I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold below are the questions the students at answering.

1. If you could, what would you do to help create a national “security culture” in which everyone is more knowledgeable and proactive about threats to information security?

2. There have been several incidents of data theft or loss involving personal information held by large companies. As a result, legislation is being discussed that would provide penalties not just for data thieves, but for companies that fail to keep private information secure. Discuss your opinions about this as a group. Are such laws needed? Please give reasons to support your answer.

Student one:

This will be our last week and my last post. It has been a pleasure working with everyone. I must say this class has flown by. I wish every success in all of their future endeavors.

R1. I think the old saying is true, “?Knowledge is power”. In order to help create a national security culture I would first aim to educate everyone. Raising awareness for the importance of information security how it directly effects everyone can help everyone buy in. Just like in a presidential election, or when a new movie star or music start takes over. In order to win over the masses you have to have appeal. I would work to appeal it to everyone and ensure everyone knows that data breaches, hackers, or other computer crimes can happen to anyone. Building a healthy security culture would also be something that I would want to implement to help create the national security culture. I would also try and recognize the people that take information security seriously and do all the right things.

R2. In another class I recently read a case regarding Rite Aid and it failing to properly protecting its customers and employees. I do think that companies should be charged if they don’t ensure that sensitive information remains private. Even in the Target data breach many experts came out and said that the breach could have been prevent had their security team just done one more preventative measure. In the case of Rite Aid they were order to pay a million dollar fine. Rite Aid&risque;s information security and network would be auditing at least once every two years. I think even though this might seem a bit much to some, I don&risque;t think it is enough. I think Rite Aid and companies like it need to be hit with much heftier fines. Because the fear of fines is probably the only thing that would make a company ensure their network is safe.


5 Steps to Create a Security Culture within your Organization. (2018, January 11). Retrieved from…

CYBER SECURITY ESSENTIALS. (2017). Place of publication not identified: CRC Press.

Rite Aid Corporation, In the Matter of. (2015, January 06). Retrieved from…


Student two:

Good morning everyone,

It is beyond amazing and impressive to see that we made it to the end and we all learned a plethora of information about cybersecurity. However, there is always more to learn and improve on, which leads to the focus of the future. To create safety and as well awareness, both the government and private corporations need to be involved in a weekly and monthly basis to educate and help the public, as well as business stay safeguarded from malicious activity. There should be personal involvement so that there are monthly checks and everything is running up to speed. Same concept that the Department of Motor Vehicles (DMV) has, well same system or something similar should be employed but for computer safety. There is a lot of room for possibilities and in the process create new jobs and new entities that their sole focus is to take care of this matters.

On another note, corporations and the government with their many agencies should be help accountable for data loss or theft, in which they are banned, suspended or forfeit pay to those that were affected. Take for example “Google’s revelation today that its social network Google+ suffered a second major security lapse in less than a year makes clear the Internet giant cannot be trusted to police its own platforms and underscores the need for strong laws like the California Consumer Privacy Act…” (Simpson,2019). Legislation would create the guidelines for what to do on what event(s) and how to inform the general public so that no chaos arise from these matters. Laws are needed and to be employed so that there is guidance. This shows that the government cares and works hard for its people.

Lastly, I want to thank you all that read my posts and gave me amazing feedback! I hope you all continue on your endeavors, never give up, and always stay informed in this interesting yet crazy world we live in. Best of luck and I hope that you all complete your dreams and goals!




APUS Library

Taylor, R. W., Fritsch, E. J., Liederbach, J. C. Digital Crime and Digital Terrorism. [VitalSource Bookshelf]. Retrieved from…

Graham, J., Howard, R., & Olson, R. (2011). Cyber security essentials. Boca Raton: Auerbach Publications.

Simpson, J., Google’s Second Failure to Protect Data Security on Its Social Network Shows Need for California Privacy Law, 2019