微信客服:xiaoxionga100
微信客服:ITCS521
CYBR7003-无代写
时间:2024-08-30
1
CYBR7003
Assessment Item 1
Legal perspectives in cyber security
Due Date: 2 September 2024 before 14:00
Weight: 30%
Not more than 2,500 words
You are required to research and write an essay in relation to a legal issue that arises in a
business context in relation to cybersecurity.
Five essay questions are set out below. You can select one of these five questions.
At a minimum, your essay should demonstrate what legal issues you have learnt in class and
from the readings you have done (including, where relevant, the mandatory and optional
readings provided via reading lists in BlackBoard.)
There is guidance to assist you at the end of this document.
Please make sure to include your name, student number and the Essay number (e.g. Essay
01, Essay 02, etc) on the first page of your paper.
Essay 01
What is the Australian notifiable data breach regime and why do we have it? What are the
positive and the negative aspects of the notifiable data breach regime? What
recommendations do you have to change the Australian notifiable data breach regime?
Essay 02
In respect of ransomware, it has been stated: “For a ban on ransom payments to be effective,
the penalties for paying the ransom would need to be more severe than the impact of the ransom
itself. If the penalties are inadequate, organisations may simply pay the ransom and deal with
the legal consequences so they can move on with normal operations.” See
https://theconversation.com/australia-is-considering-a-ban-on-cyber-ransom-payments-but-it-
could-backfire-heres-another-idea-194516
Is it currently legal in Australia to negotiate and pay a ransom because of a ransomware attack
in Australia? Do you think the law in Australia relating to ransomware payments should
change, and if so, why or why not? Why do some companies decide to pay ransomware?
Essay 03
You work for an Australian telco that is buying network equipment from a supplier (an OEM)
outside of Australia. What are the legal risks relating to cybersecurity, and how should these
risks be minimised when dealing with this supplier?
2
Essay 04
In the Privacy Act, APP 11.1 states, in summary:
APP 11.1 – if entity holds personal information, the entity must take such steps as are
reasonable in the circumstances to protect the information from:
• Misuse, interference and loss; and
• Unauthorised access, modification and disclosure
Optus, Medibank Private, Latitude Finance and HWL Ebsworth Lawyers have all been the
subject of recent data breaches. See, for example, https://www.oaic.gov.au/newsroom/oaic-
opens-investigation-into-hwl-ebsworth-over-data-breach. Using at least one of these data
breaches as a case study, explain how an Australian business should determine what steps to
take “as are reasonable in the circumstances” to protect the personal information that the
business holds.
Essay 05
The Australian Parliament passed the Security Legislation Amendment (Critical Infrastructure)
Act 2021 (Cth) which implements a number of amendments to the existing Security of Critical
Infrastructure Act 2018 (Cth) (SOCI Act). What is the purpose of the SOCI Act? In light of the
SOCI Act, what do you consider should be respective roles of government and industry in
protecting critical infrastructure? What is your opinion of the impact of the SOCI Act on the
security of critical infrastructure in Australia? Does the SOCI Act go too far, or not far enough?
Please review the next page for helpful guidance.
3
Guidance Notes
In preparing your essay, you should research and read relevant legal articles, judicial
decisions and statutory laws, and refer to them in your essay where relevant. Example
research materials are provided in the reading materials for the class.
Remember to focus on legal issues in your essay. For the above 5 topics, a possible
structure is to identify the legal issue or issues, set out the law in relation to those issues,
and answer the question set out in the topic above. Where relevant, you may wish to
identify any gaps or problems with the current law, and if appropriate propose
possible changes to the current law.
Make sure that you answer all the questions and sub-questions that are asked.
The word limit for the essay is a maximum of 2,500 words, but 2,000 to 2,500 words are
acceptable. (Quality is more important than number of words.) This word count:
• includes headings and subheadings;
• does not include text in the header; and
• does not include footnotes - however footnotes should be used for citation purposes
only. Substantive text should not be included in footnotes.
Appendices can be included in the essay and will be excluded from the word count.
You are free to use the referencing style that you prefer but you must be consistent within
the paper.
This is an essay writing guide from UQ. This is only a guide and not a requirement:
https://my.uq.edu.au/information-and-services/student-support/study-skills/assignment-
writing/steps-writing-assignments
Here is an essay writing guide from the Law School. This is for information only. This guide
is aimed at law students: https://law.uq.edu.au/files/8445/Guide-To-Writing-Style-In-
Assignments.pdf
There is a free edX course available to assist in essay writing for those who may not have
done this previously. (There is an edX app too.). See the Course "Academic English" :
https://www.edx.org/course/academic-english
Some students use Grammarly to assist with their writing style:
https://www.grammarly.com/
CYBR7003
Assessment Item 1
Legal perspectives in cyber security
Due Date: 2 September 2024 before 14:00
Weight: 30%
Not more than 2,500 words
You are required to research and write an essay in relation to a legal issue that arises in a
business context in relation to cybersecurity.
