You are a networking consultant for a technology support firm in your home. Imagine that you have
Question:
You are a networking consultant for a technology support firm in your home. Imagine that you have discovered news about a new form of ransomware coming out of Eastern Europe. Your research shows that the payload for the ransomware is delivered using a phishing email. You also discover that the phishing email can be blocked using a hardware spam filter. You send out an urgent email to all of your clients urging them to install the hardware spam filter to prevent the ransomware attack. You mark the email as important, and you ask for a receipt from your Outlook when the email is received and read. Only two agree to purchase the spam filter while the others say they will need to budget in the cost next quarter. Approximately 3 weeks later, two of the noncompliant clients became infected with the ransomware. This cost them tens of thousands of dollars in lost business and in recovery costs.
Both filed insurance claims, which were paid, but the insurance company sued your tech firm to recover their losses. Did you do everything you could to prevent the attack within reason? How should your firm respond to the lawsuit?
Auditing The Art and Science of Assurance Engagements
ISBN: 978-0134613116
14th Canadian edition
Authors: Alvin A. Arens, Randal J. Elder, Mark S. Beasley, Joanne C. Jones