Ethics of Information Security has both a legal and ethical concept. The ethics of information systems, also known as information ethics or cyberethics, is a branch of ethics that examines the ethical implications of information. It considers the moral aspects of information as a resource, product, or target. On the other hand, IS security or…
Abuse of official positions and sexual harassment are both types of misconduct and abusive conduct. Abuse of an official position is when an official uses his/her powers and privileges for personal gain or to harm others, instead of by the law. A public servant is said to commit the offence of criminal misconduct in the…
Ethics and technology are dynamic and ever-changing, and the relationship between the two is complex. Technology ethics is the study of the moral implications and considerations of technology, from its development to its use. It involves analyzing the ethical dilemmas that arise from the application of technology in various fields. Therefore, ethics is the dynamic,…
Globally Banking ethics rely on rules and standards that govern the conduct of a bank and its employees, and the impact of the bank’s actions on society and the environment. Banks are running on strong foundations of following four ethical principles which help them to deal with ethical issues. Principles of Trust: The Principles of…
The word “ethics” is derived from the Greek word ethos (character), and the Latin word mores (customs). In the legal context, ethics defines how individuals choose to interact with one another. According to Aristotle Ethics is the study of character, habits, and virtues that can be acquired through practice that enables us to lead a…
Phishing is an e-mail-borne fraudulent attempt to obtain confidential information from the recipient such as usernames, passwords, and credit card details by disguising oneself as a reliable entity or downloading malware by clicking on a hyperlink in the message. Scammers impersonate legitimate organisations (banks, government agencies) through emails, SMS, or phone calls, contact people, and…
The Gopalakrishnan committee is a committee of experts on the concept of non-personal data (NPD) constituted by the Ministry of Electronics & Information Technology (MeitY). The stated goals for the committee were (i). To study various issues relating to non-personal data (NPD). (ii). to make specific suggestions for consideration of the Central Government on the…
IS security or information security refers to the protection of information systems against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users, that includes those measures necessary to detect, document, and counter such threats. It protects information, processes, and communication and protects…
Evaluation requirement for IT Security refers to the procedure of conducting regular reviews and checks of IT systems to ensure compliance with organizational security policies, standards, and procedures, as well as industry best practices. India has a few IT evaluation requirements, including Common Criteria (CC) Certification, Indian Common Criteria Certification Scheme (IC3S), IoT System Certification…
Computer audits, also known as IT audits, are important because they help organizations protect their information assets, ensure compliance with regulations, and improve the efficiency of their IT operations. The objective of computer control audits is to determine whether computer controls effectively support the confidentiality, integrity, and availability of information systems. Controls provide reasonable assurance…