Digital Ethics and Privacy in Business Unit 3 ReviewCybersecurity & Data Protection Essentials

Key Concepts in Cybersecurity

• Confidentiality ensures that data is accessible only to authorized individuals and prevents unauthorized disclosure
• Integrity safeguards data from unauthorized modification, ensuring accuracy and consistency
• Availability guarantees that data and systems are accessible to authorized users when needed
• Authentication verifies the identity of users or systems before granting access to sensitive information
• Authorization determines the level of access and permissions granted to authenticated users
• Non-repudiation prevents individuals from denying their actions or transactions, ensuring accountability
• Risk assessment identifies potential threats, vulnerabilities, and their impact on an organization's assets
• Encryption converts data into a coded format to protect it from unauthorized access (AES, RSA)

Common Cyber Threats and Attacks

• Malware includes viruses, worms, trojans, and ransomware that can damage systems and steal data
  • Viruses self-replicate and spread by attaching themselves to files or programs
  • Worms propagate independently across networks, exploiting vulnerabilities to infect multiple systems
• Phishing attacks manipulate individuals into revealing sensitive information through fraudulent emails or websites
  • Spear phishing targets specific individuals or organizations with tailored messages to increase success rates
• Denial-of-Service (DoS) attacks overwhelm systems with traffic, making them unavailable to legitimate users
  • Distributed Denial-of-Service (DDoS) attacks utilize multiple compromised devices to amplify the attack
• Man-in-the-Middle (MitM) attacks intercept communications between two parties to eavesdrop or alter data
• SQL injection exploits vulnerabilities in web applications to manipulate databases and extract sensitive information
• Zero-day exploits target previously unknown vulnerabilities, leaving systems exposed until patches are developed
• Social engineering techniques manipulate individuals into divulging confidential information or granting access

Data Protection Principles

• Purpose limitation restricts data collection and processing to specified, explicit, and legitimate purposes
• Data minimization ensures that only necessary data is collected and processed for the intended purpose
• Accuracy requires data to be accurate, complete, and up-to-date, with mechanisms for correction
• Storage limitation mandates that data is retained only for as long as necessary to fulfill the specified purpose
• Security involves implementing appropriate technical and organizational measures to protect data from unauthorized access, alteration, or destruction
• Transparency requires organizations to inform individuals about data collection, processing, and their rights
• Accountability holds organizations responsible for complying with data protection principles and demonstrating compliance
• Data portability allows individuals to receive their personal data in a structured, commonly used, and machine-readable format for transfer to another controller

Security Measures and Best Practices

• Access control restricts system and data access to authorized users based on their roles and responsibilities
  • Role-based access control (RBAC) assigns permissions to users based on their job functions
  • Multi-factor authentication (MFA) requires multiple forms of identification (password, token, biometrics) for enhanced security
• Network segmentation divides networks into smaller, isolated subnetworks to limit the spread of attacks
• Firewalls monitor and control incoming and outgoing network traffic based on predetermined security rules
• Intrusion Detection Systems (IDS) monitor network traffic for suspicious activities and alert administrators
• Intrusion Prevention Systems (IPS) actively block or prevent detected threats in real-time
• Regular software updates and patches address known vulnerabilities and improve system security
• Employee training and awareness programs educate staff on security best practices and how to identify potential threats
• Incident response plans outline procedures for detecting, responding to, and recovering from security incidents

Legal and Regulatory Frameworks

• General Data Protection Regulation (GDPR) regulates data protection and privacy in the European Union
  • Grants individuals rights over their personal data, including the right to access, rectify, and erase
  • Requires organizations to obtain explicit consent for data processing and report breaches within 72 hours
• Health Insurance Portability and Accountability Act (HIPAA) establishes standards for protecting sensitive patient health information in the United States
• Payment Card Industry Data Security Standard (PCI DSS) sets security requirements for organizations handling credit card transactions
• California Consumer Privacy Act (CCPA) enhances privacy rights and consumer protection for California residents
• Sarbanes-Oxley Act (SOX) mandates financial reporting and internal control requirements for public companies
• Cybersecurity Information Sharing Act (CISA) encourages sharing of cyber threat indicators between the private sector and government agencies
• International Organization for Standardization (ISO) develops and publishes international standards for information security management (ISO 27001)

Ethical Considerations in Data Handling

• Informed consent requires organizations to provide clear, understandable information about data collection and obtain individuals' consent
• Purpose specification limits data use to the purposes for which it was collected and ensures compatibility with those purposes
• Data accuracy and quality ensure that data is accurate, complete, and up-to-date to avoid decisions based on incorrect information
• Data retention and disposal policies define how long data is kept and ensure secure deletion when no longer needed
• Privacy by design incorporates data protection principles into the development of systems and processes from the outset
• Ethical data sharing involves establishing guidelines for responsible data sharing with third parties
• Transparency and accountability require organizations to be open about their data practices and take responsibility for compliance
• Balancing data utility and individual privacy involves finding an equilibrium between the benefits of data use and protecting individuals' rights

Incident Response and Recovery

• Preparation involves establishing an incident response plan, assembling a response team, and conducting regular training and simulations
• Identification and detection require monitoring systems for anomalies, investigating alerts, and determining the scope of the incident
• Containment aims to prevent further damage by isolating affected systems, blocking malicious traffic, and disabling compromised accounts
• Eradication and recovery involve removing malware, patching vulnerabilities, restoring systems from backups, and verifying the integrity of restored data
• Post-incident analysis examines the cause of the incident, assesses the effectiveness of the response, and identifies areas for improvement
• Reporting and communication ensure that relevant stakeholders, including management, legal, and public relations, are informed about the incident and its resolution
• Continuous improvement involves updating incident response plans, incorporating lessons learned, and adapting to evolving threats
• Business continuity and disaster recovery planning ensure that critical operations can continue during and after a cybersecurity incident

Future Trends and Challenges

• Artificial Intelligence (AI) and Machine Learning (ML) can enhance threat detection and response but also be used by attackers to create more sophisticated threats
• Internet of Things (IoT) devices expand the attack surface and introduce new vulnerabilities due to their limited security features
• Cloud computing presents challenges in data governance, access control, and shared responsibility for security between cloud providers and users
• Quantum computing may render current encryption methods obsolete, requiring the development of new, quantum-resistant cryptographic algorithms
• 5G networks offer faster speeds and lower latency but also introduce new security risks due to increased connectivity and the potential for more DDoS attacks
• Blockchain technology can enhance data integrity and transparency but also poses challenges in terms of privacy and scalability
• Zero-trust security models assume that no user or device should be automatically trusted, requiring continuous verification and least-privilege access
• Skill shortages in cybersecurity professionals create challenges in implementing and maintaining effective security measures, emphasizing the need for ongoing training and education