Data Privacy
What is data privacy?
The ability of individuals to control their personal information.
What is spoofing ?
Spoofing is a bad actor that impersonate an email address
What year was the Jamaica Data Protection Act established and became effective?
The Jamaica Data Protection Act was established in 2020 and became effective December 2023.
First Data Protection Standard states......
Personal data shall be processed fairly and lawfully.
What is a data breach?
An unauthorized acquisition of data that compromises the security, confidentiality or integrity of personal information maintained by a data controller.
A privacy team composes of ....................
Legal counsel, first responders and business line leaders, Data Protection Officer, Chief Privacy Officer.
What does Cryptojacking mean?
It involves a computer or other devices to mine for cryptocurrencies. An attacker uses the computing power of the target's device to solve the complicated equations needed to generate digital currencies.
What does data controller mean?
A person or other entity appointed or responsible for the organization compliance with the data protection law.
Second standard states.........
personal data shall be obtained only for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with those purposes.
A data incident refers to.......................
An event that potentially compromises the confidentiality, integrity or availability of personal information.
What is data minimization?
Personal data collected, used and stored only when necessary for a specific purpose.
What is the difference between a Botnets and Trojan Horse?
A Botnets form a network of compromised devices connected to a central server to coordinate large, simultaneous attacks compared to trojan horse enters systems disguised as a normal file, tricks you into providing access to your system.
Who do you report a Data accident to?
The Data Protection Officer and the Data Controller.
Third standard refers to.......
personal data shall be adequate, relevant and limited to what is necessary for the purposes for which they are processed.
How long before you report a data breach?
72 hours
What is the principle of least privilege?
Employees handling personal data should follow this approach, ensuring they only access and process data necessary for their role.
what is keylogger?
Records the keystrokes that you make on the keyboard. It then stores this information and sends it to an attacker. An attacker can use recorded strokes to figure out passwords, usernames and payment details.
What does OIC do?
They are responsible for ensuring that organizations comply with the Data Protection Act in Jamaica.
Fourth standard applies to____________
Who controllers the data encryption?
system administrator or chief security team
What the legal bases for data processing?
Under data protection laws, companies must have a lawful basis for collecting personal data, including consent, contract or legal obligations.
What is the history of cybersecurity?
In the 1940s when the first computers were created. It evolved over time as technology advanced and cyber threats became more sophisticated.
What is difference between personal data and sensitive personal data?
Personal data is information stored relating to a living individual or an individual who has been deceased for less than thirty years compared to sensitive personal data means personal data consisting of genetic data or biometric data, filiation or racial or ethnic origins, members in any trade union.
Six standard indicates...............................
personal data shall be processed in accordance with the rights of data subjects under this ACT.
Data Information security refers to......................
practice of protecting digital information, like company data, from unauthorized access, corruption or theft throughout its lifecycle.