SlideShare a Scribd company logo

Lesson 3- Major natural laws

•Download as PPT, PDF•
•
M
MLG College of Learning, Inc

Chapter 3

Education
1 of 19
Principles of Information Security, Fifth Edition Chapter 3 Legal, Ethical, and Professional Issues in Information Security Lesson 3 – Major Natural Laws
Learning Objectives • Upon completion of this material, you should be able to: - Identify major national laws that affect the practice of information security. Principles of Information Security, Fifth Edition 2
Deterring Unethical and Illegal Behavior • Three general causes of unethical and illegal behavior: ignorance, accident, intent • Deterrence: best method for preventing an illegal or unethical activity; for example, laws, policies, technical controls • Laws and policies only deter if three conditions are present: – Fear of penalty – Probability of being apprehended – Probability of penalty being applied Principles of Information Security, Fifth Edition 3
Principles of Information Security, Fifth Edition 4
Codes of Ethics and Professional Organizations • Many professional organizations have established codes of conduct/ethics. • Codes of ethics can have a positive effect; unfortunately, many employers do not encourage joining these professional organizations. • Responsibility of security professionals is to act ethically and according to the policies of the employer, the professional organization, and the laws of society. Principles of Information Security, Fifth Edition 5
Principles of Information Security, Fifth Edition 6
Major IT Professional Organizations • Association of Computing Machinery (ACM) – Established in 1947 as “the world’s first educational and scientific computing society” – Code of ethics contains references to protecting information confidentiality, causing no harm, protecting others’ privacy, and respecting others’ intellectual property and copyrights. Principles of Information Security, Fifth Edition 7
Major IT Professional Organizations (cont’d) • International Information Systems Security Certification Consortium, Inc. (ISC)2 – Nonprofit organization focusing on the development and implementation of information security certifications and credentials – Code is primarily designed for the information security professionals who have certification from (ISC)2. – Code of ethics focuses on four mandatory canons. Principles of Information Security, Fifth Edition 8
Major IT Professional Organizations (cont’d) • SANS (originally System Administration, Networking, and Security Institute) – Professional organization with a large membership dedicated to the protection of information and systems – SANS offers a set of certifications called Global Information Assurance Certification (GIAC). Principles of Information Security, Fifth Edition 9
Major IT Professional Organizations (cont’d) • ISACA (originally Information Systems Audit and Control Association) – Professional association with focus on auditing, control, and security – Concentrates on providing IT control practices and standards – ISACA has a code of ethics for its professionals. Principles of Information Security, Fifth Edition 10
Major IT Professional Organizations (cont’d) • Information Systems Security Association (ISSA) – Nonprofit society of information security (IS) professionals – Primary mission to bring together qualified IS practitioners for information exchange and educational development – Promotes code of ethics similar to (ISC)2, ISACA, and ACM Principles of Information Security, Fifth Edition 11
Key U.S. Federal Agencies • Department of Homeland Security (DHS) – Made up of five directorates, or divisions – Mission is to protect the citizens as well as the physical and informational assets of the United States – US-CERT provides mechanisms to report phishing and malware. • U.S. Secret Service – In addition to protective services, it is charged with safeguarding the nation’s financial infrastructure and payments system to preserve integrity of the economy. Principles of Information Security, Fifth Edition 12
Principles of Information Security, Fifth Edition 13
• Federal Bureau of Investigation – Primary law enforcement agency; investigates traditional crimes and cybercrimes – Key priorities include computer/network intrusions, identity theft, and fraud – Federal Bureau of Investigation’s National InfraGard Program • Maintains an intrusion alert network • Maintains a secure Web site for communication about suspicious activity or intrusions • Sponsors local chapter activities • Operates a help desk for questions Principles of Information Security, Fifth Edition 14 Key U.S. Federal Agencies (cont’d)
Principles of Information Security, Fifth Edition 15
Key U.S. Federal Agencies (cont’d) • National Security Agency (NSA) – Is the nation’s cryptologic organization – Responsible for signal intelligence and information assurance (security) – Information Assurance Directorate (IAD) is responsible for the protection of systems that store, process, and transmit information of high national value. Principles of Information Security, Fifth Edition 16
Summary • Laws: rules that mandate or prohibit certain behavior in society; drawn from ethics • Ethics: define socially acceptable behaviors, based on cultural mores (fixed moral attitudes or customs of a particular group) • Types of law: civil, criminal, private, public Principles of Information Security, Fifth Edition 17
Summary (cont’d) • Relevant U.S. laws: – Computer Fraud and Abuse Act of 1986 (CFA Act) – National Information Infrastructure Protection Act of 1996 – USA PATRIOT Act of 2001 – USA PATRIOT Improvement and Reauthorization Act – Computer Security Act of 1987 – Title 18, U.S.C. § 1028 Principles of Information Security, Fifth Edition 18
Summary (cont’d) • Many organizations have codes of conduct and/or codes of ethics. • Organization increases liability if it refuses to take measures known as due care. • Due diligence requires that organizations make a valid effort to protect others and continually maintain that effort. Principles of Information Security, Fifth Edition 19

