CHAPTER 1 MORAL CODE set of rules establishes boundaries of generally accepted behavior different rules often have contradictions MORALITY social conventions about right and wrong widely shared MORALITY MAY VARY BY: age cultural group ethnic background religion gender ETHICS set of beliefs about right and wrong behavior ETHICAL BEHAVIOR conforms to generally accepted social norms VIRTUES habits that incline people to do what is acceptable VICES habits of unacceptable behavior BRIBES made in secret, neither legally nor morally acceptable often made indirectly through a third party encourage an obligation for recipient to act favorably toward the donor PROFESSIONAL ETHICS plays a crucial role in the CS profession defines the standards and conduct expected from company secretaries ensures: integrity credibility transparency trustworthiness responsible decision-making COMPUTER ETHICS field of applied ethics addresses ethical issues in use, design and management of IT and in formulation of ethical policies for its regulation in society COMPUTER PROFESSIONALS have ethical obligations to clients, employers, other professionals, and the public, in fulfilling their professional responsibilities PROFESSIONAL RELATIONSHIPS THAT MUST BE MANAGED client supervisor employer some of developers CS users JOBS FOR CS PROFESSION 1. AI ENGINEER create computer systems that can do the tasks humans would otherwise do. GIFTS made openly and publicly as a gesture of friendship or good will 2. INFORMATION SECURITY ANALYST requires you to ensure computer network security. made directly from donor to recipient 3. IT PROJECT MANAGER leads a team of computer professionals in projects from conception to completion. 4. SOFTWARE DEVELOPER/ENGINEER design, develop, maintain software applications. involves programming, debugging, and collaborating with other team members to create functional and efficient software solutions. come with no expectation of a future favor for the donor SOCIAL AUDIT identifies ethical lapses committed in the past sets directives for avoiding similar missteps in the future THEORIES FOR ETHICAL DECISION MAKING APPROACH PRINCIPLE (ETHICAL CHOICE) Virtue Ethics Approach best reflects moral virtues in yourself and your community Utilitarian Approach produces the greatest excess of benefits over harm Fairness Approach treats everyone the same and shows no favoritism or discrimination Common Good Approach advances the common good CHAPTER 2 CS PROFESSIONAL SUITE most comprehensive line of integrated software and services available to tax and accounting professionals 5. SYSTEMS ANALYST analyze and improve computer systems for organizations. work to understand user requirements, design efficient systems, and ensure that technology solutions align with business goals. POSSIBLE CAREERS – CS DEGREE web developer software engineering data scientist computer engineering computer programmer IT security analyst database administrator game designer ARE CS WORKERS PROFESSIONALS? CS workers are considered professionals. RELATIONSHIPS BETWEEN CS PROFESSIONALS AND EMPLOYERS a critical aspect of the working environment. Effective management of this relationship is crucial for both individual career development and the success of the organization. should have a clear understanding of expectations. This includes job responsibilities, project goals, performance metrics, and any other relevant criteria. Clear communication at the beginning of employment helps establish a foundation for a successful working relationship. should work together to identify opportunities for professional growth. Employers can support their staff by providing training, resources, and opportunities for skill development. CS professionals, on the other hand, can express their career goals and actively seek out learning opportunities that align with the organization's needs. PERFORMANCE EVALUATION evaluations to assess the contributions of CS professionals constructive feedback during these evaluations helps professionals understand areas for improvement and reinforces positive contributions regular performance reviews contribute to the professional development of individuals and the overall success of the team ETHICAL CONSIDERATIONS CS professionals are expected to adhere to ethical standards in their work. employers should establish a culture that promotes ethical behavior and provides guidance on navigating ethical dilemmas. CS professionals are responsible for upholding these ethical standards in their daily activities. COMMON ETHICAL ISSUES 1. PRIVACY CONCERNS DATA PRIVACY: handling and protecting user data responsibly. SURVEILLANCE: balancing the use of observation to technologies with individual privacy rights. 2. ARTIFICIAL INTELLIGENCE ETHICS AUTONOMOUS SYSTEMS: ensuring ethical behavior in AI systems, particularly in critical applications like autonomous vehicles and healthcare. 