Law College 1 Techno-Legal Security For Information Assets Naavi August 29, 2003.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Travelers CyberRisk for Insurance Companies
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Section 6.3 Protecting Your Credit. Billing Errors and Disputes Notify your creditor in writing Notify your creditor in writing Pay the portion of the.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Cyber crime impact on Businesses Bogdan Manolea RITI dot-Gov.

1 © 2008 Venable LLP Top 5 Technology Legal Traps for Associations Venable LLP August 24, :45 AM – 12:00 PM ASAE Annual Meeting Los Angeles, CA.
Security Controls – What Works
Information Security Policies and Standards
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lecture 11 Reliability and Security in IT infrastructure.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
Steps to Compliance: Risk Assessment PRESENTED BY.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Mike Hager Enterprise Security Advisor Unisys Corporation It’s All About The Data.
General Awareness Training
Defining Security Issues
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Chapter 6 of the Executive Guide manual Technology.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
© Copyright 2011, Vorys, Sater, Seymour and Pease LLP. All Rights Reserved. Higher standards make better lawyers. ® CISO Executive Network Executive Breakfast.
Lesson 5-Legal Issues in Information Security. Overview U.S. criminal law. State laws. Laws of other countries. Issues with prosecution. Civil issues.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Insurance of the risk Policy covers & underwriting issues Stephen Ridley, Senior Development Underwriter.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.
Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Chap1: Is there a Security Problem in Computing?.
Energize Your Workflow! ©2006 Merge eMed. All Rights Reserved User Group Meeting “Energize Your Workflow” May 7-9, Security.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Incident Response November 2015 Navigating a Cybersecurity Incident.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Legal and Ethical Issues in Computer Security Csilla Farkas
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Security and Ethics Safeguards and Codes of Conduct.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.
Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.
Dino Tsibouris & Mehmet Munur Privacy and Information Security Laws and Updates.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
MIS323 – Business Telecommunications Chapter 10 Security.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
DATA PROTECTION AND RUNNING A COMPLIANT PUB WATCH SCHEME Nigel Connor Head of Legal –JD Wetherspoon PLC.
Web Database Security Session 12 & 13 Matakuliah: Web Database Tahun: 2008.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Contingency Management Indiana University of Pennsylvania John P. Draganosky.
Welcome to the ICT Department Unit 3_5 Security Policies.
Securing Information Systems
E&O Risk Management: Meeting the Challenge of Change
Information Security Awareness
Securing Information Systems
Chapter 3: IRS and FTC Data Security Rules
Cyber Issues Facing Medical Practice Managers
County HIPAA Review All Rights Reserved 2002.
Mohammad Alauthman Computer Security Mohammad Alauthman
Presentation transcript:

Law College 1 Techno-Legal Security For Information Assets Naavi August 29, 2003

Law College 2 Looking Deeper into the Concept of Security At Different Layers – Physical Layer – Network Layer – Application Layer – Document Layer

Law College 3 Looking Deeper into the Concept of Security..2 – Locks, Firewalls, Intrusion Detection Systems, Filter Applications – Authentication Systems Passwords, Smart Cards, Digital Signatures – Encryption – Backups/Disaster Recovery Systems

Law College 4 This is fine, But the Asset Owner has some questions…

Law College 5 Is Security Secure Enough?.

Law College 6 What if The Firewall Gives Way?

Law College 7 Is Data Back up Sufficient To Secure an Asset?.

Law College 8 When Security is Beached, What is lost? Data?..Or more than Data?

Law College 9 When Security is Breached…2 When displays a Terrorist Messagewww.yourcompany.com When leads to a porno sitewww.yourcompany.com When the Confidential files of the Company are circulating world over..

Law College 10 When Security is Breached..3 Backups can restore the data..but – Cannot restore the loss of image or loss of customer confidence – Cannot prevent legal liability if any

Law College 11 When Security is Breached..4 When your customer files a multi million rupee suit against your company for Breach of Confidentiality of Data When you receive a Copyright Infringement or Patent Infringement notice with multi crore damage No Backup can save you.

Law College 12 When Security is Breached..5 When obscene messages have been distributed from your Corporate network and the Police are after the CEO/CTO under Section 67 of ITA-2000, – No Backup can save you

Law College 13 When Security is Breached..6 When your customer refuses to acknowledge your notice – Digital Signature cannot save you

Law College 14 When Security is Breached..7 When Police are after your CTO for deleting the box of your employee who resigned last week and charge you under Section 65 of ITA-2000 – Your promptness could be a mistake

Law College 15 When Security is Breached..8 No Technical Security is Fool proof – When Technical Security is Breached We Need a Second Line of Defense

Law College 16 Total Security Concept First Line of Security is – When Your Information Asset is protected from Intruders using technological tools Technical Security

Law College 17 Total Security Concept..2 Second Line of Security is – Having a Legal Recourse When Intruders break the first line of security Legal Security Together, it is Techno- Legal Security

Law College 18 Total Security Concept..3 Third Line of Security is when – You get back what you have lost (nearly) Insurable Security In Combination, it is Total Security

Law College 19 We cannot reach the third line of security without setting up the second line of security.. Let’s Begin the process..Today

Law College 20 Law is Alien to Technologists But, – It is an inescapable reality – Has a community purpose Law may be an Ass – If you know how to harness it Law may be an angel Never Ignore Law, Learn to harness its positive potential

Law College 21 When Law Is Ignored Your Information Assets May be endangered even without an Intrusion

Law College 22 When Law Is Ignored.. If your Electronic Documents are not valid in law and you have proudly replaced paper backed systems to Electronic Document backed systems, – Your Cyber savvyness could become a disaster

Law College 23 Never Stop At Technical Security Always Think of Techno-Legal Security

Law College 24 Elements of Techno Legal Security ITA-2000 – Digital Contracts – Cyber Crimes Domain Name Regulations Copyright Laws Patent Laws Privacy Laws.

Law College 25 Elements of Techno Legal Security..2 ITA-2000 – What is a legally valid Electronic Document? – What is a legally valid Digital Signature? October October

Law College 26 Elements of Techno Legal Security..3 ITA-2000 – Cyber Crimes When done through a Corporate Network – Company and its executives may be held responsible – Damages can be upto 1 crore per victim in case of Virus Distribution !! – Even Malaysian Law may be applicable in Chennai!!

Law College 27 Domain Name Regulations Subject to Trademark Registrations in any corner of the Globe Subject to Timely renewals Subject to the rights of “Registrant” and “Administrative Contact” Subject to UDRP

Law College 28 Copyright Laws Subject to Global Laws DMCA Contributory Infringement

Law College 29 Patent Laws More than Patents said to affect E-Commerce Damocles Sword hanging over our head

Law College 30 Privacy Laws Subject to Strict EU laws – Could affect BPO operations – May result in liability

Law College 31 Steps in Techno Legal Security Undertake Cyber Law Compliancy Audit – Risk Assessment and Documentation Develop a Cyber Law Compliancy Manual Educate Employees on their Cyber Law Compliancy Role Initiate Corrective Actions, Review Periodically and Take Corrective Actions as required – Exercise Due Diligence Engage a Consultant to hedge Risks

Law College 32 Thank You Contact

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.