Iris was a little unsure of what to do next. She had just left the meeting with
Question:
Iris was a little unsure of what to do next. She had just left the meeting with the other executives. At the meeting, they confirmed the need for action on the matter of the critical information offered for sale on a public auction site. That was the last point of agreement. This was a risk they had simply not planned for, and they were completely unprepared. Just before the meeting broke up, they had made assignments to various people in the meeting. Robin, the CEO, was going to contact the members of the board of directors to brief them so that if the story became public they would not be surprised. Jerry, the corporate counsel, was going to start an intensive effort to discover what peer companies had done in situations like this. Mike, the CIO, was assigned to contact the auction site to get the auction shut down and lay the groundwork for working with whatever authorities were brought in for the criminal aspects of the case. Iris was assigned to investigate which law enforcement agency should be involved in the investigation. She already knew that the auction site was hosted on a server owned by a company that was not in the United States, where HAL was located. She reached for her business card box and began thumbing through the contacts she had.
Questions:
1. Do you think the response of the company so far indicates any flaws in company policy or practices that are revealed by the incident?
2. With which law enforcement agency do you think Iris should consult? On what factors do you base that recommendation?
3. What criminal acts might have occurred in this situation? Considering who the perpetrators might be, what do you think their relationship to RWW, Inc. might be?
Step by Step Answer:
Management of Information Security
ISBN: 978-1285062297
4th Edition
Authors: Michael E. Whitman, Herbert J. Mattord