3. SECURITY CYBERSECURITY: developing protecting against cyber threats. secure systems and ETHICAL HACKING: conducting ethical hacking without violating laws or privacy. CHAPTER 3 TYPES OF ATTACKS 1. VIRUS pieces of programming code usually disguised as something else and can cause unexpected, usually undesirable events often attached to files, deliver a “payload” does not spread itself from computer to computer 2. 3. 4. WORMS harmful programs that duplicate themselves negative impact of virus or worm attack TROJAN HORSES programs that a hacker secretly installs users are tricked into installing it, logic bomb DENIAL-OF-SERVICE (DOS) ATTACKS malicious hacker takes over computers on the Internet and cause them to flood a target site with demands for data and other small tasks computers taken over are called ZOMBIES does not involve a break-in at the target computer a. INGRESS FILTERING: ISPs prevent incoming packets with false IP addresses from being passed on b. EGRESS FILTERING: ensuring spoofed packets don’t leave a network PERPETRATORS 1. HACKERS test limitations of systems out of intellectual curiosity 2. 3. 4. 5. 6. CRACKERS cracking is a form of hacking clearly criminal activity INDUSTRIAL SPIES illegally obtain trade secrets from competitors MALICIOUS INSIDERS due to weaknesses in internal control procedures INSIDERS are not necessarily employees CYBERCRIMINAL hack into corporate computers and steal engage in all forms of computer fraud CYBERTERRORISTS intimidate governments to advance political/social objectives SECURITY POLICY organization’s security requirements controls and sanctions needed to meet the requirements CHAPTER 4 RIGHT TO PRIVACY right of individuals to control their personal information and decide how it is gathered, used, and shared, the right use of ICT. HISTORY OF PRIVACY PROTECTION 1. COMMUNICATION ACT OF 1934 combined and organized federal regulation of telephone, telegraph, and radio communications. TWO CATEGORIES OF IDENTITY THEFT 1. TRUE-NAME IDENTITY THEFT thief uses PII to open new accounts 2. 2. 3. FREEDOM OF INFORMATION ACT (FOIA) gives any person the right to request access to records of the Executive Branch of the United States Government. FAIR CREDIT REPORTING ACT OF 1970 regulates the collection of consumers' credit information and access to their credit reports. LAWS FOR ELECTRONIC SURVEILLANCE 1. FEDERAL WIRETAP ACT outlines processes to obtain court authorization surveillance of all kinds of electronic communications 2. IDENTITY THEFT TECHNIQUES 1. DUMPSTER DIVING retrieving personal paperwork and discarded mail from dumpsters 2. PHISHING involves using email to trick people into offering up their PII PHISHING EMAILS might contain malicious attachments designed to steal PII or links to fraudulent websites where people are prompted to enter their information. 3. SPYWARE malicious software that enters a user's computer, gathers data from the device and user, and sends it to third parties without their consent for EXECUTIVE ORDER 12333 legal authority for electronic surveillance outside the US DATA ENCRYPTION security method that translates data into a code, or cipher text can only be read by people with access to a secret key or password CRYPTOGRAPHY process of encoding information, only sender and intended receiver can understand it. key tool for ensuring confidentiality, integrity, authenticity of electronic messages and online business transactions. ENCRYPTION process of converting electronic information or signals into a secret code that hides the information's true meaning. PUBLIC KEY ENCRYPTION method of encrypting or signing data with two different keys and making one of the keys, the public key, available for anyone to use. PRIVATE KEY ENCRYPTION cryptographic techniques that use the same key for encryption and decryption IDENTITY THEFT also known as ‘Identity Fraud’ crime that occurs when someone steals another person’s personal information and credentials used mostly for monetary gain. EXAMPLES OF IDENTITY THEFT Financial identity theft Child identity theft Tax-related identity theft Senior identity theft Medical identity theft Identity cloning for concealment Criminal identity theft Synthetic identity theft ACCOUNT-TAKEOVER IDENTITY THEFT imposter uses PII to gain access to person's existing accounts LAWS PROTECTING AGAINST IDENTITY THEFT 1. CYBERCRIME PREVENTION ACT OF 2012 (RA NO. 10175) the act recognizes the far-reaching implications of crimes committed on the internet or through computer systems 2. DATA PRIVACY ACT OF 2012 (RA 10173) aims to protect personal data in information and communications systems both in the government and the private sector CONSUMER PROFILING marketing method that collects and analyzes customer data to make a detailed picture of their typical customer. COOKIE: piece of data from a website that is stored within a web browser that the website can retrieve at a later time. AFFILIATED WEBSITES: group of websites served by a single advertising network. TYPES OF DATA COLLECTED WHILE SURFING THE WEB 1. GET data 2. POST data 3. Click-stream data EMPLOYERS MONITOR WORKERS ensure that corporate IT usage policies are followed SPAMMING use of messaging systems to send multiple unsolicited messages to large numbers of recipients
