1. If you could, what would you do to help create a national "security culture" in which everyone is more knowledgeable and proactive about threats to information security?
2. There have been several incidents of data theft or loss involving personal information held by large companies. As a result, legislation is being discussed that would provide penalties not just for data thieves, but for companies that fail to keep private information secure. Discuss your opinions about this as a group. Are such laws needed? Please give reasons to support your answer.