2.6 Cyber security and the law
This section is part of the amber and green pathways.
Check what you’ve learned about cyber security and the law by completing this activity.
Activity 1 The law
a.
Computer Misuse Act
b.
Data Protection Act
c.
IPA
d.
Fraud Act
The correct answer is b.
b.
Yes, in failing to patch their software against a known vulnerability, the organisation has not taken adequate measures to secure the personal data of customers and therefore failed to meet its obligations under DPA.
a.
Computer Misuse Act
b.
Data Protection Act
c.
IPA
d.
Fraud Act
The correct answer is a.
a.
Yes, by gaining unauthorised access to a computer system the hacker would have committed an offence – illegal access to information – under this act.
Next, you’ll think about European laws and consider laws that apply in other countries.