Recommended

Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Lesson 3
Lesson 3Lesson 3
Lesson 3MLG College of Learning, Inc
 
Cs8792 cns - unit i
Cs8792 cns - unit iCs8792 cns - unit i
Cs8792 cns - unit iArthyR3
 
Lesson 4
Lesson 4Lesson 4
Lesson 4MLG College of Learning, Inc
 
Segurity and cybersegurity of information systems
Segurity and cybersegurity of information systemsSegurity and cybersegurity of information systems
Segurity and cybersegurity of information systemsvalentina jaimes duran
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Lesson 4
Lesson 4Lesson 4
Lesson 4MLG College of Learning, Inc
 

Recommended

Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Lesson 3
Lesson 3Lesson 3
Lesson 3MLG College of Learning, Inc
 
Cs8792 cns - unit i
Cs8792 cns - unit iCs8792 cns - unit i
Cs8792 cns - unit iArthyR3
 
Lesson 4
Lesson 4Lesson 4
Lesson 4MLG College of Learning, Inc
 
Segurity and cybersegurity of information systems
Segurity and cybersegurity of information systemsSegurity and cybersegurity of information systems
Segurity and cybersegurity of information systemsvalentina jaimes duran
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Lesson 4
Lesson 4Lesson 4
Lesson 4MLG College of Learning, Inc
 
Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSMLG College of Learning, Inc
 
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric VanderburgInformation Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric VanderburgEric Vanderburg
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
 
IT Security Services
IT Security ServicesIT Security Services
IT Security ServicesOmar Toor
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2MLG College of Learning, Inc
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales DeckEvan Francen
 
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkIGF Indonesia
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
ICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorPaul O'Connor
 
Ch04
Ch04Ch04
Ch04Jennifer Polack
 
Cybersecurity and Academic Research
Cybersecurity and Academic ResearchCybersecurity and Academic Research
Cybersecurity and Academic ResearchChristian Schreiber, CISM, PMP
 
Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1MLG College of Learning, Inc
 
Lesson 2 Cryptography tools
Lesson 2 Cryptography toolsLesson 2 Cryptography tools
Lesson 2 Cryptography toolsMLG College of Learning, Inc
 
Sppt chap011
Sppt chap011Sppt chap011
Sppt chap011Awais Ahmed
 
2016 02-14 - tlp-white ce2016 presentation
2016 02-14 - tlp-white ce2016 presentation2016 02-14 - tlp-white ce2016 presentation
2016 02-14 - tlp-white ce2016 presentationisc2-hellenic
 
IS Know How - Third Sector Cyber Security Survey 2015 Infographic
IS Know How - Third Sector Cyber Security Survey 2015 InfographicIS Know How - Third Sector Cyber Security Survey 2015 Infographic
IS Know How - Third Sector Cyber Security Survey 2015 InfographicRobert Stones
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthPECB
 
