States Health Care System: Combining Business, Health, and Delivery, Pearson Higher Education."},{"key":"ref_49","unstructured":"Laudon, K.C., and Laudon, J.P. (1998). Management Information Systems: New Approaches to Organization and Technology, Prentice Hall College."},{"key":"ref_50","unstructured":"Block, H., and Dobell, B. (1999). The e-Bang Theory, Education Industry Overview."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"971","DOI":"10.1111\/1475-6773.13203","article-title":"Data breach remediation efforts and their implications for hospital quality","volume":"54","author":"Choi","year":"2019","journal-title":"Health Serv. Res."},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Floyd, T., Grieco, M., and Reid, E.F. (2016, January 26\u201330). Mining hospital data breach records: Cyber threats to us hospitals. Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics (ISI), Tucson, AZ, USA.","DOI":"10.1109\/ISI.2016.7745441"},{"key":"ref_53","first-page":"185","article-title":"Security breaches in healthcare data: An application of the actor-network theory","volume":"16","author":"Stachel","year":"2015","journal-title":"Issues Inf. Syst."},{"key":"ref_54","unstructured":"Ghayur, A. (2007). Computer Animation and Gaming Industry, Animation Gaming. Available online: https:\/\/www.pide.org.pk\/pdfseminar\/seminar-2007-48-seminar99.pdf."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"337","DOI":"10.1016\/j.im.2014.12.006","article-title":"The influence of data theft on the share prices and systematic risk of consumer electronics companies","volume":"52","author":"Hinz","year":"2015","journal-title":"Inf. Manag."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1109\/MITP.2017.265105441","article-title":"Data breaches: Public sector perspectives","volume":"20","author":"Joseph","year":"2017","journal-title":"IT Prof."},{"key":"ref_57","doi-asserted-by":"crossref","unstructured":"Neama, G., Alaskar, R., and Alkandari, M. (2016, January 4\u20137). Privacy, security, risk, and trust concerns in e-commerce. Proceedings of the 17th International Conference on Distributed Computing and Networking, Singapore.","DOI":"10.1145\/2833312.2850445"},{"key":"ref_58","doi-asserted-by":"crossref","unstructured":"Martin, C., Kadry, A., and Abu-Shady, G. (2014, January 23\u201324). Quantifying the financial impact of it security breaches on business processes. Proceedings of the 2014 Twelfth Annual International Conference on Privacy, Security and Trust, Toronto, ON, Canada.","DOI":"10.1109\/PST.2014.6890934"},{"key":"ref_59","doi-asserted-by":"crossref","unstructured":"Algarni, A.M., and Malaiya, Y.K. (2016, January 7\u20138). A consolidated approach for estimation of data security breach costs. Proceedings of the 2016 2nd International Conference on Information Management (ICIM), London, UK.","DOI":"10.1109\/INFOMAN.2016.7477530"},{"key":"ref_60","doi-asserted-by":"crossref","first-page":"443","DOI":"10.1016\/j.chb.2016.03.033","article-title":"A methodology for estimating the value of privacy in information disclosure systems","volume":"61","author":"Hirschprung","year":"2016","journal-title":"Comput. Hum. Behav."},{"key":"ref_61","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1108\/ICS-03-2014-0020","article-title":"The impact of repeated data breach events on organisations\u2019 market value","volume":"24","author":"Schatz","year":"2016","journal-title":"Inf. Comput. Secur."},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"681","DOI":"10.1016\/j.im.2018.11.003","article-title":"Information security breaches and IT security investments: Impacts on competitors","volume":"56","author":"Jeong","year":"2019","journal-title":"Inf. Manag."},{"key":"ref_63","doi-asserted-by":"crossref","unstructured":"Holm, E., and Mackenzie, G. (May, January 29). The importance of mandatory data breach notification to identity crime. Proceedings of the 2014 Third International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), Beirut, Lebanon.","DOI":"10.1109\/CyberSec.2014.6913963"},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"2554","DOI":"10.1109\/ACCESS.2015.2506185","article-title":"Data and information leakage prevention within the scope of information security","volume":"3","author":"Hauer","year":"2015","journal-title":"IEEE Access"},{"key":"ref_65","doi-asserted-by":"crossref","first-page":"137","DOI":"10.1016\/j.jnca.2016.01.008","article-title":"A