Course Introduction Flashcards
(ISC)2 Code of Ethics Preamble
The safety and welfare of society and the common good, duty to our principals, and to each other, requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior.
Therefore, strict adherence to this Code is a condition of certification.
(ISC)2 Code of Ethics Canons
The (ISC)2 member is expected to do the following:
- Protect society, the common good, necessary public trust and confidence, and the infrastructure.
- Act honorably, honestly, justly, responsibly, and legally.
- Provide diligent and competent service to principles.
- Advance and protect the profession.
Case Study: 1MDB
2009: Malaysia’s state investment fund, launched by PM Najib Rezak.
Western (Goldman Sachs, Deutsche Bank) and Middle-Eastern investors.
2015: financial audit discovered large sums going to PM’s personal account ($681 million).
2018: police confiscated luxury goods $275 million, cash and jewelry $30 million.
Sentence: 12 years in jail.
Case Study: British Airways
2018: breach of data from 430,000 customers and staff.
BA learned about it from a third party.
Full details never disclosed, but prevailing theory is that hackers loaded scripts on BA’s website and started collecting live data.
Fine £20 million.
Case Study: Marriott
Two breaches: 2020 and 2018.
In 2018 Marriott acquired Starwood chain, which just experienced data breach of 500 million guests (personal details, passports, even credit card data). Starwood’s network was hacked also in 2014, but discovered years later.
Case Study: Bank of Bangladesh
Attack tergeted SWIFT system (stolen SWIFT credentials).
01/2006: malware installed on bank’s systems.
02/2006: bank transfers initiated.
Attack detected due to print device error.
Many bank transfers stopped, but $81 million was stolen.
