Posted: December 5th, 2022
As the textbook says, there is no general federal law that requires businesses to disclose to customers when their personal information has been compromised in a cybersecurity breach. Instead, there are different laws in every state. For this assignment, you’ll look at Washington’s disclosure law:
If you’ve never read a law before, this is actually a great one to start with. Like most, the language is rather convoluted, but at least it is short. In comparison, the CISA that was passed last fall is 136 pages out of a longer bill that is over 2000 pages long.
Answer the following five questions about Washington’s disclosure law referenced above. Each question is worth 5 points. Be sure to read the law carefully, not all answers are straightforward.
When a question asks for a “section number”, it means the number in parentheses before the statement where you find the answer to the question. If there’s a letter in parentheses before the statement, then that’s just a subsection to the previous number. For instance, the statement “Notification to major statewide media.” is really subsection 8(c)(iii), so you would just refer to that as section 8 in your answer.
For some of these questions, the appropriate answer is to simply copy a statement from the law. When you do that, be sure to use quotation marks. Label your answers is the same way as the questions, otherwise you gain no points for unlabeled answers.
Question 1. What two elements of the CIA triad are referenced in this law, and in what section number(s)?
Question 2. When a disclosure notification is required, in what three methods may notification be provided, and in what section number do you find the answer?
Question 3. If only one Washington resident is affected by the breach, is the business still required to notify that one person?
Question 4. If 1000 Washington residents are affected by the breach, who besides the people affected must be notified, and in what section number do you find the answer?
Question 5. If the only information that is stolen in a breach is a mailing address, is notification required, and in what section number do you find the answer?
Like most written assignments, this must be submitted as a PDF file.
If the question asks for a section number and you do not provide it, 1 point will be deducted.
Place an order in 3 easy steps. Takes less than 5 mins.