Regulating and Managing Information Technology

Chapter 12
Regulating and Managing Information Technology
Copyright 2017 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of
McGraw-Hill Education.
Ch. 12: Key Learning Objectives
Understanding why management and regulation of
information technology is a challenge for governments and
businesses.
Identifying the various information technology interventions
undertaken by governments.
Examining challenges businesses face in managing
information about key stakeholders, including employees and
customers.
Knowing the causes and partial remedies to the problem of
cybercrime.
Assessing the emerging role and responsibilities of the
organizations chief information officer and organizational
functions responsible to ensure information security and
privacy.
Identifying international and national governments efforts to
combat cybercrime.
Copyright 2017 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of12-2
Information Technology Challenges
for Governments and Businesses
While scientists and technicians keep technology
moving quickly, governments must try to keep
pace, ensuring that the public is protected.
One of the major obstacles to achieving the right
balance between the enjoying the benefits of
information technology and controlling its
potential threats is that government and business
often do not understand each other very well.
Cooperation will be necessary if society is to able to reap the
full benefits of technology without threat to peoples security
and safety.
Government Interventions of
Information and Ideas
In some countries, particularly

in non-democratic regimes,
governments censor and
restrict citizen access to
information.
In democratic countries, the
role of government is more
likely to look out for the public
good and protect intellectual
propertythat is, the private
ownership of certain kinds of
information.
Government Internet Censorship and
Control
China
The Chinese government operates one of the most sophisticated
systems of Internet censorship in the world.
It requires all China-based Web sites and blogs to register with
the government and blocks access to many kinds of information.
Passed new rules requiring Internet users:
To provide their real names to service providers
Required all Chinese video-streaming sites to receive approval
from Chinas top broadcasting regulator or have the content
banned
In 2015, Chinese Internet companies deleted tens of thousands of
user accounts based on new rules that increased government
control over online disclosure.
According to the Chinese government, many of these deletions
were based on misleading or harmful usernames.
Government Internet Censorship and Control
Pakistan
The Pakistani government broadened an existing ban on social
networking sites to include YouTube, some Flickr and Wikipedia sites, and
about 450 individual Web pages
Because of what it described as growing sacrilegious content.
Iran
Since 2009, after contentious presidential elections that pitted various
religious groups against each other, the elected Iranian government
banned Facebook, Twitter and YouTube, and later Instagram
stop the spread of the decadent Western culture.
North Korea
North Korea is one of the worlds most recognized censors of the Internet
But its government made an unprecedented move in 2013 when it
allowed Internet searches on mobile devices and laptops by
foreigners--but not by its citizens.
Government Internet Censorship and
Control
Governments intervened to
restrict their citizens
access to information and
various Internet and social
media sites
To suppress political dissent
To impose particular religious or
ideological views
Government Acquisition of Information
to Protect the Public Good
Does the government

protect individuals right
to personal information?
Does the government
acquire massive amount
of personal information,
often held by technology
or social media
companies, to protect
the public?
Government Protecting
Individuals Rights and Property
Governments have stepped in to protect

individuals and their personal information.
Right to be forgotten: Ask to remove from internet
search results some personal information which is
believed was damaging.
Governments have protected individuals and
companies ideas-their intellectual property.
Intellectual property: The ideas, concepts, and other
symbolic creations of the human mind
Protected through a number of special laws and public
policies, including copyrights, patents, and trademark
laws
Software piracy: The illegal copying of copyrighted
software
Top 10 Countries by Percentage of Users
Using Unlicensed Software, 2013
Figure 12.1
12-10
Government Protecting Individuals Rights
and Property
In 1998, the United States

passed Digital Millennium
Copyright Act
making it a crime to circumvent
antipiracy measures built into most
commercial software agreements
between the manufacturers and their
users.
Governments have placed the
public good ahead of
individuals rights or placed
their own protection of power
ahead of their citizenry.
12-11
Business Access to and Use of
Confidential Information
Big data: Technology

gives businesses access to
a great deal of
information.
Managers often find that
their strong attraction to
using big data can be at
odds with the protection of
individuals rights to their
own information.
12-12
Access to Stakeholders Personal Information
Two major market stakeholders targeted by business

organizations for the collection of information:
Employees
Consumers
Most state governments ruled that businesses have the
right to monitor their employees at work.
Businesses need to ensure that the time employees spend on the job is
productive, since wasting time can result in significant economic losses.
Consumers shopping habits are also a rich source of
data for businesses.
Companies tracking big data, sometimes called meta-data, can pick out
specific details about an individuals shopping habits, preferences or
tendencies.
12-13
Access to Stakeholders Personal Information
Arguments:
How much information companies
should collect about their stakeholders
and whether the collection of
stakeholders information benefits
these stakeholders or not remain
controversial?
Whether businesses have adequately

