Employees must be trained and kept aware of topics related to information security, not the least of which is the expected behaviors of an ethical employee. This is especially important in information security, as many employees may not have the formal technical training to understand that their behavior is unethical or even illegal. It is the responsibility of information security personnel to do everything in their power to deter illegal, immoral, or unethical behavior and to use policy, education and training, and technology to protect information and systems. Three general causes of unethical and illegal behavior are ignorance, accident, and intent. Deterrence is the best method for preventing illegal or unethical activity. Laws, policies, and technical controls are all examples of deterrents. Laws and policies and their associated penalties only deter if three conditions are present: fear of penalty , probability of being apprehended , and the probability of penalty being applied . Many professional organizations have established codes of conduct or codes of ethics that members are expected to follow.

Module 3 Video

Case Assignment

Discuss and prepare tables to compare the following certifications: Certified Information Systems Security Professional (CISSP), HealthCare Information Security and Privacy Practitioner (HCISPP), Certified Cyber Security Forensics Analyst (CSFA), Certified Secure Software Lifecycle Professional (CSSLP) certification. Use the Internet to identify the ethical rules that holders of each certification have agreed to follow. Also determine the knowledge requirements for each of these certifications.

Assignment Expectations

You will be assessed on your comparison of the certifications in terms of their knowledge requirements, ethical rules, and effectiveness for the individual in terms of future employment.

You are required to make effective and appropriate use of in-text citations to the assigned readings and other source material to support your arguments. Please use the Trident APA 7 Guide at https://careered.libguides.com/tui/library/apa for proper formatting and style.

Module 3 – Resources

Security Laws and Standards

Required Reading

(2022) Cybersecurity 101: Auditing & Incident Response. Course. 1st half of course. Finding Skillsoft Books

(2022). Cybersecurity Awareness: Exposure to Security Risks. 1st half of course. Finding Skillsoft Books

De Freminville, Marie (2020). Cybersecurity and Decision Makers: Data Security and Digital Trust, Wiley Chapter 2 and 3. Finding Skillsoft Books

Moschovitis, C. (2021). Privacy, Regulations, and Cybersecurity: The Essential Business Guide. Wiley-VCH. Chapters 1 – 3. Finding Skillsoft Books

Schreider, T. and Noakes-Fry, K. (2020). Cybersecurity Law, Standards and Regulations, 2nd Edition. Rothstein Publishing. Chapters 1 – 3. Finding Skillsoft Books

Optional Reading

Harris, S., & Maymi, F. (2018). CISSP all-in-one exam guide, seventh edition, 8th edition (7th ed.) McGraw-Hill, Chapter 1. Finding Skillsoft Books

Gregory, P. H. (07/24/2019). CISM® : Certified information security manager practice exams McGraw-Hill. Chapter 2

Read Chapters 10 to 12 Andress, Jason and Winterfeld, Steve (2014). Cyber warefare: Techniques, tactics and tools for security practitioners. Syngress, Waltham, Ma. (ISBN: 9780124166721). Available in the Trident Online Library.

Read Chapters 8, 9, 10 Chappel, M. Ballad, B., Balad, T. and Bnks, E.K. (2014). Access control, authentication, and public key infrastructure. Jones and Barlett Learning, 2nd Edition

Read chapters 19 – 23 Dordal, Peter L. (2017). An introduction to computer networks . Book under Creative Commons

Chapters 4 and 5 Gordon, A. (2015). Official (ISC)2 guide to the CISSP CBK, Fourth Edition, CRC Press.

Read Chapter 3 Risk management for enterprises and individuals (2017) Book under Creative Commons

We can handle this paper for you

We Guarantee ZERO Plagiarism ZERO AI

Done by Professional writers from scratch