SlideShare a Scribd company logo

Lesson 2-Identify Theft

•Download as PPT, PDF•
•
M
MLG College of Learning, Inc

chapter 3

Education
1 of 22
Principles of Information Security, Fifth Edition Chapter 3 Legal, Ethical, and Professional Issues in Information Security Lesson 2 – Identity Theft
Learning Objectives • Upon completion of this material, you should be able to: - Discuss and Identify Identity theft. - Discuss the role of culture as it applies to ethics in information security Principles of Information Security, Fifth Edition 2
Identity Theft • It can occur when someone steals victim’s personally identifiable information (PII) and poses as victim to conduct actions/make purchases. • Federal Trade Commission oversees efforts to foster coordination, effective prosecution of criminals, and methods to increase victim’s restitution. • Fraud and Related Activity in Connection with Identification Documents, Authentication Features, and Information (Title 18, U.S.C. § 1028) Principles of Information Security, Fifth Edition 3
Identity Theft (cont’d) • If someone suspects identity theft: – Report to one of the three national credit reporting companies and request initial fraud alert. – Order credit reports and examine for fraud activity; contact the fraud department in the organization holding the suspect account. – Create an identity theft report through FTC’s identity theft affidavit. – Document all calls/letters/communications during the process. Principles of Information Security, Fifth Edition 4
Export and Espionage Laws • Economic Espionage Act of 1996 (EEA) • Security and Freedom through Encryption Act of 1999 (SAFE) • The acts include provisions about encryption that: – Reinforce the right to use or sell encryption algorithms, without concern of key registration. – Prohibit the federal government from requiring it. – Make it not probable cause to suspect criminal activity. – Relax export restrictions. – Additional penalties for using it in a crime. Principles of Information Security, Fifth Edition 5
Principles of Information Security, Fifth Edition 6
U.S. Copyright Law • Intellectual property was recognized as a protected asset in the United States; copyright law extends to electronic formats. • With proper acknowledgment, it is permissible to include portions of others’ work as reference. • U.S. Copyright Office Web site: www.copyright.gov Principles of Information Security, Fifth Edition 7
Financial Reporting • Sarbanes-Oxley Act of 2002 • Affects the executive management of publicly traded corporations and public accounting firms • Seeks to improve the reliability and accuracy of financial reporting and increase the accountability of corporate governance in publicly traded companies • Penalties for noncompliance range from fines to jail terms. Principles of Information Security, Fifth Edition 8
Freedom of Information Act of 1966 (FOIA) • Allows access to federal agency records or information not determined to be matter of national security • U.S. government agencies are required to disclose any requested information upon receipt of written request. • Some information is protected from disclosure; this act does not apply to state/local government agencies or private businesses/individuals. Principles of Information Security, Fifth Edition 9
Principles of Information Security, Fifth Edition 10
Payment Card Industry Data Security Standards (PCI DSS) • PCI Security Standards Council offers a standard of performance to which organizations processing payment cards must comply. • Designed to enhance security of customer’s account data • Addresses six areas: – Build and maintain secure networks/systems – Protect cardholder data – Maintain vulnerability management program – Implement strong access control measures – Regularly monitor and test networks – Maintain information security policy Principles of Information Security, Fifth Edition 11
State and Local Regulations • Federal computer laws are mainly written specifically for federal information systems; they have little applicability to private organizations. • Information security professionals are responsible for understanding state regulations and ensuring that organization is in compliance with regulations. Principles of Information Security, Fifth Edition 12
International Laws and Legal Bodies • When organizations do business on the Internet, they do business globally. • Professionals must be sensitive to the laws and ethical values of many different cultures, societies, and countries. • Because of the political complexities of relationships among nations and differences in culture, few international laws cover privacy and information security. • These international laws are important but are limited in their enforceability. Principles of Information Security, Fifth Edition 13
Council of Europe Convention on Cybercrime • Created international task force to oversee Internet security functions for standardized international technology laws • Attempts to improve effectiveness of international investigations into breaches of technology law • Well received by intellectual property rights advocates due to emphasis on copyright infringement prosecution • Lacks realistic provisions for enforcement Principles of Information Security, Fifth Edition 14
Agreement on Trade-Related Aspects of Intellectual Property Rights • Created by World Trade Organization (WTO) • The first significant international effort to protect intellectual property rights • Outlines requirements for governmental oversight and legislation providing minimum levels of protection for intellectual property Principles of Information Security, Fifth Edition 15
Agreement on Trade-Related Aspects of Intellectual Property Rights (cont’d) • Agreement covers five issues: – Application of basic principles of trading system and international intellectual property agreements – Giving adequate protection to intellectual property rights – Enforcement of those rights by countries within their borders – Settling intellectual property disputes – Transitional arrangements while new system is being introduced Principles of Information Security, Fifth Edition 16
Digital Millennium Copyright Act (DMCA) • U.S. contribution to international effort to reduce impact of copyright, trademark, and privacy infringement • A response to European Union Directive 95/46/EC • Prohibits – Circumvention of protections and countermeasures – Manufacture and trafficking of devices used to circumvent such protections – Altering information attached or imbedded in copyrighted material • Excludes ISPs from some copyright infringement Principles of Information Security, Fifth Edition 17
Ethics and Information Security • Many professional disciplines have explicit rules governing the ethical behavior of members. • IT and IT security do not have binding codes of ethics. • Professional associations and certification agencies work to maintain ethical codes of conduct. – Can prescribe ethical conduct – Do not always have the ability to ban violators from practice in field Principles of Information Security, Fifth Edition 18
Principles of Information Security, Fifth Edition 19
Ethical Differences Across Cultures • Cultural differences create difficulty in determining what is and is not ethical. • Difficulties arise when one nationality’s ethical behavior conflicts with the ethics of another national group. • Scenarios are grouped into: – Software license infringement – Illicit use – Misuse of corporate resources • Cultures have different views on the scenarios. Principles of Information Security, Fifth Edition 20
Principles of Information Security, Fifth Edition 21
Ethics and Education • Education is the overriding factor in leveling ethical perceptions within a small population. • Employees must be trained and kept aware of the expected behavior of an ethical employee, as well as many other information security topics. • Proper ethical training is vital to creating informed and a well-prepared system user. Principles of Information Security, Fifth Edition 22

