LEGAL ISSUES IN INFORMATION SECURITY

Paper details:

Review the attached “TechFite Case Study” for information on the company being investigated. You should base your responses on this scenario.

Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. The similarity report that is provided when you submit your task can be used as a guide.

You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.

Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt).

A. Demonstrate your knowledge of application of the law by doing the following:

1. Explain how the Computer Fraud and Abuse Act and the Electronic Communications Privacy Act each specifically relate to the criminal activity described in the case study.

2. Explain how three laws, regulations, or legal cases apply in the justification of legal action based upon negligence described in the case study.

3. Discuss two instances in which duty of due care was lacking.

4. Describe how the Sarbanes-Oxley Act (SOX) applies to the case study.

B. Discuss legal theories by doing the following:

1. Explain how evidence in the case study supports claims of alleged criminal activity in TechFite.

a. Identify who committed the alleged criminal acts and who were the victims.

b. Explain how existing cybersecurity policies and procedures failed to prevent the alleged criminal activity.

2. Explain how evidence in the case study supports claims of alleged acts of negligence in TechFite.

a. Identify who was negligent and who were the victims.

b. Explain how existing cybersecurity policies and procedures failed to prevent the negligent practices.

C. Prepare a summary (suggested length of 1–2 paragraphs) directed to senior management that states the status of TechFite’s legal compliance.

D. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.

E. Demonstrate professional communication in the content and presentation of your submission.