# IT Security & AI Ethics: Capital One and Facial Recognition
> Explore a technical analysis of the Capital One data breach and the ethical implications of facial recognition technology in Information Systems Management.

Tags: it-security, cloud-breach, artificial-intelligence, biometrics, cybersecurity, data-protection, aws-security, ai-ethics
## Information Systems Security Overview
* Information Systems Security (ISS) protects confidentiality, integrity, and availability (CIA).
* Cybercrime costs estimated at over $8 trillion annually as of 2023.

## Case Study 1: Capital One Data Breach (2019)
* **Impact:** 106 million customers affected in the US & Canada; $190M class action settlement; $80M fine from OCC.
* **Technical Analysis:** A misconfigured Web Application Firewall (WAF) allowed a Server-Side Request Forgery (SSRF) attack to steal AWS credentials.
* **Root Cause:** Over-privileged IAM roles and poor firewall configuration.
* **Recommendations:** Implement Zero Trust Architecture, least privilege access, and automated cloud security posture management.

## Case Study 2: Facial Recognition Systems
* **Market:** Projected to reach $14.5 billion by 2029.
* **Technology:** Works through face detection, feature extraction (nodal points), faceprint creation, and database matching.
* **Benefits:** Enhanced law enforcement, frictionless authentication, and financial fraud prevention.
* **Risks:** Algorithmic bias (lower accuracy for darker skin tones/women), mass surveillance concerns, and deepfake vulnerabilities.
* **Regulations:** GDPR (EU) treats biometric data as sensitive; EU AI Act (2024) bans specific public real-time biometric IDs.

## Recommendations for Future Systems
* Use inclusive training data to eliminate bias.
* Implement opt-in consent frameworks for biometric data.
* Adopt clear legal frameworks and independent algorithmic audits.
---
This presentation was created with [Bobr AI](https://bobr.ai) — an AI presentation generator.