ethical disclosure of data breaches
play

ETHICAL DISCLOSURE OF DATA BREACHES COREY TODALEN WHAT IS A DATA - PowerPoint PPT Presentation

Oct 25, 2022 •566 likes •707 views

ETHICAL DISCLOSURE OF DATA BREACHES COREY TODALEN WHAT IS A DATA BREACH? The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the

  1. ETHICAL DISCLOSURE OF DATA BREACHES COREY TODALEN

  2. WHAT IS A DATA BREACH? • “The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.”

  3. • All 50 states and associated territories have some form of breach notification law • U.S. currently doesn’t have any federal WHAT DOES guidelines or laws THE LAW SAY? • California first to create legislation in 2002 • European Union enacted E-Privacy Directive in 2009

  4. FACEBOOK AND CAMBRIDGE ANALYTICA • Cambridge Analytica leaked 87 million Facebook users’ data • Data collected through personality quiz app and FB API • One of several major controversies during 2016 presidential election • Facebook fined 500k euros due to new E.U. GDPR guidelines

  5. • Breach lasted from May 2017 through July 2017 • Included SSNs, birthdates, home addresses, drivers licenses, and credit card numbers EQUIFAX • Attack leveraged unpatched vulnerability in Apache Struts web framework • In Feb. 2020 U.S. D.O.J. indicted several ranking members of Chinese military in association with the attack

  6. • In 2018 330 million users were notified that their passwords may have been compromised due to flaw in Twitter’s password hashing algorithm TWITTER • May 2019 Twitter got hacked again this time losing location data and browser histories • 2019 hack was due to third party cookies from Twitter ad partner

  7. • Breached in March 2019 leaking over 100 million customers’ data • Customers weren’t notified until July 2019 CAPITAL • Included names, addresses, birthdates and ONE financial data • Leak stemmed from misconfigured AWS S3 buckets

  8. CLINTON PRESIDENTIAL CAMPAIGN • In June 2016 CrowdStrike releases report of alleged DNC and Clinton campaign hack in early 2016 • Report revealed attack originated from the Russian intelligence agency and associated hacking group Fancy Bear • Attack used spearphishing tactics and Mimikatz to scope out DNC network • Also used X-Agent and X-Tunnel for data exfiltration • Lead to the indictment of 12 GRU officers in 2018

  9. • First formulation • Not disclosing a breach is a lie by omission • Prompt disclosure is required by law • Second formulation KANTIANISM • Obligated to inform consumers of data compromise • Not doing so implies a lack of respect for customers therefore using them as a means to an end

  10. • Prompt disclosure is the ethical move • Implies the company is acting ACT in good faith for the benefit UTILITARIANISM of everyone not just themselves • Not disclosing a breach fails the Utilitarian Calculus

  11. • In all 50 states prompt disclosure is required by law • Informing the public of a breach should RULE not be determined by pros and cons UTILITARIANISM • Disclosure should not be clouded by bias and any implied gain derived from keeping information from the public

  12. • The ideal virtuous person would inform the public of a data breach VIRTUE • Breaking a non-disclosure agreement when ETHICS it is in the public’s best interest is considered virtuous

  13. Thanks for coming to my Talk.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

https://xkcd.com/838/ Data Breaches This years study analyzed 524 breaches that occurred

https://xkcd.com/838/ Data Breaches This years study analyzed 524 breaches that occurred

https://xkcd.com/838/ Data Breaches This years study analyzed 524 breaches that occurred between August 2019 and April 2020, in organizations of all sizes, across 17 geographies and 17 industries. The 2020 Cost of a Data Breach

289 views • 17 slides
ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
Using Data from Breaches What is Users Level of Comfort? Sowmya Karunakaran, Google Let's start

Using Data from Breaches What is Users Level of Comfort? Sowmya Karunakaran, Google Let's start

SOUPS 2018 Using Data from Breaches What is Users Level of Comfort? Sowmya Karunakaran, Google Let's start with a pop quiz... Roughly, how many online accounts have been compromised through data breaches? 5,371,008,023 SOURCE:

1.03k views • 18 slides
Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US

Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US

Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US 142 privacy breaches in Alberta this year as of Aug 21 2019: https://www.oipc.ab.ca/decisions/breach-notification-decisions.aspx Digital Se Digital

78 views • 3 slides
Sid Shetye CEO & Founder sid@crypteron.com 858-342-1617 The Problem Data breaches 2

