it ethics

(InfoSec) information

Manages processes, tools, and policies to prevent, detect, document and counter threats.

white hat hacker vs Black hat hacker

White hat hackers: Legally hack into systems usually hired through a company

Black hat hacker: Illegally hacking

regular security audits

ensure policy compliance

information privacy

combination of communication privacy and and data privacy

fair information practices

designed for organizations to govern the collection and use of personal information. They aim to protect individuals' privacy rights while ensuring responsible data handling by organizations.

EU Data Protection Directive

similar to GDPR, first in the EU

gramm-leach-biley act (GLBA)

Guidlines for the collection and disclosure of personal financial information by financial institutions

Electronic communications privacy act

Protects your electronic communications (e.g emails,phones,text) without a warrant

USA PATRIOT act

It gives law enforcement the ability to eavesdrop and collect data for national security purposes, expanding surveillance capabilities to prevent

oecd. (organization for economic co-operation and development guidlines)

38 countries promoting responsible data management practices among member countries, economic growth, improvement in living standards

EU-U.S Privacy Shield

when EU and U.S. companies transfer personal data of EU citizens to the United States, ensuring adequate data protection standards.

Information privacy

the right of individuals to control the collection and use of their personal information. combination of communication + data privacy

privacy act

A law that regulates the collection, use, and dissemination of personal information by federal government agencies, ensuring individuals' privacy rights.

predective coding

An AI tool that can break down large amounts of data

name the differene

Child ONLINE protection act

Children INTERNET protection act

Communication decency act

Children online protection act: Prohibits the use of the Internet to harm minors and sets restrictions on websites that cater to children.

Children Internet Protection Act: Requires schools and libraries to adopt internet safety policies and filter content to protect children from harmful online content.

Communication decency act: child pornography protection

John doe lawsuit

A legal action that allows individuals to sue anonymously, often used in privacy-related cases to protect the identity of the plaintiff. + reveals internet users causing harm to an organization

WTO ( world trade organization)

helps the world trade with each other fairly and improves trade relations between countries.

General agreement on tariffs and trade (GATT/TRIPS)

Making international trade cheaper, fair and less restricted

open-source

edible programming codes (e.g java and python)

competitive intelligence

gathering and analysis of information about competitors to enhance a company's strategic position in the market.

industrial espoinage.

collecting confidential information about competitors illegally or through unethical means, often to gain a business advantage.

cyber espoinage

Tusing technology to gain unauthorized access to confidential information held by individuals or organizations, often for political or economic gain.

Black box, White box, static testing, Unit testing

Black box testing: Testing the software from the user's perspective only concerned with how it looks from the user perspective

white box: what going on internally in software or code ( e.g learning chat GPT by learning how it coded )

Static testing: instead of running the code, you examine it to identify any issues before executing the code

unit testing: The process of testing individual components or modules of software to ensure they work correctly in isolation, often conducted by developers.

interrogation testing: testing units that are combined that already went through integration testing: evaluating the interactions between combined units to verify that they function together as intended.

user acceptance testing

testing if a program is satisfactory for end users, ensuring it meets their needs and requirements before final deployment.

ISO9000

guidelines for quality management

ISO9001

specific rules to get certified in quality management