Scribd Logo
Upload

Welcome to Scribd!

  • Thics Rivacy Ecurity: Chapter 3 Presentation

    Uploaded by

    Farwin Hazwan
    118 views16 pages
    ETHICS, PRIVACY AND SECURITY [E] TH IC AL is SU ES FOUR ETHICAL ISSUES OF I. S :P RIVACY ISSUES A CCURACY ISSUES HOW RADICAL CAN WE GO?

    Original Description:

    Original Title

    mgt417

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    ETHICS, PRIVACY AND SECURITY [E] TH IC AL is SU ES FOUR ETHICAL ISSUES OF I. S :P RIVACY ISSUES A CCURACY ISSUES HOW RADICAL CAN WE GO?

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    118 views16 pages

    Thics Rivacy Ecurity: Chapter 3 Presentation

    Uploaded by

    Farwin Hazwan
    ETHICS, PRIVACY AND SECURITY [E] TH IC AL is SU ES FOUR ETHICAL ISSUES OF I. S :P RIVACY ISSUES A CCURACY ISSUES HOW RADICAL CAN WE GO?

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    [I]NFORMATION SYSTEM

    Chapter 3 Presentation
    [E]THICS [P]RIVACY [S]ECURITY

    [B]y:
    Muhamad Ariff bin Sodri &
    Yusuf Akram bin Zahari BM2221M
    [C]HAPTER OUTLINE

    1 ) ETHICAL ISSUE

    2 ) THREATS TO INFORMATION SECURITY

    3 ) PROTECTING INFORMATION RESOURCE

    ETHICS, PRIVACY AND SECURITY


    [E]THICS
    E thics - The study of principles relating to right and wrong conduct;

    Collections of principles – to guide organization or group -Code of ethics

    Other key terms (pg76):-

    Responsibi
    lity

    Accountabi
    lity

    Who? Liability
    What?
    How?
    Where?
    When? ???
    ETHICS, PRIVACY AND SECURITY
    [E]THICS – LEGAL vs ETHICS
    Andrew Fastow
    Jeffrey Skilling
    ENRON SCANDAL ( 2001 ) Kenneth Lay
    LEHMAN BROTHERS ( 2008 )

    ETHICS, PRIVACY AND SECURITY


    [E]THICS
    RPORATE SPYING – Volkswagon and General Motor ( 1993 )

    In 1993, Volkswagen swiped


    a bunch of General Motors
    plans (God knows why) and
    ended up paying $100
    million when they were
    caught.

    ETHICS, PRIVACY AND SECURITY


    [E]THICS
    w about our safety and privacy now? Cyber Stalker

    Yours… or
    ours?

    Hacker threats

    ETHICS, PRIVACY AND SECURITY


    FOUR ETHICAL ISSUES OF ( PAPA )
    I . S :-
    P RIVACY ISSUES

    [ E] A CCURACY ISSUES

    TH
    IC
    AL
    IS P ROPERTY ISSUES

    SU
    ES
    A CCESSIBILITY ISSUES
    http://www.misq.org/archivist/vol/no10/iss
    ue1/vol10no1mason.html
    HOW FAR CAN WE TAKE OUR
    PRIVACY?
    Right to privacy is not Digital Dossier &
    absolute
    Public>private profiling

    PROTECTING PRIVACY
    Threats to Information
    Security
    Factors that cause
    vulnerability of organizational
    [T information assets :
    ]H 

    RE 1  .wireless network

    AT •
    2. Government legislation

    S
    3. small,fast,cheap computers and storage
    device
    4. Decreasing skills to become a
    hacker
    5. International organized crime taking over
    cyber-crime
    6. Downstream liability

    7. Increased employee use to unmanaged


    devices
    8. Lack of management
    support
    [T
    ] HR Natural disaster
    EA Internet
    TS

    Man made disaster

    OUTSIDE
    CORPORATE
    INSIDE
    LAN
    Other insiders

    employees

    System software

    Hardware threats

    Refer to page 86
    [T] HREATS
    UNINTENTIONAL
    ACTS

    NATURAL
    DISASTER
    TECHNICAL
    FAILURES
    MANAGEMENT
    FAILURES

    DELIBERATE
    ACTS
    [T] HREATS
    DELIBERATE
    ACTS

    1 .Espionage or Trespass
    2. Information Extortion
    3. Sabotage or Vandalism
    4. Theft or Eqiupment and Information
    5. Identity theft
    6. Compromises to Intellectual Property
    7. Software attacks
    8.Supervisory control and data acquisition (SCADA)
    attacks
    9.Cyber terrorism
    [S]oftware attacks
    BLENDED
    VIRU ATTACK
    S
    PHISHIN
    WORM G

    PASSWORD
    ATTACK
    TROJAN
    HORSE
    SOFTWARE ATTACKS
    BACK
    DOOR

    LOGIC DENIAL - OF - SERVICE -


    BOMB ATTACK

    ETHICS, PRIVACY AND SECURITY


    Protecting Information
    Resources
    Risk management
    -To identify, control, and
    minimize impact of the
    threats
    -
    3 processeses of
    risk management :-

    i ) Risk
    analysis
    Asses value, estimate
    probability, compare
    cost of protecting the
    asset.
    ii ) Risk
    mitigation iii ) Control
    1)to prevent threats from
    occurring evaluation
    2)Develope recovery measures Identify security deficiency,
    acceptance calc cost of implement control
    RISK - measures. If cost >value of
    limitation
    assets, its not efficient
    transferenc
    e
    Protecting Information
    Resources
    CONTROLS
    -Security controls are
    designed to protect all o
    the components of an IS.

    i ) Physical
    control
    Door, fences, card
    security, guards etc

    ii ) Access iii ) Communication


    Control SecureControl
    movement across network
    -restrict unauthorized Eg firewall, antimalware
    individuals encryption etc
    1 . Something user is
    2 . Something the user has
    3 . Something the user does
    4 . Something the user knows

    You might also like