Information security
Information security Information security
Information security razendar79
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policycharlesgarrett
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityErnest Staats
 
Lecture 8.pdf
Lecture 8.pdfLecture 8.pdf
Lecture 8.pdfabdukadirabdullahuad
 
Chapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxChapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxJhaiJhai6
 

More Related Content

What's hot

Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric VanderburgInformation Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric VanderburgEric Vanderburg
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
 
IT Security Services
IT Security ServicesIT Security Services
IT Security ServicesOmar Toor
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2MLG College of Learning, Inc
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales DeckEvan Francen
 
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkIGF Indonesia
 
ICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorPaul O'Connor
 
Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1MLG College of Learning, Inc
 
Sppt chap011
Sppt chap011Sppt chap011
Sppt chap011Awais Ahmed
 
2016 02-14 - tlp-white ce2016 presentation
2016 02-14 - tlp-white ce2016 presentation2016 02-14 - tlp-white ce2016 presentation
2016 02-14 - tlp-white ce2016 presentationisc2-hellenic
 
IS Know How - Third Sector Cyber Security Survey 2015 Infographic
IS Know How - Third Sector Cyber Security Survey 2015 InfographicIS Know How - Third Sector Cyber Security Survey 2015 Infographic
IS Know How - Third Sector Cyber Security Survey 2015 InfographicRobert Stones
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthPECB
 
Information security
Information security Information security
Information security razendar79
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policycharlesgarrett
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityErnest Staats
 

What's hot (20)

Lesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPSLesson 3- Effectiveness of IDPS
Lesson 3- Effectiveness of IDPS
 
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric VanderburgInformation Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)
 
IT Security Services
IT Security ServicesIT Security Services
IT Security Services
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales Deck
 
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
ICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'ConnorICAANZ VPDSS presentation by Paul O'Connor
ICAANZ VPDSS presentation by Paul O'Connor
 
Ch04
Ch04Ch04
Ch04
 
Cybersecurity and Academic Research
Cybersecurity and Academic ResearchCybersecurity and Academic Research
Cybersecurity and Academic Research
 
Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1Information Assurance And Security - Chapter 1 - Lesson 1
Information Assurance And Security - Chapter 1 - Lesson 1
 
Lesson 2 Cryptography tools
Lesson 2 Cryptography toolsLesson 2 Cryptography tools
Lesson 2 Cryptography tools
 
Sppt chap011
Sppt chap011Sppt chap011
Sppt chap011
 
2016 02-14 - tlp-white ce2016 presentation
2016 02-14 - tlp-white ce2016 presentation2016 02-14 - tlp-white ce2016 presentation
2016 02-14 - tlp-white ce2016 presentation
 
IS Know How - Third Sector Cyber Security Survey 2015 Infographic
IS Know How - Third Sector Cyber Security Survey 2015 InfographicIS Know How - Third Sector Cyber Security Survey 2015 Infographic
IS Know How - Third Sector Cyber Security Survey 2015 Infographic
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in Depth
 
Information security
Information security Information security
Information security
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policy
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber Security
 

Similar to Lesson 3- Major natural laws

Chapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxChapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxJhaiJhai6
 
Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2MLG College of Learning, Inc
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Securitymtvvvv
 
Chapter 3 - Lesson 1.pptx
Chapter 3 - Lesson 1.pptxChapter 3 - Lesson 1.pptx
Chapter 3 - Lesson 1.pptxJhaiJhai6
 
Legal, Ethical and professional issues in Information Security
Legal, Ethical and professional issues in Information SecurityLegal, Ethical and professional issues in Information Security
Legal, Ethical and professional issues in Information SecurityGamentortc
 
Data Security Law and Management.pdf
Data Security Law and Management.pdfData Security Law and Management.pdf
Data Security Law and Management.pdfMeshalALshammari12
 
