Part 1:- Discussion (400 Words)
Discuss the following Supreme Court rulings:
- Supreme Court ruling on online sales tax
(Involving big changes in eCommerce)
- Supreme Court ruling on law enforcement to obtain a warrant for accessing cell phone records
(Involving the privacy of your cell phone data)
Analyze the episodes in this case including:(main Questions)(7 to 10 Pages)
- A brief discussion of what the issue or threat is and how it could affect the company
- What cyber security laws or compliance standards are affected
- What actions the company should take to mitigate the issue or decrease the potential threat
- Cite your sources in APA from reputable reference materials
Module Description: Guidelines such as Critical Security Controls provide details for securing digital services.Other regulations are emerging that address social media and access to electronic evidence.
- Read Legal Issues in Information Security, Second Edition Chapter 13 on information security governance https://stratford.icims.com/icims2/servlet/icims2?module=Root&action=login&hashed=-800485674
- Work through the information of Critical Security Controls http://www.sans.org/critical-security-controls
- Employer Access, Use and Regulations of Social Media http://www.certiphi.com/resource-center/compliance-services/employer-access-use–regulation-of-social-media/
- Social Media Background Checks
- States’ & Federal Password Privacy Laws
- SocialMedia Policies and the NLRB
- Laws Regulating Access to Electronic Evidence http://library.books24x7.com.ezp-01.lirn.net/assetviewer.aspx?bookid=69834&chunkid=371044723¬eMenuToggle=0&hitSectionMenuToggle=0&leftMenuState=1
- Protecting Cyber Networks Act (H.R. 1560) https://www.congress.gov/bill/114th-congress/house-bill/1560
- Review the law regulating eSignhttp://www.signinblue.com/Law/
Task 3: Analysis of Case Study on Regulating Information Security for the Company:
TransManuCo has asked for your help in dealing with securing their information while they remain within set regulations.
In order to do business efficiently and effectively the company uses eSign.However, they have concerns about the security of this especially with clients overseas.
According to the new Protecting Cyber Networks Act Sec. 103 “Permits private entities to monitor or operate defensive measures to prevent or mitigate cybersecurity threats or security vulnerabilities, or to identify the source of a threat, on: (1) their own information systems; and (2) with written authorization, the information systems of other private or government entities. Authorizes entities to conduct such activities on information that is stored on, processed by, or transiting such monitored systems.”Since this is a new act just passed by congress, the CEO of TransManuCo wants to be sure what the ramifications are for his company.With the increase in cyber attacks especially on companies such as his, he wants to take aggressive action to protect his information.
The HR department of TransManuCo needs assistance in dealing with issues that have surfaced surrounding social media.Since much of the work the company does is sensitive and secret, they have considered using social media background checks. However, they are unsure of the legalities.
The CEO and his immediate management team have concerns that as the company has grown rapidly, access to passwords and administrative privileges are too widespread. They would like to implement the Critical Security Control Regulations to help them get control of access to their systems and decrease vulnerabilities.
They are also concerned about wireless access from company employees traveling on business, especially overseas, whose computers become infected through remote exploitation during air travel. They believe this provides backdoor access to the network when the employees return to the main office and reconnect to the network.