Imagine you work for a medium-sized business in the information security department and suppose you've determined the need to structure and implement an incident response plan and team. Propose how you would make a business case for the management team, explaining why this is a needed component of the security program at the company.
Determine how you would design the incident response team, knowing that you would use six people from your current staff to comprise the team. Identify the role that each of these individuals would take and briefly discuss the tasks each would need to absorb.
Select a law that currently governs how technology can be used and discuss it in detail utilizing your own words. Determine whether or not you believe this legislation and other laws surrounding technology are keeping up with the changes and fast paced advancement of information technology and crime. Provide a rationale with your response.
Analyze the purpose of HITECH and determine how this act is helping to shape the future of breach notification and consumer protection. Conclude whether or not you believe legislation such as HITECH forces the hands of companies when a breach occurs and whether or not this is better for the breached companies in the end.