Question;Take a look at Case Project 7-6: Community Site Activity. You do not need to;logon to the Information Security Community site to complete this assignment.;Read through the narrative regarding Vendor A and Vendor B, then answer the;questions. Provide examples to support your answers. You might also find;guidelines for a suggested timeline, and cases where penalties were applied for;non-compliance. You might do a little research and determine if there are;regulations regarding disclosure for different industries, such as health;care. No more than two pages. Vendor A was successfully attacked on Monday night and personal customer;information was compromised. The next day, Vendor A sent an e-mail to its customers;that it was the victim of a successful attack that occurred?recently?in;which?certain information?was stolen. Vendor A did not detail what information;was stolen, what direct impact it may have on its customers, or what customers;should do about it, other than some generic statements. Vendor B was also;successfully attacked on Monday night. However, Vendor B waited 10 days;before revealing the attack to its customers, but they included detailed information;about the attack, its consequences, and how customers could protect themselves.;In both cases, clear and immediate information was not distributed. Should;vendors be obligated to inform customers when attacks occur and how to protect;ourselves? What should be the time line for doing so? What should be the;penalties if vendors do not follow such guidelines?
Paper#37061 | Written in 18-Jul-2015Price : $22