Personal Privacy and Security: Threats, Solutions, and Ethical Conduct in IT Security Profession
VerifiedAdded on 2023/06/04
|20
|1848
|225
AI Summary
This group presentation covers personal privacy and security, how it is breached, and possible solutions. It also discusses organizational privacy and security, threats, and effects of breach. Additionally, it covers ethical conduct in IT security profession. The presentation cites various studies and researches to support the information presented.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Privacy and Security
Group presentation
Group presentation
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Personal Privacy and Security
• Personal privacy refers to the seclusion of an individual or information
about an individual from the public (Zhang, Sun, Zhu, & Fang, 2010).
• Privacy focuses on giving individuals more control of their personal
information.
• The level at which personal information is considered private depends
upon the individual person, laws, and policies, and culture and morality.
• Security refers to the protection of personal data from unauthorized
access.
• Security of personal data focuses more on ensuring the confidentiality,
availability, and integrity of personal data.
• Personal privacy refers to the seclusion of an individual or information
about an individual from the public (Zhang, Sun, Zhu, & Fang, 2010).
• Privacy focuses on giving individuals more control of their personal
information.
• The level at which personal information is considered private depends
upon the individual person, laws, and policies, and culture and morality.
• Security refers to the protection of personal data from unauthorized
access.
• Security of personal data focuses more on ensuring the confidentiality,
availability, and integrity of personal data.
How personal privacy and security is
breached
• Surveillance which infringes on personal private environment
especially in the workplace.
• Unauthorized dissemination of personal information to either the
public or to parties who are not authorized to get the information
(Baek, Kim, & Bae, 2014).
• Use of online cookies which store browsing data in a website and
user’s passwords.
• Replication of personal data/ Information without the owner’s
consent.
breached
• Surveillance which infringes on personal private environment
especially in the workplace.
• Unauthorized dissemination of personal information to either the
public or to parties who are not authorized to get the information
(Baek, Kim, & Bae, 2014).
• Use of online cookies which store browsing data in a website and
user’s passwords.
• Replication of personal data/ Information without the owner’s
consent.
• Cyber attacks which expose personal data.
• Masquerading which is where a person takes the identity of another
person.
• Participation in online surveys which have no reliable means of
ensuring privacy and security of personal data (Medaglia & Serbanati,
2010).
• Government agencies which tap communication lines and collect
personal data without informing the parties involved.
• Social media platforms which use personal data for purposes other
than the one in the privacy terms and conditions.
• Masquerading which is where a person takes the identity of another
person.
• Participation in online surveys which have no reliable means of
ensuring privacy and security of personal data (Medaglia & Serbanati,
2010).
• Government agencies which tap communication lines and collect
personal data without informing the parties involved.
• Social media platforms which use personal data for purposes other
than the one in the privacy terms and conditions.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Possible solutions
• At individual level a person can avoid posting sensitive personal
information in social media.
• Use of strong passwords which have a combination of alphabets,
numerals, and symbols for online personal accounts (Sicari, Rizzardi,
Grieco, & Coen-Porisini, 2015).
• Adopting ethical monitoring policies in the workplace in order to
avoid infringing on personal privacy.
• Notifying web users about the presence of cookies and displaying the
cookies policy so that they can opt to accept or reject to have the
cookies record their browsing history
• At individual level a person can avoid posting sensitive personal
information in social media.
• Use of strong passwords which have a combination of alphabets,
numerals, and symbols for online personal accounts (Sicari, Rizzardi,
Grieco, & Coen-Porisini, 2015).
• Adopting ethical monitoring policies in the workplace in order to
avoid infringing on personal privacy.
• Notifying web users about the presence of cookies and displaying the
cookies policy so that they can opt to accept or reject to have the
cookies record their browsing history
• Government legislations and policies that protect privacy of personal
information by restricting unauthorized exposure of personal data
without the owner’s consent.
• Use of copyrights and patents to protect individual intellectual
property from unauthorized duplication, this will ensure that no one
will use any intellectual property for commercial gains unless approve
by the owner (McDermid, 2015).