3600-lecture3-legal-ethical-professional-issues.pdf
3600-lecture3-legal-ethical-professional-issues.pdf3600-lecture3-legal-ethical-professional-issues.pdf
3600-lecture3-legal-ethical-professional-issues.pdfabdukadirabdullahuad
 
9781111533960_PPT_ch04.ppt
9781111533960_PPT_ch04.ppt9781111533960_PPT_ch04.ppt
9781111533960_PPT_ch04.pptKundanKumar17747
 
Chapter 4
Chapter 4Chapter 4
Chapter 4ghghghghgh
 
3 - Social Media and Enterprise
3 - Social Media and Enterprise3 - Social Media and Enterprise
3 - Social Media and EnterpriseRaymond Gao
 
9-Steps-Info-Sec-Whitepaper-final.pdf
9-Steps-Info-Sec-Whitepaper-final.pdf9-Steps-Info-Sec-Whitepaper-final.pdf
9-Steps-Info-Sec-Whitepaper-final.pdfSoniaCristina49
 
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityLegal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityCarl Ceder
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
 
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...Financial Poise
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information PrivacyPerry Slack
 
Application of a decision making framework to an IT-related ethical
Application of a decision making framework to an IT-related ethical Application of a decision making framework to an IT-related ethical
Application of a decision making framework to an IT-related ethical mallisonshavon
 

Similar to Lesson 3- Major natural laws (20)

Lecture 8.pdf
Lecture 8.pdfLecture 8.pdf
Lecture 8.pdf
 
Chapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptxChapter 3 - Lesson 2.pptx
Chapter 3 - Lesson 2.pptx
 
Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2Information Assurance And Security - Chapter 3 - Lesson 2
Information Assurance And Security - Chapter 3 - Lesson 2
 
Lesson 2-Identify Theft
Lesson 2-Identify TheftLesson 2-Identify Theft
Lesson 2-Identify Theft
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Security
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Chapter 3 - Lesson 1.pptx
Chapter 3 - Lesson 1.pptxChapter 3 - Lesson 1.pptx
Chapter 3 - Lesson 1.pptx
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Legal, Ethical and professional issues in Information Security
Legal, Ethical and professional issues in Information SecurityLegal, Ethical and professional issues in Information Security
Legal, Ethical and professional issues in Information Security
 
Data Security Law and Management.pdf
Data Security Law and Management.pdfData Security Law and Management.pdf
Data Security Law and Management.pdf
 
3600-lecture3-legal-ethical-professional-issues.pdf
3600-lecture3-legal-ethical-professional-issues.pdf3600-lecture3-legal-ethical-professional-issues.pdf
3600-lecture3-legal-ethical-professional-issues.pdf
 
9781111533960_PPT_ch04.ppt
9781111533960_PPT_ch04.ppt9781111533960_PPT_ch04.ppt
9781111533960_PPT_ch04.ppt
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
3 - Social Media and Enterprise
3 - Social Media and Enterprise3 - Social Media and Enterprise
3 - Social Media and Enterprise
 
9-Steps-Info-Sec-Whitepaper-final.pdf
9-Steps-Info-Sec-Whitepaper-final.pdf9-Steps-Info-Sec-Whitepaper-final.pdf
9-Steps-Info-Sec-Whitepaper-final.pdf
 
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityLegal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information Security
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security
 
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information Privacy
 
Application of a decision making framework to an IT-related ethical
Application of a decision making framework to an IT-related ethical Application of a decision making framework to an IT-related ethical
Application of a decision making framework to an IT-related ethical
 

More from MLG College of Learning, Inc

More from MLG College of Learning, Inc (20)