Recommended

Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
 
Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)YUSRA FERNANDO
 
Chap 4 (1)
Chap 4 (1)Chap 4 (1)
Chap 4 (1)UNIVERSITAS TEKNOKRAT INDONESIA
 
Personal Data Privacy and Information Security
Personal Data Privacy and Information SecurityPersonal Data Privacy and Information Security
Personal Data Privacy and Information SecurityCharles Mok
 
Privacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidancePrivacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidanceAmy Purcell
 
Chapter 6_dp-pertemuan_9
Chapter 6_dp-pertemuan_9 Chapter 6_dp-pertemuan_9
Chapter 6_dp-pertemuan_9UNIVERSITAS TEKNOKRAT INDONESIA
 
74 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.1674 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.16Glenn E. Davis
 
Cyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselCyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselOCTF Industry Engagement
 

Recommended

Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
 
Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)YUSRA FERNANDO
 
Chap 4 (1)
Chap 4 (1)Chap 4 (1)
Chap 4 (1)UNIVERSITAS TEKNOKRAT INDONESIA
 
Personal Data Privacy and Information Security
Personal Data Privacy and Information SecurityPersonal Data Privacy and Information Security
Personal Data Privacy and Information SecurityCharles Mok
 
Privacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidancePrivacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidanceAmy Purcell
 
Chapter 6_dp-pertemuan_9
Chapter 6_dp-pertemuan_9 Chapter 6_dp-pertemuan_9
Chapter 6_dp-pertemuan_9UNIVERSITAS TEKNOKRAT INDONESIA
 
74 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.1674 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.16Glenn E. Davis
 
Cyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselCyber Threat Overview for Euro IT counsel
Cyber Threat Overview for Euro IT counselOCTF Industry Engagement
 
A Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyA Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyLaguna State Polytechnic University
 
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...Dawn Yankeelov
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
 
NYTECH & CompTIA "Federal Legislative Briefing" 2012
NYTECH & CompTIA "Federal Legislative Briefing" 2012NYTECH & CompTIA "Federal Legislative Briefing" 2012
NYTECH & CompTIA "Federal Legislative Briefing" 2012New York Technology Council
 
Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1MLG College of Learning, Inc
 
AIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAlan Pelz-Sharpe
 
10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics7wounders
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy IntroductionG Prachi
 
Information security in public governance
Information security in public governanceInformation security in public governance
Information security in public governanceTemitayo Oladiran
 
