Suppose you work for an organization that is being phished.
a. How would you learn that your organization is being attacked?
b. What steps should your organization take in response to the attack?
c. What liability, if any, do you think your organization has for damages to customers that result from a phishing attack that carries your brand and trademarks?