PC111.Lesson2
PC111.Lesson2PC111.Lesson2
PC111.Lesson2
 
PC111.Lesson1
PC111.Lesson1PC111.Lesson1
PC111.Lesson1
 
PC111-lesson1.pptx
PC111-lesson1.pptxPC111-lesson1.pptx
PC111-lesson1.pptx
 
PC LEESOON 6.pptx
PC LEESOON 6.pptxPC LEESOON 6.pptx
PC LEESOON 6.pptx
 
PC 106 PPT-09.pptx
PC 106 PPT-09.pptxPC 106 PPT-09.pptx
PC 106 PPT-09.pptx
 
PC 106 PPT-07
PC 106 PPT-07PC 106 PPT-07
PC 106 PPT-07
 
PC 106 PPT-01
PC 106 PPT-01PC 106 PPT-01
PC 106 PPT-01
 
PC 106 PPT-06
PC 106 PPT-06PC 106 PPT-06
PC 106 PPT-06
 
PC 106 PPT-05
PC 106 PPT-05PC 106 PPT-05
PC 106 PPT-05
 
PC 106 Slide 04
PC 106 Slide 04PC 106 Slide 04
PC 106 Slide 04
 
PC 106 Slide no.02
PC 106 Slide no.02PC 106 Slide no.02
PC 106 Slide no.02
 
pc-106-slide-3
pc-106-slide-3pc-106-slide-3
pc-106-slide-3
 
PC 106 Slide 2
PC 106 Slide 2PC 106 Slide 2
PC 106 Slide 2
 
PC 106 Slide 1.pptx
PC 106 Slide 1.pptxPC 106 Slide 1.pptx
PC 106 Slide 1.pptx
 
Db2 characteristics of db ms
Db2 characteristics of db msDb2 characteristics of db ms
Db2 characteristics of db ms
 
Db1 introduction
Db1 introductionDb1 introduction
Db1 introduction
 
Lesson 3.2
Lesson 3.2Lesson 3.2
Lesson 3.2
 
Lesson 3.1
Lesson 3.1Lesson 3.1
Lesson 3.1
 
Lesson 1.6
Lesson 1.6Lesson 1.6
Lesson 1.6
 
Lesson 3.2
Lesson 3.2Lesson 3.2
Lesson 3.2
 

Recently uploaded

Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayMakMakNepo
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
Planning a health career 4th Quarter.pptx
Planning a health career 4th Quarter.pptxPlanning a health career 4th Quarter.pptx
Planning a health career 4th Quarter.pptxLigayaBacuel1
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........LeaCamillePacle
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 

Recently uploaded (20)

Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up Friday
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
Planning a health career 4th Quarter.pptx
Planning a health career 4th Quarter.pptxPlanning a health career 4th Quarter.pptx
Planning a health career 4th Quarter.pptx
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 