S719a
S719aS719a
S719aecommerce
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 
Cloud primer
Cloud primerCloud primer
Cloud primerZeno Idzerda
 
Otieno antony rethinking internet shutdown
Otieno antony rethinking internet shutdownOtieno antony rethinking internet shutdown
Otieno antony rethinking internet shutdownOtieno Antony
 
Keeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security IssuesKeeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security Issuesipspat
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
04 privacy
04 privacy04 privacy
04 privacyEsmhel Briones
 
Legal & moral issues in e commerce
Legal & moral issues in e commerceLegal & moral issues in e commerce
Legal & moral issues in e commerceDamo Ward
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Dione McBride, CISSP, CIPP/E
 
Privacy, Drones, and IoT
Privacy, Drones, and IoTPrivacy, Drones, and IoT
Privacy, Drones, and IoTLAURA VIVET
 
Chapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxChapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxJhaiJhai6
 
Chapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxChapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxNargis Parveen
 
Legal-Ethical-Professionalin-IS.pptx
Legal-Ethical-Professionalin-IS.pptxLegal-Ethical-Professionalin-IS.pptx
Legal-Ethical-Professionalin-IS.pptxShruthi48
 

More Related Content

What's hot

A Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyA Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyLaguna State Polytechnic University
 
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...Dawn Yankeelov
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
 
NYTECH & CompTIA "Federal Legislative Briefing" 2012
NYTECH & CompTIA "Federal Legislative Briefing" 2012NYTECH & CompTIA "Federal Legislative Briefing" 2012
NYTECH & CompTIA "Federal Legislative Briefing" 2012New York Technology Council
 
Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1MLG College of Learning, Inc
 
AIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAlan Pelz-Sharpe
 
10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics7wounders
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy IntroductionG Prachi
 
Information security in public governance
Information security in public governanceInformation security in public governance
Information security in public governanceTemitayo Oladiran
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 
Cloud primer
Cloud primerCloud primer
Cloud primerZeno Idzerda
 
Otieno antony rethinking internet shutdown
Otieno antony rethinking internet shutdownOtieno antony rethinking internet shutdown
Otieno antony rethinking internet shutdownOtieno Antony
 
Keeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security IssuesKeeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security Issuesipspat
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
Legal & moral issues in e commerce
Legal & moral issues in e commerceLegal & moral issues in e commerce
Legal & moral issues in e commerceDamo Ward
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Dione McBride, CISSP, CIPP/E
 
Privacy, Drones, and IoT
Privacy, Drones, and IoTPrivacy, Drones, and IoT
Privacy, Drones, and IoTLAURA VIVET
 

What's hot (19)

A Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyA Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information Technology
 
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security
 
NYTECH & CompTIA "Federal Legislative Briefing" 2012
NYTECH & CompTIA "Federal Legislative Briefing" 2012NYTECH & CompTIA "Federal Legislative Briefing" 2012
NYTECH & CompTIA "Federal Legislative Briefing" 2012
 
Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1
 
AIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAIIM 2015 - Data Privacy
AIIM 2015 - Data Privacy
 
10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy Introduction
 
Information security in public governance
Information security in public governanceInformation security in public governance
Information security in public governance
 
S719a
S719aS719a
S719a
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hr
 
Cloud primer
Cloud primerCloud primer
Cloud primer
 
Otieno antony rethinking internet shutdown
Otieno antony rethinking internet shutdownOtieno antony rethinking internet shutdown
Otieno antony rethinking internet shutdown
 
Keeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security IssuesKeeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security Issues
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data Security
 
04 privacy
04 privacy04 privacy
04 privacy
 
Legal & moral issues in e commerce
Legal & moral issues in e commerceLegal & moral issues in e commerce
Legal & moral issues in e commerce
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
 
Privacy, Drones, and IoT
Privacy, Drones, and IoTPrivacy, Drones, and IoT
Privacy, Drones, and IoT
 

Similar to Lesson 2-Identify Theft

Chapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxChapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxJhaiJhai6
 
Chapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxChapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxNargis Parveen
 
Legal-Ethical-Professionalin-IS.pptx
Legal-Ethical-Professionalin-IS.pptxLegal-Ethical-Professionalin-IS.pptx
Legal-Ethical-Professionalin-IS.pptxShruthi48
 
ethcpp04-Unit 3.ppt
ethcpp04-Unit 3.pptethcpp04-Unit 3.ppt
ethcpp04-Unit 3.pptAnil Yadav
 
ethcpp04-Unit 3.ppt
ethcpp04-Unit 3.pptethcpp04-Unit 3.ppt
ethcpp04-Unit 3.pptAnil Yadav
 
