Describe a time when you identified a significant security risk. What steps did you take to address it?