• Use artificial intelligence authentication techniques to prevent
masquerading.
information by restricting unauthorized exposure of personal data
without the owner’s consent.
• Use of copyrights and patents to protect individual intellectual
property from unauthorized duplication, this will ensure that no one
will use any intellectual property for commercial gains unless approve
by the owner (McDermid, 2015).
• Use artificial intelligence authentication techniques to prevent
masquerading.
Organizational privacy and security
• Organization privacy refers to the reservation of organizational affairs
within the organization.
• Organizational security refers to the protection of organization
information from cyber attack.
• Information is considered to be a strategic resource to many
organizations thus there is a need to guarantee its privacy and
security (Wall, Lowry, & Barlow, 2015).
• An organization handles very sensitive data, therefore, its privacy and
security also affect the privacy and security of its stakeholders such as
customers and suppliers.
• Organization privacy refers to the reservation of organizational affairs
within the organization.
• Organizational security refers to the protection of organization
information from cyber attack.
• Information is considered to be a strategic resource to many
organizations thus there is a need to guarantee its privacy and
security (Wall, Lowry, & Barlow, 2015).
• An organization handles very sensitive data, therefore, its privacy and
security also affect the privacy and security of its stakeholders such as
customers and suppliers.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Threats to organizational privacy
and security
• Eavesdropping- refers to the leakage of data to unauthorized entities
during transmission (Machanavajjhala & Reiter, 2012).
• Insider attack- refers to when individuals who are authorized to access
organizational system, use the information for purposes other than
the ones they are authorized to.
• Identity theft- refers to where an individual assumes the identity of
another individual and uses it cause harm to organization’s security
and privacy (Xu, jiang, Wang, Yuan, & Ren, 2014).
and security
• Eavesdropping- refers to the leakage of data to unauthorized entities
during transmission (Machanavajjhala & Reiter, 2012).
• Insider attack- refers to when individuals who are authorized to access
organizational system, use the information for purposes other than
the ones they are authorized to.
• Identity theft- refers to where an individual assumes the identity of
another individual and uses it cause harm to organization’s security
and privacy (Xu, jiang, Wang, Yuan, & Ren, 2014).
• Obstruction- refers to where an organizational system is interrupted
in its delivery of services, thus creating data vulnerability.
• Incapacitation- This is where an organization’s system is dissembled
from operating efficiently and effectively thus resulting to non-
availability of data which is a major security issue (Smith, Dinev, & Xu,
2011).
• Phishing- refers to taping organizational data while in the transmission
channel. The attackers mainly focus on getting authentication details
such as passwords or commercial details such credit cards details.
in its delivery of services, thus creating data vulnerability.
• Incapacitation- This is where an organization’s system is dissembled
from operating efficiently and effectively thus resulting to non-
availability of data which is a major security issue (Smith, Dinev, & Xu,
2011).
• Phishing- refers to taping organizational data while in the transmission
channel. The attackers mainly focus on getting authentication details
such as passwords or commercial details such credit cards details.
• Hacking- refers to intrusion into an organization’s information system
by a party who is not authorized to access the system. It is one of the
major threats to the security and privacy of organizations (Xu, jiang,
Wang, Yuan, & Ren, 2014).
• Virus attack- malicious codes that corrupts data and files. Mainly
done by attackers who want to destroy sensitive information.
• Denial of service attack (DOS)- This refers to creation of unnecessary
traffic in the system by an attacker in order to prevent some parts of
the system from working. It gives attackers a chance to penetrate the
system and leave without being noticed (Smith, Dinev, & Xu, 2011).
by a party who is not authorized to access the system. It is one of the
major threats to the security and privacy of organizations (Xu, jiang,
Wang, Yuan, & Ren, 2014).
• Virus attack- malicious codes that corrupts data and files. Mainly
done by attackers who want to destroy sensitive information.
• Denial of service attack (DOS)- This refers to creation of unnecessary
traffic in the system by an attacker in order to prevent some parts of
the system from working. It gives attackers a chance to penetrate the
system and leave without being noticed (Smith, Dinev, & Xu, 2011).
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Effects of organizational privacy and
security breach
• Distortion of information- refers to the corruption of information
integrity thus leading to unreliable information (Martin, Borah, &
Palmatier, 2017).