Five essay questions are set out below. You can select one of these five questions.
At a minimum, your essay should demonstrate what legal issues you have learnt in class and
from the readings you have done (including, where relevant, the mandatory and optional
readings provided via reading lists in BlackBoard.)
There is guidance to assist you at the end of this document.
Please make sure to include your name, student number and the Essay number (e.g. Essay
01, Essay 02, etc) on the first page of your paper.
Essay 01
What is the Australian notifiable data breach regime and why do we have it? What are the
positive and the negative aspects of the notifiable data breach regime? What
recommendations do you have to change the Australian notifiable data breach regime?
Essay 02
In respect of ransomware, it has been stated: “For a ban on ransom payments to be effective,
the penalties for paying the ransom would need to be more severe than the impact of the ransom
itself. If the penalties are inadequate, organisations may simply pay the ransom and deal with
the legal consequences so they can move on with normal operations.” See
https://theconversation.com/australia-is-considering-a-ban-on-cyber-ransom-payments-but-it-
could-backfire-heres-another-idea-194516
Is it currently legal in Australia to negotiate and pay a ransom because of a ransomware attack
in Australia? Do you think the law in Australia relating to ransomware payments should
change, and if so, why or why not? Why do some companies decide to pay ransomware?
Essay 03
You work for an Australian telco that is buying network equipment from a supplier (an OEM)
outside of Australia. What are the legal risks relating to cybersecurity, and how should these
risks be minimised when dealing with this supplier?
2
Essay 04
In the Privacy Act, APP 11.1 states, in summary:
APP 11.1 – if entity holds personal information, the entity must take such steps as are
reasonable in the circumstances to protect the information from:
• Misuse, interference and loss; and
• Unauthorised access, modification and disclosure
Optus, Medibank Private, Latitude Finance and HWL Ebsworth Lawyers have all been the
subject of recent data breaches. See, for example, https://www.oaic.gov.au/newsroom/oaic-
opens-investigation-into-hwl-ebsworth-over-data-breach. Using at least one of these data
breaches as a case study, explain how an Australian business should determine what steps to
take “as are reasonable in the circumstances” to protect the personal information that the
business holds.
Essay 05
The Australian Parliament passed the Security Legislation Amendment (Critical Infrastructure)
Act 2021 (Cth) which implements a number of amendments to the existing Security of Critical
Infrastructure Act 2018 (Cth) (SOCI Act). What is the purpose of the SOCI Act? In light of the
SOCI Act, what do you consider should be respective roles of government and industry in
protecting critical infrastructure? What is your opinion of the impact of the SOCI Act on the
security of critical infrastructure in Australia? Does the SOCI Act go too far, or not far enough?
Please review the next page for helpful guidance.
3
Guidance Notes
In preparing your essay, you should research and read relevant legal articles, judicial
decisions and statutory laws, and refer to them in your essay where relevant. Example
research materials are provided in the reading materials for the class.
Remember to focus on legal issues in your essay. For the above 5 topics, a possible
structure is to identify the legal issue or issues, set out the law in relation to those issues,
and answer the question set out in the topic above. Where relevant, you may wish to
identify any gaps or problems with the current law, and if appropriate propose
possible changes to the current law.
Make sure that you answer all the questions and sub-questions that are asked.
The word limit for the essay is a maximum of 2,500 words, but 2,000 to 2,500 words are
acceptable. (Quality is more important than number of words.) This word count:
• includes headings and subheadings;
• does not include text in the header; and
• does not include footnotes - however footnotes should be used for citation purposes
only. Substantive text should not be included in footnotes.
Appendices can be included in the essay and will be excluded from the word count.
You are free to use the referencing style that you prefer but you must be consistent within
the paper.
This is an essay writing guide from UQ. This is only a guide and not a requirement:
https://my.uq.edu.au/information-and-services/student-support/study-skills/assignment-
writing/steps-writing-assignments
Here is an essay writing guide from the Law School. This is for information only. This guide
is aimed at law students: https://law.uq.edu.au/files/8445/Guide-To-Writing-Style-In-
Assignments.pdf
There is a free edX course available to assist in essay writing for those who may not have
done this previously. (There is an edX app too.). See the Course "Academic English" :
https://www.edx.org/course/academic-english
Some students use Grammarly to assist with their writing style:
https://www.grammarly.com/