Sid Shetye CEO & Founder sid@crypteron.com 858-342-1617 The Problem Data breaches 2

1 Sid Shetye CEO & Founder sid@crypteron.com 858-342-1617 The Problem Data breaches 2 $$$ Compliance fines, Customer goodwill, Lawsuits, Lights out Basically, anyone building connected apps should be concerned Stages of a data

432 views • 15 slides
Responding to Skyrocketing Cyber Attacks Managing Risk, Responding to Breaches and OCR

Responding to Skyrocketing Cyber Attacks Managing Risk, Responding to Breaches and OCR

Presenting a live 90-minute webinar with interactive Q&A Data Breaches in Healthcare: Responding to Skyrocketing Cyber Attacks Managing Risk, Responding to Breaches and OCR Investigations, Minimizing HIPAA Liability THURSDAY, MARCH 24, 2016

795 views • 76 slides
GDPR Data Security and Breaches 10 December 2019 Newcastle | Leeds | Manchester 2 What we

GDPR Data Security and Breaches 10 December 2019 Newcastle | Leeds | Manchester 2 What we

GDPR Data Security and Breaches 10 December 2019 Newcastle | Leeds | Manchester 2 What we will look at today Technical and Organisational Security Handling data breaches Case law Newcastle | Leeds | Manchester 3 Data

929 views • 76 slides
DECLARATION OF CONFLICT OF INTEREST Disclosure: None Disclosure: None Independent study founded

DECLARATION OF CONFLICT OF INTEREST Disclosure: None Disclosure: None Independent study founded

DECLARATION OF CONFLICT OF INTEREST Disclosure: None Disclosure: None Independent study founded and performed within the Italian National Healthcare System. Approval by the relevant institutional ethical review boards, written informed

641 views • 21 slides
Geodemographics in a digital age: Ethical and data protection considerations CGG Seminar 2 nd

Geodemographics in a digital age: Ethical and data protection considerations CGG Seminar 2 nd

Geodemographics in a digital age: Ethical and data protection considerations CGG Seminar 2 nd May 2017 Dr. Michelle Goddard Director of Policy & Standards Complicated matrix of ethical and legal data protection requirements ePrivacy

103 views • 6 slides
Neutralize Data Breaches Using data-centric security on NonStop Prashanth Kamath U Sr. Product

Neutralize Data Breaches Using data-centric security on NonStop Prashanth Kamath U Sr. Product

Neutralize Data Breaches Using data-centric security on NonStop Prashanth Kamath U Sr. Product Manager NonStop Enterprise Division Forward-looking statements This is a rolling (up to three year) Roadmap and is subject to change without

400 views • 26 slides
Data Security Breaches: Problems And Solutions Steven C. Bennett With a combination of risk

Data Security Breaches: Problems And Solutions Steven C. Bennett With a combination of risk

Data Security Breaches: Problems And Solutions Steven C. Bennett With a combination of risk assessment, technical solutions, and stafg training, it is possible to keep data secure. InformatIon Is the new currency of commerce. Sensitive data,

380 views • 6 slides
Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond

Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond

Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond Daler Radjabov, Esq. NYCLA CLE Institute Todays topics CoronaVirus related scams How to secure your online identity How to protect your

514 views • 22 slides
Bank Claims for Target-Type Breaches: Leveraging Litigation Theories, Assessing and Pleading

Bank Claims for Target-Type Breaches: Leveraging Litigation Theories, Assessing and Pleading

Presenting a live 90-minute webinar with interactive Q&A Bank Claims for Target-Type Breaches: Leveraging Litigation Theories, Assessing and Pleading Damages Recovering Losses Due to Third-Party Data Breaches and Response Planning to Protect

946 views • 55 slides
Nowcasting Firm Performance and Data Breaches Using API Data Seth Gordon Benzell, Jonathan Hersh,

Nowcasting Firm Performance and Data Breaches Using API Data Seth Gordon Benzell, Jonathan Hersh,

Nowcasting Firm Performance and Data Breaches Using API Data Seth Gordon Benzell, Jonathan Hersh, Guillermo Lagarda & Marshall Van Alstyne MIT IDE, Chapman University, IADB, Boston University Funding by Accenture, Apigee & Mulesoft is

478 views • 33 slides
Mitigating D&O Liability Exposure for Data Privacy and Cybersecurity Breaches Reducing

Mitigating D&O Liability Exposure for Data Privacy and Cybersecurity Breaches Reducing