Lesson 3- Major natural laws

  • 1. Principles of Information Security, Fifth Edition Chapter 3 Legal, Ethical, and Professional Issues in Information Security Lesson 3 – Major Natural Laws
  • 2. Learning Objectives • Upon completion of this material, you should be able to: - Identify major national laws that affect the practice of information security. Principles of Information Security, Fifth Edition 2
  • 3. Deterring Unethical and Illegal Behavior • Three general causes of unethical and illegal behavior: ignorance, accident, intent • Deterrence: best method for preventing an illegal or unethical activity; for example, laws, policies, technical controls • Laws and policies only deter if three conditions are present: – Fear of penalty – Probability of being apprehended – Probability of penalty being applied Principles of Information Security, Fifth Edition 3
  • 4. Principles of Information Security, Fifth Edition 4
  • 5. Codes of Ethics and Professional Organizations • Many professional organizations have established codes of conduct/ethics. • Codes of ethics can have a positive effect; unfortunately, many employers do not encourage joining these professional organizations. • Responsibility of security professionals is to act ethically and according to the policies of the employer, the professional organization, and the laws of society. Principles of Information Security, Fifth Edition 5
  • 6. Principles of Information Security, Fifth Edition 6
  • 7. Major IT Professional Organizations • Association of Computing Machinery (ACM) – Established in 1947 as “the world’s first educational and scientific computing society” – Code of ethics contains references to protecting information confidentiality, causing no harm, protecting others’ privacy, and respecting others’ intellectual property and copyrights. Principles of Information Security, Fifth Edition 7
  • 8. Major IT Professional Organizations (cont’d) • International Information Systems Security Certification Consortium, Inc. (ISC)2 – Nonprofit organization focusing on the development and implementation of information security certifications and credentials – Code is primarily designed for the information security professionals who have certification from (ISC)2. – Code of ethics focuses on four mandatory canons. Principles of Information Security, Fifth Edition 8
  • 9. Major IT Professional Organizations (cont’d) • SANS (originally System Administration, Networking, and Security Institute) – Professional organization with a large membership dedicated to the protection of information and systems – SANS offers a set of certifications called Global Information Assurance Certification (GIAC). Principles of Information Security, Fifth Edition 9
  • 10. Major IT Professional Organizations (cont’d) • ISACA (originally Information Systems Audit and Control Association) – Professional association with focus on auditing, control, and security – Concentrates on providing IT control practices and standards – ISACA has a code of ethics for its professionals. Principles of Information Security, Fifth Edition 10
  • 11. Major IT Professional Organizations (cont’d) • Information Systems Security Association (ISSA) – Nonprofit society of information security (IS) professionals – Primary mission to bring together qualified IS practitioners for information exchange and educational development – Promotes code of ethics similar to (ISC)2, ISACA, and ACM Principles of Information Security, Fifth Edition 11
  • 12. Key U.S. Federal Agencies • Department of Homeland Security (DHS) – Made up of five directorates, or divisions – Mission is to protect the citizens as well as the physical and informational assets of the United States – US-CERT provides mechanisms to report phishing and malware. • U.S. Secret Service – In addition to protective services, it is charged with safeguarding the nation’s financial infrastructure and payments system to preserve integrity of the economy. Principles of Information Security, Fifth Edition 12
  • 13. Principles of Information Security, Fifth Edition 13
  • 14. • Federal Bureau of Investigation – Primary law enforcement agency; investigates traditional crimes and cybercrimes – Key priorities include computer/network intrusions, identity theft, and fraud – Federal Bureau of Investigation’s National InfraGard Program • Maintains an intrusion alert network • Maintains a secure Web site for communication about suspicious activity or intrusions • Sponsors local chapter activities • Operates a help desk for questions Principles of Information Security, Fifth Edition 14 Key U.S. Federal Agencies (cont’d)
  • 15. Principles of Information Security, Fifth Edition 15
  • 16. Key U.S. Federal Agencies (cont’d) • National Security Agency (NSA) – Is the nation’s cryptologic organization – Responsible for signal intelligence and information assurance (security) – Information Assurance Directorate (IAD) is responsible for the protection of systems that store, process, and transmit information of high national value. Principles of Information Security, Fifth Edition 16
  • 17. Summary • Laws: rules that mandate or prohibit certain behavior in society; drawn from ethics • Ethics: define socially acceptable behaviors, based on cultural mores (fixed moral attitudes or customs of a particular group) • Types of law: civil, criminal, private, public Principles of Information Security, Fifth Edition 17
  • 18. Summary (cont’d) • Relevant U.S. laws: – Computer Fraud and Abuse Act of 1986 (CFA Act) – National Information Infrastructure Protection Act of 1996 – USA PATRIOT Act of 2001 – USA PATRIOT Improvement and Reauthorization Act – Computer Security Act of 1987 – Title 18, U.S.C. § 1028 Principles of Information Security, Fifth Edition 18
  • 19. Summary (cont’d) • Many organizations have codes of conduct and/or codes of ethics. • Organization increases liability if it refuses to take measures known as due care. • Due diligence requires that organizations make a valid effort to protect others and continually maintain that effort. Principles of Information Security, Fifth Edition 19