• Unavailability- inability of the authorized parties in an organization to
retrieve desired data whenever needed (Zissis & Lekkas, 2012).
• Exposure- this is where organization’s data is accessed by
unauthorized entities.
• Deception- this refers to the presentation of false information to
decision makers in an organization.
security breach
• Distortion of information- refers to the corruption of information
integrity thus leading to unreliable information (Martin, Borah, &
Palmatier, 2017).
• Unavailability- inability of the authorized parties in an organization to
retrieve desired data whenever needed (Zissis & Lekkas, 2012).
• Exposure- this is where organization’s data is accessed by
unauthorized entities.
• Deception- this refers to the presentation of false information to
decision makers in an organization.
continuation
• Injection of viruses into the organization’s system by malicious people
who gain access into the system. Such viruses may not be detected
instantly , therefore, they will become a long-term menace to the
organization.
• Loss of competitive advantage as a result of malfunction of the
organization’s information systems.
• Loss of customers’ trust especially to organization such as banks,
insurance companies, telecommunication service providers which
handle a lot of information about their customers.
• Injection of viruses into the organization’s system by malicious people
who gain access into the system. Such viruses may not be detected
instantly , therefore, they will become a long-term menace to the
organization.
• Loss of competitive advantage as a result of malfunction of the
organization’s information systems.
• Loss of customers’ trust especially to organization such as banks,
insurance companies, telecommunication service providers which
handle a lot of information about their customers.
Possible solutions
• Use of cryptographic encryption techniques such as private and public
keys to secure organizational data which is in channel/ on transit
(Kahate, 2013). The sender encodes the data using the private key
and the recipient decodes the data using a public key.
• Use of internet protocol version 6 (IPV6) to secure organizational
virtue local area networks. They restrict access by any device which is
not within the VLAN
• Use of firewalls to secure organization’s intranet from unauthorized
penetration from the world-wide web or the extranet .
• Use of cryptographic encryption techniques such as private and public
keys to secure organizational data which is in channel/ on transit
(Kahate, 2013). The sender encodes the data using the private key
and the recipient decodes the data using a public key.
• Use of internet protocol version 6 (IPV6) to secure organizational
virtue local area networks. They restrict access by any device which is
not within the VLAN
• Use of firewalls to secure organization’s intranet from unauthorized
penetration from the world-wide web or the extranet .
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
continuation
• Use of biometric enhanced security measures to secure databases to
guarantee authorized access only. They can include finger print
detectors, facial recognition, and retinal eye pattern detectors
(Medaglia & Serbanati, 2010).
• Adopting cloud computing to back-up organizational data.
• Use of biometric enhanced security measures to secure databases to
guarantee authorized access only.
• Adopting cloud computing to back-up organizational data, so that it
can be retrieved when the main server fails.
• Use of biometric enhanced security measures to secure databases to
guarantee authorized access only. They can include finger print
detectors, facial recognition, and retinal eye pattern detectors
(Medaglia & Serbanati, 2010).
• Adopting cloud computing to back-up organizational data.
• Use of biometric enhanced security measures to secure databases to
guarantee authorized access only.
• Adopting cloud computing to back-up organizational data, so that it
can be retrieved when the main server fails.
Ethical conduct in IT Security
profession
• Act in the interest of the security of society and their clients.
• Execute their duties in accordance with the law.
• Conduct themselves with high levels of integrity.
• Protect confidential information gained while executing their duties
and not to disclose it to third parties or use it for unauthorized
purposes (McDermid, 2015).
• Should not maliciously destroy the professional reputation of their
colleagues
profession
• Act in the interest of the security of society and their clients.
• Execute their duties in accordance with the law.
• Conduct themselves with high levels of integrity.
• Protect confidential information gained while executing their duties
and not to disclose it to third parties or use it for unauthorized
purposes (McDermid, 2015).
• Should not maliciously destroy the professional reputation of their
colleagues
Continuation
• IT security professionals should not use their position to blackmail the
organizations they work for or their clients.