Presenting a live 90-minute webinar with interactive Q&A Mitigating D&O Liability Exposure for Data Privacy and Cybersecurity Breaches Reducing D&O Risk With Internal Controls, Insurance, and Indemnification; Defending Derivative

1.28k views • 79 slides
Law Firm Data Breaches and Legal Malpractice Risks Assessing Vulnerabilities, Defending

Law Firm Data Breaches and Legal Malpractice Risks Assessing Vulnerabilities, Defending

Presenting a live 90-minute webinar with interactive Q&A Law Firm Data Breaches and Legal Malpractice Risks Assessing Vulnerabilities, Defending Professional Liability Claims, Evaluating Insurance Coverage TUESDAY, MAY 3, 2016 1pm Eastern

942 views • 62 slides
IS GDPR GOOD OR BAD FOR BUSINESS? Paul Winters, Managing Director, CACI Ltd. 16 January 2018 1

IS GDPR GOOD OR BAD FOR BUSINESS? Paul Winters, Managing Director, CACI Ltd. 16 January 2018 1

IS GDPR GOOD OR BAD FOR BUSINESS? Paul Winters, Managing Director, CACI Ltd. 16 January 2018 1 CONTENTS 1. GDPR: Overview 2. Consent 3. Legitimate Interest 4. Profiling 5. e-Privacy Regulation 6. Summary David Brear, founder of 11FS

514 views • 25 slides
Fiscal Year 2016 Preparing the Budget Departments By Charter, the Mayor prepares the

Fiscal Year 2016 Preparing the Budget Departments By Charter, the Mayor prepares the

Fiscal Year 2016 Preparing the Budget Departments By Charter, the Mayor prepares the Submit requests for operations Budget The Mayor presents his Budget and enhancements The Finance Director and City proposal to the City Council

325 views • 30 slides
First results Escola de Bombers i Protecci Civil de Catalunya EFSCA, May 2018 Some data... on

First results Escola de Bombers i Protecci Civil de Catalunya EFSCA, May 2018 Some data... on

Volunteer Firefighters Basic Course First results Escola de Bombers i Protecci Civil de Catalunya EFSCA, May 2018 Some data... on Catalonia Population: 7.448.332 (2016) Area: 31.895 km Density: 233,53 hab/km Language:

681 views • 30 slides
Mayor Vacant Council Member Ward 1 Jake Fee Council Member Ward 2 Steve Erickson

Mayor Vacant Council Member Ward 1 Jake Fee Council Member Ward 2 Steve Erickson

* The City of Crookston was incorporated February 14, 1879 * Home Rule Charter City what does this mean: Home Rule Charter Cities can exercise any powers in their locally adopted Charters as long as they do not conflict with State laws.

748 views • 30 slides
and Investment Advisory Committee May 22, 2019 Public Agenda #1.1 Call Meeting to Reconvene the

and Investment Advisory Committee May 22, 2019 Public Agenda #1.1 Call Meeting to Reconvene the

2. Joint Meeting of the ERS Board of Trustees and Investment Advisory Committee May 22, 2019 Public Agenda #1.1 Call Meeting to Reconvene the Board of Trustees May 22, 2019 Public Agenda #1.2 Call Meeting of the Investment Advisory Committee

1.5k views • 122 slides
DataMap Roundtable October 2018 WELCOME! 9 New DataMap Districts for 2018-2019 School Year!!

DataMap Roundtable October 2018 WELCOME! 9 New DataMap Districts for 2018-2019 School Year!!

DataMap Roundtable October 2018 WELCOME! 9 New DataMap Districts for 2018-2019 School Year!! Copley-Fairlawn City Schools Cuyahoga Heights Local Schools Field Local Schools Mogadore Local Schools Tallmadge City Schools SMART Academy

754 views • 30 slides
Testing in Production Presented by: Talia Nassi WeWork

Testing in Production Presented by: Talia Nassi WeWork

T14 Agile Testing 2019-05-02 13:30 Testing in Production Presented by: Talia Nassi WeWork Brought

1.33k views • 80 slides
ESBN Presentation to the IGG Market Releases and Sundry Items Theresa ONeill 13 th May 2015

ESBN Presentation to the IGG Market Releases and Sundry Items Theresa ONeill 13 th May 2015

ESBN Presentation to the IGG Market Releases and Sundry Items Theresa ONeill 13 th May 2015 Vulnerable Customers We have gotten a lot of feedback from Suppliers , updates have been made , Thank You ESBN would like to run the final

458 views • 8 slides

More recommend