built protections against unwanted
invasions of stakeholder privacy and
breaches of information security
remain to be seen.
12-14
Special Issue: Cybercrime - A Threat to Organizations and the
Public
Cybercrime: criminal activity done using computers

and the Internet
Examples:
Anything from downloading illegal music files to stealing millions of
dollars from online bank accounts
Non-monetary offenses, such as creating and distributing viruses on
other computers
Posting confidential business information on the Internet
Committed by individuals or groups gaining
unauthorized access to a business organization through
its computer system
Hackers: Individuals, acting alone or in groups often with advanced
technology training, who, for thrill or profit, breach a businesss
information security system.
12-15
Special Issue: Cybercrime - A Threat to Organizations and
the Public
A new threat emerged on the

scene in the 2010s for security
experts to confront hacktivists.
Hacktivists: individuals or groups who

hack into government or corporate
computer networks and then release
information to try to embarrass the
organizations or gain leverage against
the organizations.
Example: Anonymous, a loosely
associated international network of
hacktivists easily distinguished by the
type of masks they wore.
A stylized face with an over-sized
smile and red cheeks, a wide
moustache upturned at both ends,
and a thin vertical pointed beard.
12-16
Costs of Cybercrime
According to a study by the Ponemon Institute,
the cost of cybercrime per U.S. business
organization was $12.7 million in 2014, a 9.3
percent increase from the prior year.
The study concluded by noting that the volume
of cyberattacks was increasing, with 138 attacks
during a single week in 2014.
Companies were struggling with their capabilities
to keep up with criminals when it came to cyber-
risk management.
As more and more highly visible breaches occurred with
growing regularity, most technology executives believed that
they were losing ground to cyberattackers.
12-17
Center for Strategic and
International Studies (CSIS)
Considered criminal activity focusing on:

Intellectual property loss
The loss of sensitive business in formation
Opportunity costs associated the service
disruptions and reduced trust toward online
activity with that business organization
The additional costs of securing networks,
acquiring additional insurance, and developing
recovery plans to recuperate from cyberattacks
Reputational damage to the hacked company-all
considered in the cost of cybercrime
12-18
Why Do Hackers Hack?
Figure 12.2
12-19
Exploring Why Hackers Hack
The hackers motivation to profit from her or
his computer skills and willingness to break
the law for payment.
The hackers are politically motivated.
Hack to gain media attention.
Hack to raise public awareness.
White hatters: individuals employed by businesses or
governments to hack their systems deliberately to
discover possible vulnerabilities of their own systems.
Grey hatters: hackers working on their own, often
seeking media attention, but inclined to share their
hacking exploits with the businesses they hacked in the
expectation that the firm will pay them for the
information.
12-20
Business Responses to
Invasions of Information Security
Many businesses have gone to great lengths to

build strong defenses to protect information and
ensure stakeholder privacy.
Experts encourage companies to develop an
incident-response plan for cyberattacks.
These plans compliment the effort to prevent access to
information but also focuses on what to do when a breach
occurs.
Reduce criminal intrusion of their sites by
paying hackers, often called white hatters.
Businesses use the white hatters computer skills to identify
weaknesses in the companys information systems.
12-21
The Chief Information,
Security, Technology Officer
Businesses often entrust

the responsibility for
managing information
technology and its many
privacy and security
issues to the chief
information officer (CIO)
Or, individuals with similar
titles: chief security officer or
chief technology officer.
12-22
The Roles and Responsibilities of the
Chief Information Officer (CIO)
Figure 12.3
12-23
Government Efforts to Combat Cybercrime
Since 2007, representatives from the
United States and dozens of European
countries have gathered annually for
what is known as Data Privacy Day,
held annually on January 28th
To raise awareness and empower people to
protect their privacy, control their digital
footprint, and escalate the protection of privacy
and data as everyones priority.
Leaders of the North Atlantic Treaty
Organization (NATO) ratified a change
in the organizations mission of
collective defense.
12-24
Government Efforts to Combat Cybercrime
The United States took a number of
measures to establish a system of
voluntary cybersecurity standards.
In 2013, a federal government-led group
partnered with the private sector to improve
information sharing and bolster existing
cybersecurity regulations.
In 2015, the U.S. federal government opened a
new center to more quickly assess and deter
cyberattacks on the United States.
Additional coordinated efforts by
international governmental agencies
are needed to better ensure that the
threat of cyberattacks.
12-25

Regulating and Managing Information Technology

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Regulating and Managing Information Technology

Caricato da

Copyright:

Formati disponibili

Chapter 12

Regulating and Managing Information Technology

In some countries, particularly

Does the government

Governments have stepped in to protect

In 1998, the United States

Big data: Technology

Two major market stakeholders targeted by business

Whether businesses have adequately

Cybercrime: criminal activity done using computers

A new threat emerged on the

Hacktivists: individuals or groups who

Considered criminal activity focusing on:

Many businesses have gone to great lengths to

Businesses often entrust

Potrebbero piacerti anche