阅读理解 It never rains but it pours. Just as bosses and boards had finally sorted out their worst accounting and compliance troubles, and beefed up their feeble corporate governance, a new problem threatens to earn them—especially in America—the sort of nasty headlines that inevitably lead to heads rolling in the executive suite: data insecurity. Left, until now, to low-level IT staff to put right, and seen as a concern only of data-rich industries such as banking, telecoms and air travel, information protection is now high on the boss's agenda in businesses of every variety.
Such contented self-satisfaction may have been encouraged—though not justified—by the lack of legal penalty for data leakage. Until California recently passed a law, American firms did not have to tell anyone, even the victim, when data went astray. "Boards should pay as much attention to these IT operational risks as they do to other operational risks in the firm," argues George Westerman of the MIT Sloan School of Management. After all, boards have audit committees and compensation committees. It may be time for a data-protection committee, he argues. Bosses must ensure that there are effective data risk-management processes in place, be aware of their greatest vulnerabilities and promote a corporate culture that acknowledges data risks rather than hides them.
But the problem is often a lack of understanding by senior managers not just of technology but of business processes, says Thomas Parenty, author of Digital Defense: What You Should Know About Protecting Your Company's Assets. "No one in the organisation bothers to look at the value of what data they hold, the consequences if something bad happens to it, and the appropriate mechanisms to prevent that from happening," he says.
So, what should a boss do? Accountancy firms and consultants are already spotting a chance to profit by conducting an independent security and privacy audit—and for many firms, their(no doubt)huge fee will probably be worth the money. The auditors inspect technology systems, data flow and the controls on access to data within an organisation and with its business partners.
A wise boss will also appoint a senior executive to be responsible for data security—and not just to have a convenient scapegoat in the event of a leak. Diana Glassman, a data protection expert, says that a useful first step would be for the boss to write to all employees reminding them of the risks and potential cost of data leakage, and asking them, before passing data to anyone else, to question whether that person truly needs, or is entitled to, it.
单选题 6.According to the opening paragraph, data security is now high on bosses' agendas because
【正确答案】 D
【答案解析】属推断题。综合考虑第一段,我们知道,信息安全问题被放在公司老板议事日程首要位置是因为信息泄漏会对公司造成摧毁性的打击,老板和董事会也会臭名远扬。因此答案选择D。其他选项与原文不符。
单选题 7.As far as America is concerned, what is special about California's new law?
【正确答案】 B
【答案解析】属推断题。California’s new law出现在文中第二段,该段第二句讲到在California’snew law颁布之前,即便是数据泄漏了,公司也没必要告知其他人,甚至连受害人都不用告知。从这句话我们可以推断出California's new law的颁布是对以往这一状况的改变,因此答案为B。其他纯属编造。
单选题 8.According to Thomas Parenty, the key problem for bosses, as far as data loss is concerned, is that______.
【正确答案】 A
【答案解析】属细节题。第三段第一句话说:But the problem is often a lack of understanding bysenior managers not just of technology but of business processes,该句关键词是lack以及not just…but…(不仅…而且…)。这句话的意思是“问题在于高级管理者不仅对技术而且对商业程序都缺乏了解”。由此我们看出A是最合适的选项。
单选题 9.An independent privacy audit is probably worth the money because______.
【正确答案】 C
【答案解析】属细节题。根据题干定位到文章倒数第二段:对很多公司而言,聘用独立安全秘密审计师虽然要出高薪,但钱花得值。因为他们会检查公司内部的技术系统、数据流动以及对数据使用的控制等等。由此推出答案为C。其他均无原文依据。
单选题 10.According to Diana Glassman, who is responsible for data protection?
【正确答案】 C
【答案解析】属推断题。本题是对最后一个段落的考查。文中提到公司老板有必要write to allemployees reminding them of the risks and potential cost of data leakage。因此我们可以得知,保护信息安全应当是全体员工的责任,而不仅仅是老板个人或负责信息安全的高级职员们的责任。故C为正确答案。