survey on data leakage prevention systems","volume":"62","author":"Alneyadi","year":"2016","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_66","doi-asserted-by":"crossref","unstructured":"Shabtai, A., Elovici, Y., and Rokach, L. (2012). A Survey of Data Leakage Detection and Prevention Solutions, Springer Science & Business Media.","DOI":"10.1007\/978-1-4614-2053-8"},{"key":"ref_67","doi-asserted-by":"crossref","unstructured":"Alneyadi, S., Sithirasenan, E., and Muthukkumarasamy, V. (2015, January 20\u201322). Detecting data semantic: A data leakage prevention approach. Proceedings of the 2015 IEEE Trustcom\/BigDataSE\/ISPA, Washington, DC, USA.","DOI":"10.1109\/Trustcom.2015.464"},{"key":"ref_68","doi-asserted-by":"crossref","unstructured":"Khan, M.F.F., and Sakamura, K. (2016, January 22\u201324). A patient-centric approach to delegation of access rights in healthcare information systems. Proceedings of the 2016 International Conference on Engineering & MIS (ICEMIS), Agadir, Morocco.","DOI":"10.1109\/ICEMIS.2016.7745308"},{"key":"ref_69","unstructured":"(2012, September 01). Home\u2014Centers for Medicare & Medicaid Services, Available online: https:\/\/www.cms.gov\/."},{"key":"ref_70","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1016\/j.dss.2018.02.007","article-title":"Cyber-analytics: Modeling factors associated with healthcare data breaches","volume":"108","author":"McLeod","year":"2018","journal-title":"Decis. Support Syst."},{"key":"ref_71","unstructured":"(2022). Information Security, Cybersecurity and Privacy Protection\u2014Information Security Management Systems\u2014Requirements (Standard No. ISO\/IEC 27001:2022)."},{"key":"ref_72","unstructured":"(2022). Information Security, Cybersecurity and Privacy Protection\u2014Information Security Controls (Standard No. ISO\/IEC 27002:2022)."},{"key":"ref_73","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1504\/IJAUDIT.2014.064316","article-title":"PCI DSS\u2014Penalty of not being compliant","volume":"2","author":"Rao","year":"2014","journal-title":"Int. J. Audit. Technol."},{"key":"ref_74","doi-asserted-by":"crossref","first-page":"144","DOI":"10.1111\/1468-0009.12314","article-title":"The role of HIPAA omnibus rules in reducing the frequency of medical data breaches: Insights from an empirical study","volume":"96","author":"Yaraghi","year":"2018","journal-title":"Milbank Q."},{"key":"ref_75","first-page":"1","article-title":"Final HIPAA Omnibus Rule brings sweeping changes to health care privacy law: HIPAA privacy and security obligations extended to business associates and subcontractors","volume":"12","author":"Hirsch","year":"2013","journal-title":"BNA Priv. Secur. Law Rep."},{"key":"ref_76","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1109\/MSP.2011.157","article-title":"Blaming noncompliance is too convenient: What really causes information breaches?","volume":"10","author":"Renaud","year":"2011","journal-title":"IEEE Secur. Priv."},{"key":"ref_77","doi-asserted-by":"crossref","unstructured":"Voigt, P., and Von dem Bussche, A. (2017). The EU General Data Protection Regulation (GDPR), Springer International Publishing. [1st ed.]. A Practical Guide.","DOI":"10.1007\/978-3-319-57959-7"},{"key":"ref_78","unstructured":"Manley, J. (2019). Personal Information Protection and Electronic Documents Act (PIPEDA), Parliament of Canada. 36th Parliament, bill c-6."},{"key":"ref_79","unstructured":"Fair Credit Reporting Act (2018). 15 u.s.c. \u00a7\u00a7 1681-1681x."},{"key":"ref_80","first-page":"37","article-title":"The Impact of Federal and State Notification Laws on Security Breach Announcements","volume":"34","author":"Goel","year":"2014","journal-title":"Commun. Assoc. Inf. Syst."},{"key":"ref_81","doi-asserted-by":"crossref","unstructured":"Calder, A. (2017). Nine Steps to Success: An ISO 27001 Implementation Overview, IT Governance Ltd.","DOI":"10.2307\/j.ctt1wn0skw"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/23\/9338\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T01:30:38Z","timestamp":1760146238000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/23\/9338"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,11,30]]},"references-count":81,"journal-issue":{"issue":"23","published-online":{"date-parts":[[2022,12]]}},"alternative-id":["s22239338"],"URL":"https:\/\/doi.org\/10.3390\/s22239338","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,11,30]]}}}