1. “NIST and Risk Governance and Risk Management” Please respond to the following:
Companies generally reference NIST standards when assessing their risk management. Based on your learning this week, what do you think would be your top NIST consideration when starting to craft a risk management policy for a small to medium sized company? Is it possible in your estimation to anticipate all possible threats and contingencies in advance of an attack?
2. “Data Breach Notification” Please respond to the following:
Data breach laws have made us more aware of how our PII and other corporate data is compromised in recent years. Intellectual property is often the target of attacks from foreign entities and even governments. Banks don’t like people to know how much money is stolen annually by hackers; despite their best efforts to prevent such theft. Discuss your thoughts on the subjects mentioned here based on your learning from this week.
3. “Online Contracts” Please respond to the following:
Online contracts are becoming ubiquitous these days. They’re sometimes signed online even in face-to-face meetings between parties. Based on your study this week, what are some pitfalls you previously didn’t know? Describe an online contract or end-user license agreement you signed that made you think. Do you ever agree to things without fully reading them, even when the signature block says, “I have read and understand”? What do you think about this now that you have learned about online contracts?