Should all security incidents be reported to law enforcement? With Anthem and others disclosing their breaches recently, do you think that they did so in a timely fashion? What are the pros and cons of law enforcement involvement? What does the current law say about companies having to release information / statements on a security breach? How does policy impact the discussion to disclose a breach? Should there be stiff compensation back to customers for the risk they are now enduring?