• The professionals should ensure that they adhere to ICT security
standards when addressing ICT security issues. This will prevent
future reoccurrence of the security threat (McDermid, 2015).
• The professionals should not conspire to conducting of internal attack
to the organization’s system. They should, therefore, report any
suspicious security issue to the relevant parties.
• IT security professionals should not use their position to blackmail the
organizations they work for or their clients.
• The professionals should ensure that they adhere to ICT security
standards when addressing ICT security issues. This will prevent
future reoccurrence of the security threat (McDermid, 2015).
• The professionals should not conspire to conducting of internal attack
to the organization’s system. They should, therefore, report any
suspicious security issue to the relevant parties.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
References
Baek, Y. M., Kim, E. M., & Bae, Y. (2014). My privacy is okay, but theirs is
endangered: Why comparative optimism matters in online privacy
concerns. Computers in Human Behavior, 31, 48-56.
Kahate, A. (2013). Cryptography and network security. Tata McGraw- Hill
Education.
Machanavajjhala, A., & Reiter, J. P. (2012). Big privacy: protecting
confidentiality in big data. XRDS: Crossroads, The ACM Magazine for
Students, 19(1), 20-23.
Martin, K. D., Borah, A., & Palmatier, R. W. (2017). Data privacy: Effects
on customer and firm performance. Journal of Marketing, 81(1), 36-58.
Baek, Y. M., Kim, E. M., & Bae, Y. (2014). My privacy is okay, but theirs is
endangered: Why comparative optimism matters in online privacy
concerns. Computers in Human Behavior, 31, 48-56.
Kahate, A. (2013). Cryptography and network security. Tata McGraw- Hill
Education.
Machanavajjhala, A., & Reiter, J. P. (2012). Big privacy: protecting
confidentiality in big data. XRDS: Crossroads, The ACM Magazine for
Students, 19(1), 20-23.
Martin, K. D., Borah, A., & Palmatier, R. W. (2017). Data privacy: Effects
on customer and firm performance. Journal of Marketing, 81(1), 36-58.
McDermid, D. (2015). Ethics in ICT: an Australian perspective. Pearson
Higher Education AU.
Medaglia, C. M., & Serbanati, A. (2010). An overview of privacy and
security issues in the internet of things. In The Internet of
Things (pp. 389-395). Springer, New York, NY.
Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security,
privacy and trust in Internet of Things: The road
ahead. Computer networks, 76, 146-164.
Smith, H. J., Dinev, T., & Xu, H. (2011). Information privacy research: an
interdisciplinary review. MIS quarterly, 35(4), 989-1016.
Higher Education AU.
Medaglia, C. M., & Serbanati, A. (2010). An overview of privacy and
security issues in the internet of things. In The Internet of
Things (pp. 389-395). Springer, New York, NY.
Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security,
privacy and trust in Internet of Things: The road
ahead. Computer networks, 76, 146-164.
Smith, H. J., Dinev, T., & Xu, H. (2011). Information privacy research: an
interdisciplinary review. MIS quarterly, 35(4), 989-1016.
Wall, J., Lowry, P. B., & Barlow, J. B. (2015). Organizational violations of
externally governed privacy and security rules: Explaining and
predicting selective violations under conditions of strain and excess.
Xu, L., Jiang, C., Wang, J., Yuan, J., & Ren, Y. (2014). Information security
in big data: privacy and data mining. IEEE Access, 2, 1149-1176.
Zhang, C., Sun, J., Zhu, X., & Fang, Y. (2010). Privacy and security for
online social networks: challenges and opportunities. IEEE
network, 24(4).
externally governed privacy and security rules: Explaining and
predicting selective violations under conditions of strain and excess.
Xu, L., Jiang, C., Wang, J., Yuan, J., & Ren, Y. (2014). Information security
in big data: privacy and data mining. IEEE Access, 2, 1149-1176.
Zhang, C., Sun, J., Zhu, X., & Fang, Y. (2010). Privacy and security for
online social networks: challenges and opportunities. IEEE
network, 24(4).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security
issues. Future Generation computer systems, 28(3), 583-592.
issues. Future Generation computer systems, 28(3), 583-592.
1 out of 20
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.