User Account

All Pages

Identify which law or laws would have required opm to report

Assignment Help Business Law and Ethics
Reference no: EM133756685

Homework: Activity- Privacy Laws & Compliance Control

Overview

A major security breach that happened within the federal government is the Office of Personnel Management (OPM) data breach, which exposed a large amount of personally identifiable information (PII) of federal and state employees. The effects of this breach are still being explored, and the full extent is still not known. This breach has become an important learning experience. Examining laws that suggest controls to minimize the possibility of data breaches is a crucial part of developing an adversarial mindset and will help with future instances of data breaches. There are numerous articles and research papers on the OPM breach, but the article provided in the prompt explores the breach from the employee perspective and discusses the steps that could have been used to help minimize the possibility of a data breach.

The critical controls defined by the Center for Internet Security (CIS) are used as guidelines for processes that a company can incorporate for data security. The controls are used to determine compliance to a standard put forth by the organization. They are meant to be used as an adaptive tool that will allow an organization to evaluate compliance to a known risk-mitigation level.

You have been preparing for this homework by summarizing privacy laws and determining who is responsible for ensuring compliance to the law within an organization. It is important that you complete this homework in your own words. Express your own ideas on how the laws and controls can be applied to this breach. It is the responsibility of a security analyst to be able to explain breaches and the controls used to mitigate issues.

Listed below are the privacy laws you are familiar with and the critical controls you will be learning about to help you complete this activity.

1) Privacy Laws
2) Americans With Disabilities Act, Section 508
3) Cable Communications Policy Act (1984)
4) Census Confidentiality Act
5) Children's Internet Protection Act (CIPA)
6) Children's Online Privacy Protection Act (COPPA)
7) Computer Security Act
8) Driver's Privacy Protection Act (1994)
9) E-Government Act (2002)
10) Electronic Communications Privacy Act (1986)
11) Federal Information Security Management Act (FISMA)
12) Freedom of Information Act (1966)
13) Gramm-Leach-Bliley Act
14) Health Insurance Portability and Accountability Act (HIPAA)
15) Health Information Technology for Economic and Clinical Health (HITECH) Act
16) Mail Privacy Statute (1971)
17) Payment Card Industry Standards
18) Privacy Act (1974)
19) Red Flags Rule
20) Sarbanes-Oxley Act
21) State Data Breach Notification Laws
22) U.S. Constitution
23) USA Patriot Act
24) Wiretap Act (1968, Amended)
25) CIS Controls
26) Inventory and Control of Hardware Assets
27) Inventory and Control of Software Assets
28) Continuous Vulnerability Management
29) Controlled Use of Administrative Privileges
30) Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
31) Maintenance, Monitoring, and Analysis of Audit Logs
32) Email and Web Browser Protections
33) Malware Defenses
34) Limitation and Control of Network Ports, Protocols, and Services
35) Data Recovery Capabilities
36) Secure Configuration for Network Devices, such as Firewalls, Routers, and Switches
37) Boundary Defense
38) Data Protection
39) Controlled Access Based on the Need to Know
40) Wireless Access Control
41) Account Monitoring and Control
42) Implement a Security Awareness and Training Program
43) Application Software Security
44) Incident Response and Management
45) Penetration Tests and Red Team Exercises

Prompt

Before you begin working on this homework, read the article Inside the Cyberattack That Shocked the US Government and review the CIS Controls website. Then address the following:

1) Briefly summarize (in one to two paragraphs) the major issues with the OPM breach and how it occurred.

2) Select two of the privacy laws provided above and describe how they relate to the OPM breach.

3) Determine to what extent jurisdiction plays a role in the application of your selected laws.

4) Identify which law or laws would have required OPM to report their breach, and the steps the organization needs to take to report the issues.

5) Select four of the CIS controls provided above that could have been monitored to help minimize the possibility of the breach. Explain why monitoring these controls would have helped minimize the breach.

Reference no: EM133756685

Questions Cloud

What are aims relating to identified public health problem : What are the inputs? What resources will support the success of the strategic goal? What are the aims relating to the identified public health problem?
Identify respiratory dysfunction : Identify a respiratory dysfunction and its cause. Outline the key steps necessary to prevent the dysfunction and improve health status.
Regarding development of Mycoplasma pneumoniae : How does covid-19 vaccination verses no received vaccination difference regarding development of Mycoplasma pneumoniae up to six weeks post-recovery?
Improvement in the area of aerobic capacity : Result of a ten-year-old girl's health-related fitness (FITNESSGRAM) test indicates that she needs improvement in the area of aerobic capacity.
Identify which law or laws would have required opm to report : Identify which law or laws would have required OPM to report their breach, and the steps the organization needs to take to report the issues.
Enhancing patient engagement in heart failure : Enhancing Patient Engagement in Heart Failure Patients Through Weekly Targeted Education in Digital Patient Portal
Differentiate between adult hospital units and policies : Differentiate between adult hospital units and policies and pediatric units and policies in relation to schedules, play environments,
Explore the developmental stages of early childhood : ECE6012 Professional Practice, Victoria University - Explore the developmental stages of early childhood by visiting four informative links focused on Babies
Develop distinct goals for the strategic plan in community : How will you solicit or encourage people or organizations to support your initiative? Develop distinct goals for the strategic plan in the community.

Reviews

Write a Review

Business Law and Ethics Questions & Answers

  Legal environment of business caselet

The assignment in Law deals with the topic "Legal Environment of Business". A case study about Mary, a newly joined employee who is working in the USA and Europe. She faces few issues at her work place in Europe and tries to talk to her manager who s..

  Business ethics & legal issues caselet

This assignment is about the concept of Business Ethics & Legal Issues. The laws relating to these can be found in Antitrust laws. These laws are concerned with those large corporations which have a majority of market share, mergers and acquisitions.

  Questions on business law and ethics

Examples of securities that are exempted from the registration provisions of the 1933 Act and involving misstatement of material facts in a prospectus.

  Discuss the doctrine of ratification of pre-incorporation

With the aid of a decided cases, discuss the doctrine of ratification of pre-incorporation contract.

  Discuss the extent of phoenixing activity

It has been estimated that about 6,000 phoenix companies operate in Australia, costing government and the community hundreds of millions of dollars per year and impacting on individuals.

  Application of law to facts

Company Law, Application of Law to Facts and Conclusion.

  Question on business law and ethics

This assignment related to business law.

  Questions on business law

Answer all the questions under business law.

  Iidentify the issue raised by the facts

Iidentify the issue(s) raised by the facts, identify the relevant legal principles, apply the relevant legal principles to the facts, reach a conclusion.

  Evaluation of software development

Prepare a report and present an evaluation of the subsequent methodologies for software development in terms of cost, resources and time.

  Business value and ethics

Business value and ethics,  Bart agrees to put Sam's Super Bowl champion-ship autographed football in his sports store to sell for $1,500. Sam agrees to pay Bart a 15% commission for selling the ball. If Joe comes in the sports store and offers Bart ..

  Explain what is meant by income by ordinary concepts

Advise what tax consequences arise in respect of the payments.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd