Apr 18, 2024  
2022-2023 College Catalog 
    
Catalog Navigation
  Catalog Home
  Message from the Chancellor
  Course Descriptions
  General Education Courses
  All Programs
  Admissions, Registration and Records
  Earning a Degree or Certificate
  Faculty
  Compliance Documents
HELP
2022-2023 College Catalog [ARCHIVED CATALOG]

CIS 227 - Cyber Law and Ethics

3 Credits, 3 Contact Hours
3 lecture periods 0 lab periods

Basic understanding of current cyber security laws and the ethical principles involved. Includes describing and evaluating the impact of various laws and regulations in an industry or business. Also includes the importance of policies, procedures, guidelines, and information classification; risk identification; evaluation and mitigation; and the role of compliance.

Recommendation: Completion of WRT 101  ,WRT 101S , WRT 101SE  or 107 before enrolling in this course, or concurrent enrollment. If any recommended course is taken, see a Financial Aid or Veteran’s Affairs advisor to determine funding eligibility as appropriate.
Gen-Ed: Meets AGEC-S Options requirement



Course Learning Outcomes
1.        Explain the ethical and legal ramifications of accessing, using, and manipulating data in today’s society.

2.        Implement examples of modern compliance in relation to NIST and other applicable standards, laws, and regulations.

3.        Apply ethical and moral behaviors when implementing and using information technology.

Outline:
  1. Principles of Ethics
    1. Ethical values in a digital world
    2. Ethical decision making
    3. Ethics as applied to the gathering and possession of information
    4. Ethical vs. unethical hacking
    5. Professional organizations
  2. Anti-Hacking Laws
    1. Computer Fraud and Abuse Act
    2. Origins of the CFAA
    3. Views of “Exceeds Authorized Access” and “Without Authorization”
    4. Sections of the CFAA
    5. Digital Millennium Copyright Act
    6. Cyberwarfare - The Tallinn Manual
  3. Business Impact
    1. Policies and procedures
    2. Information classification
    3. Technical baselines
    4. Risk management
    5. Internal and external training
    6. Cybersecurity legal standards and requirements applied to businesses and industries
    7. Tradeoffs and challenges balancing security and business need
  4. Compliance
    1. Sarbanes – Oxley
    2. Gramm – Leach – Bliley
    3. Privacy (COPPA) HIPAA / FERPA
    4. USA Patriot Act
    5. Americans with Disabilities Act, Section 508
    6. Payment Card Industry Data Security Standard (PCI DSS)
    7. European General Data Protection Regulation (GDPR)
    8. Other Federal laws and regulations
    9. State law and regulations
    10. Practical effects of compliance requirements
  5. State, US, and International Standards/Jurisdictions
    1. NIST
    2. ISO
    3. COBIT
    4. SABSA
    5. TOGAF
    6. ITIL
  6. Data Breach Response Management
    1. Internal management of data breach
    2. External management of data breach
    3. Ethical decisions and ramifications post data breach
    4. Data breach response plans