Suppose you work for a company that has suffered a cybersecurity incident in which PII (Personal Identifiable Informatio

Business, Finance, Economics, Accounting, Operations Management, Computer Science, Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Algebra, Precalculus, Statistics and Probabilty, Advanced Math, Physics, Chemistry, Biology, Nursing, Psychology, Certifications, Tests, Prep, and more.
Post Reply
answerhappygod
Site Admin
Posts: 899603
Joined: Mon Aug 02, 2021 8:13 am

Suppose you work for a company that has suffered a cybersecurity incident in which PII (Personal Identifiable Informatio

Post by answerhappygod »

Suppose you work for a company that has suffered a
cybersecurity incident in which PII (Personal Identifiable
Information) customer data was stolen. The new chief technology
officer (CTO) has stated that because no evidence indicates that
the data has been used against customers, the company does not need
to report the cyber incident publicly or to law enforcement
agencies. Doing so, she argues, would only generate bad publicity.
Despite a state law requiring disclosure, the CTO thinks a loophole
in the law could allow the company to avoid disclosure. The Legal
Department is currently understaffed with no director, and the
junior-level employees are concerned about repercussions if they
object to the CTO. What do you think?
Write a one-page memo (minimum 50 words) to the CTO that
outlines your stance on contacting law enforcement and making a
public statement.
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!
Top
Post Reply

Return to “Archived Questions & Answers”