International Marketing The International Legal Environment
International Marketing The International Legal EnvironmentInternational Marketing The International Legal Environment
International Marketing The International Legal EnvironmentDr. John V. Padua
 
Chapter 3 - Lesson 1.pptx
Chapter 3 - Lesson 1.pptxChapter 3 - Lesson 1.pptx
Chapter 3 - Lesson 1.pptxJhaiJhai6
 
Data Security Law and Management.pdf
Data Security Law and Management.pdfData Security Law and Management.pdf
Data Security Law and Management.pdfMeshalALshammari12
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Diana Maier
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislationUlf Mattsson
 
Francoise Gilbert Proposed EU Data Protection Regulation-20120214
Francoise Gilbert Proposed EU Data Protection Regulation-20120214Francoise Gilbert Proposed EU Data Protection Regulation-20120214
Francoise Gilbert Proposed EU Data Protection Regulation-20120214Francoise Gilbert
 
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Financial Poise
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsFinancial Poise
 
Information Assurance And Security - Chapter 3 - Lesson 3
Information Assurance And Security - Chapter 3 - Lesson 3Information Assurance And Security - Chapter 3 - Lesson 3
Information Assurance And Security - Chapter 3 - Lesson 3MLG College of Learning, Inc
 
Legal, Ethical and professional issues in Information Security
Legal, Ethical and professional issues in Information SecurityLegal, Ethical and professional issues in Information Security
Legal, Ethical and professional issues in Information SecurityGamentortc
 

Similar to Lesson 2-Identify Theft (20)

Chapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxChapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptx
 
Chapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxChapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptx
 
Legal-Ethical-Professionalin-IS.pptx
Legal-Ethical-Professionalin-IS.pptxLegal-Ethical-Professionalin-IS.pptx
Legal-Ethical-Professionalin-IS.pptx
 
ethcpp04-Unit 3.ppt
ethcpp04-Unit 3.pptethcpp04-Unit 3.ppt
ethcpp04-Unit 3.ppt
 
Lesson 1- Laws and Ethics
Lesson 1- Laws and EthicsLesson 1- Laws and Ethics
Lesson 1- Laws and Ethics
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
ethcpp04-Unit 3.ppt
ethcpp04-Unit 3.pptethcpp04-Unit 3.ppt
ethcpp04-Unit 3.ppt
 
International Marketing The International Legal Environment
International Marketing The International Legal EnvironmentInternational Marketing The International Legal Environment
International Marketing The International Legal Environment
 
Chapter 3 - Lesson 1.pptx
Chapter 3 - Lesson 1.pptxChapter 3 - Lesson 1.pptx
Chapter 3 - Lesson 1.pptx
 
Data Security Law and Management.pdf
Data Security Law and Management.pdfData Security Law and Management.pdf
Data Security Law and Management.pdf
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
 
Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & Ethics
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
 
Francoise Gilbert Proposed EU Data Protection Regulation-20120214
Francoise Gilbert Proposed EU Data Protection Regulation-20120214Francoise Gilbert Proposed EU Data Protection Regulation-20120214
Francoise Gilbert Proposed EU Data Protection Regulation-20120214
 
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and Requirements
 
Information Assurance And Security - Chapter 3 - Lesson 3
Information Assurance And Security - Chapter 3 - Lesson 3Information Assurance And Security - Chapter 3 - Lesson 3
Information Assurance And Security - Chapter 3 - Lesson 3
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Lesson 3- Major natural laws
Lesson 3- Major natural lawsLesson 3- Major natural laws
Lesson 3- Major natural laws
 
Legal, Ethical and professional issues in Information Security
Legal, Ethical and professional issues in Information SecurityLegal, Ethical and professional issues in Information Security
Legal, Ethical and professional issues in Information Security
 

More from MLG College of Learning, Inc

More from MLG College of Learning, Inc (20)

