Nov 30, 2021  
2021-2022 College Catalog 
    
2021-2022 College Catalog
Add to Portfolio (opens a new window)

CIS 227 - Cyber Law and Ethics

3 Credits, 3 Contact Hours
3 lecture periods 0 lab periods

Basic understanding of current cyber security laws and the ethical principles involved. Includes describing and evaluating the impact of various laws and regulations in an industry or business. Also includes the importance of policies, procedures, guidelines, and information classification; risk identification; evaluation and mitigation; and the role of compliance.

Recommendation: Completion of WRT 101  ,WRT 101S , or WRT 101SE  before enrolling in this course, or concurrent enrollment. If any recommended course is taken, see a Financial Aid or Veteran’s Affairs advisor to determine funding eligibility as appropriate.



Course Learning Outcomes
1.        Explain the ethical and legal ramifications of accessing, using, and manipulating data in today’s society.

2.        Implement examples of modern compliance in relation to NIST and other applicable standards, laws, and regulations.

3.        Apply ethical and moral behaviors when implementing and using information technology.


Outline:
  1. Principles of Ethics
    1. Ethical values in a digital world
    2. Ethical decision making
    3. Ethics as applied to the gathering and possession of information
    4. Ethical vs. unethical hacking
    5. Professional organizations
  2. Anti-Hacking Laws
    1. Computer Fraud and Abuse Act
    2. Origins of the CFAA
    3. Views of “Exceeds Authorized Access” and “Without Authorization”
    4. Sections of the CFAA
    5. Digital Millennium Copyright Act
    6. Cyberwarfare - The Tallinn Manual
  3. Business Impact
    1. Policies and procedures
    2. Information classification
    3. Technical baselines
    4. Risk management
    5. Internal and external training
    6. Cybersecurity legal standards and requirements applied to businesses and industries
    7. Tradeoffs and challenges balancing security and business need
  4. Compliance
    1. Sarbanes – Oxley
    2. Gramm – Leach – Bliley
    3. Privacy (COPPA) HIPAA / FERPA
    4. USA Patriot Act
    5. Americans with Disabilities Act, Section 508
    6. Payment Card Industry Data Security Standard (PCI DSS)
    7. European General Data Protection Regulation (GDPR)
    8. Other Federal laws and regulations
    9. State law and regulations
    10. Practical effects of compliance requirements
  5. State, US, and International Standards/Jurisdictions
    1. NIST
    2. ISO
    3. COBIT
    4. SABSA
    5. TOGAF
    6. ITIL
  6. Data Breach Response Management
    1. Internal management of data breach
    2. External management of data breach
    3. Ethical decisions and ramifications post data breach
    4. Data breach response plans


Effective Term:
Full Academic Year 2021-2022



Add to Portfolio (opens a new window)