1. Why are computer systems so vulnerable?
2. Why should information security be a prime concern to management?
3. Is security a technical issue? A business issue? Both? Support your answer. (Hint: Read Kim Nash, “Why Technology Isn’t the Answer to Better Security,” CIO(www.cio.com), October 15, 2008.)
4. Compare information security in an organization with insuring a house.
5. Why are authentication and authorization important to e-commerce?
6. Why is cross-broader cybecrime expanding rapidly? Discuss possible solutions.
7. Discuss why the Sarbanes-Oxley Act is having an impact on information security.
8. What types of user authentication are used at your university and/or place of work? Do these measures seem to be effective? What if a higher level of authentication were implemented? Would it be worth it, or would it decrease productivity?
9. Why are federal authorities so worried about SCADA attacks?