PC111.Lesson2
PC111.Lesson2PC111.Lesson2
PC111.Lesson2
 
PC111.Lesson1
PC111.Lesson1PC111.Lesson1
PC111.Lesson1
 
PC111-lesson1.pptx
PC111-lesson1.pptxPC111-lesson1.pptx
PC111-lesson1.pptx
 
PC LEESOON 6.pptx
PC LEESOON 6.pptxPC LEESOON 6.pptx
PC LEESOON 6.pptx
 
PC 106 PPT-09.pptx
PC 106 PPT-09.pptxPC 106 PPT-09.pptx
PC 106 PPT-09.pptx
 
PC 106 PPT-07
PC 106 PPT-07PC 106 PPT-07
PC 106 PPT-07
 
PC 106 PPT-01
PC 106 PPT-01PC 106 PPT-01
PC 106 PPT-01
 
PC 106 PPT-06
PC 106 PPT-06PC 106 PPT-06
PC 106 PPT-06
 
PC 106 PPT-05
PC 106 PPT-05PC 106 PPT-05
PC 106 PPT-05
 
PC 106 Slide 04
PC 106 Slide 04PC 106 Slide 04
PC 106 Slide 04
 
PC 106 Slide no.02
PC 106 Slide no.02PC 106 Slide no.02
PC 106 Slide no.02
 
pc-106-slide-3
pc-106-slide-3pc-106-slide-3
pc-106-slide-3
 
PC 106 Slide 2
PC 106 Slide 2PC 106 Slide 2
PC 106 Slide 2
 
PC 106 Slide 1.pptx
PC 106 Slide 1.pptxPC 106 Slide 1.pptx
PC 106 Slide 1.pptx
 
Db2 characteristics of db ms
Db2 characteristics of db msDb2 characteristics of db ms
Db2 characteristics of db ms
 
Db1 introduction
Db1 introductionDb1 introduction
Db1 introduction
 
Lesson 3.2
Lesson 3.2Lesson 3.2
Lesson 3.2
 
Lesson 3.1
Lesson 3.1Lesson 3.1
Lesson 3.1
 
Lesson 1.6
Lesson 1.6Lesson 1.6
Lesson 1.6
 
Lesson 3.2
Lesson 3.2Lesson 3.2
Lesson 3.2
 

Recently uploaded

ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)Dr. Mazin Mohamed alkathiri
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
MICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxMICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxabhijeetpadhi001
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 

Recently uploaded (20)

ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
MICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxMICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptx
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 

Lesson 2-Identify Theft

  • 1. Principles of Information Security, Fifth Edition Chapter 3 Legal, Ethical, and Professional Issues in Information Security Lesson 2 – Identity Theft
  • 2. Learning Objectives • Upon completion of this material, you should be able to: - Discuss and Identify Identity theft. - Discuss the role of culture as it applies to ethics in information security Principles of Information Security, Fifth Edition 2
  • 3. Identity Theft • It can occur when someone steals victim’s personally identifiable information (PII) and poses as victim to conduct actions/make purchases. • Federal Trade Commission oversees efforts to foster coordination, effective prosecution of criminals, and methods to increase victim’s restitution. • Fraud and Related Activity in Connection with Identification Documents, Authentication Features, and Information (Title 18, U.S.C. § 1028) Principles of Information Security, Fifth Edition 3
  • 4. Identity Theft (cont’d) • If someone suspects identity theft: – Report to one of the three national credit reporting companies and request initial fraud alert. – Order credit reports and examine for fraud activity; contact the fraud department in the organization holding the suspect account. – Create an identity theft report through FTC’s identity theft affidavit. – Document all calls/letters/communications during the process. Principles of Information Security, Fifth Edition 4
  • 5. Export and Espionage Laws • Economic Espionage Act of 1996 (EEA) • Security and Freedom through Encryption Act of 1999 (SAFE) • The acts include provisions about encryption that: – Reinforce the right to use or sell encryption algorithms, without concern of key registration. – Prohibit the federal government from requiring it. – Make it not probable cause to suspect criminal activity. – Relax export restrictions. – Additional penalties for using it in a crime. Principles of Information Security, Fifth Edition 5
  • 6. Principles of Information Security, Fifth Edition 6
  • 7. U.S. Copyright Law • Intellectual property was recognized as a protected asset in the United States; copyright law extends to electronic formats. • With proper acknowledgment, it is permissible to include portions of others’ work as reference. • U.S. Copyright Office Web site: www.copyright.gov Principles of Information Security, Fifth Edition 7
  • 8. Financial Reporting • Sarbanes-Oxley Act of 2002 • Affects the executive management of publicly traded corporations and public accounting firms • Seeks to improve the reliability and accuracy of financial reporting and increase the accountability of corporate governance in publicly traded companies • Penalties for noncompliance range from fines to jail terms. Principles of Information Security, Fifth Edition 8
  • 9. Freedom of Information Act of 1966 (FOIA) • Allows access to federal agency records or information not determined to be matter of national security • U.S. government agencies are required to disclose any requested information upon receipt of written request. • Some information is protected from disclosure; this act does not apply to state/local government agencies or private businesses/individuals. Principles of Information Security, Fifth Edition 9
  • 10. Principles of Information Security, Fifth Edition 10
  • 11. Payment Card Industry Data Security Standards (PCI DSS) • PCI Security Standards Council offers a standard of performance to which organizations processing payment cards must comply. • Designed to enhance security of customer’s account data • Addresses six areas: – Build and maintain secure networks/systems – Protect cardholder data – Maintain vulnerability management program – Implement strong access control measures – Regularly monitor and test networks – Maintain information security policy Principles of Information Security, Fifth Edition 11
  • 12. State and Local Regulations • Federal computer laws are mainly written specifically for federal information systems; they have little applicability to private organizations. • Information security professionals are responsible for understanding state regulations and ensuring that organization is in compliance with regulations. Principles of Information Security, Fifth Edition 12
  • 13. International Laws and Legal Bodies • When organizations do business on the Internet, they do business globally. • Professionals must be sensitive to the laws and ethical values of many different cultures, societies, and countries. • Because of the political complexities of relationships among nations and differences in culture, few international laws cover privacy and information security. • These international laws are important but are limited in their enforceability. Principles of Information Security, Fifth Edition 13
  • 14. Council of Europe Convention on Cybercrime • Created international task force to oversee Internet security functions for standardized international technology laws • Attempts to improve effectiveness of international investigations into breaches of technology law • Well received by intellectual property rights advocates due to emphasis on copyright infringement prosecution • Lacks realistic provisions for enforcement Principles of Information Security, Fifth Edition 14
  • 15. Agreement on Trade-Related Aspects of Intellectual Property Rights • Created by World Trade Organization (WTO) • The first significant international effort to protect intellectual property rights • Outlines requirements for governmental oversight and legislation providing minimum levels of protection for intellectual property Principles of Information Security, Fifth Edition 15
  • 16. Agreement on Trade-Related Aspects of Intellectual Property Rights (cont’d) • Agreement covers five issues: – Application of basic principles of trading system and international intellectual property agreements – Giving adequate protection to intellectual property rights – Enforcement of those rights by countries within their borders – Settling intellectual property disputes – Transitional arrangements while new system is being introduced Principles of Information Security, Fifth Edition 16
  • 17. Digital Millennium Copyright Act (DMCA) • U.S. contribution to international effort to reduce impact of copyright, trademark, and privacy infringement • A response to European Union Directive 95/46/EC • Prohibits – Circumvention of protections and countermeasures – Manufacture and trafficking of devices used to circumvent such protections – Altering information attached or imbedded in copyrighted material • Excludes ISPs from some copyright infringement Principles of Information Security, Fifth Edition 17
  • 18. Ethics and Information Security • Many professional disciplines have explicit rules governing the ethical behavior of members. • IT and IT security do not have binding codes of ethics. • Professional associations and certification agencies work to maintain ethical codes of conduct. – Can prescribe ethical conduct – Do not always have the ability to ban violators from practice in field Principles of Information Security, Fifth Edition 18
  • 19. Principles of Information Security, Fifth Edition 19
  • 20. Ethical Differences Across Cultures • Cultural differences create difficulty in determining what is and is not ethical. • Difficulties arise when one nationality’s ethical behavior conflicts with the ethics of another national group. • Scenarios are grouped into: – Software license infringement – Illicit use – Misuse of corporate resources • Cultures have different views on the scenarios. Principles of Information Security, Fifth Edition 20
  • 21. Principles of Information Security, Fifth Edition 21
  • 22. Ethics and Education • Education is the overriding factor in leveling ethical perceptions within a small population. • Employees must be trained and kept aware of the expected behavior of an ethical employee, as well as many other information security topics. • Proper ethical training is vital to creating informed and a well-prepared system user. Principles of Information Security, Fifth Edition 22