Answered step by step
Verified Expert Solution
Question
1 Approved Answer
below demonstrates partial information about these calculations. Threat category SLE Rate of frequency ARO ALE 1 . Internal hardware failure $ 5 , 0 0
below demonstrates partial information about these calculations. Threat category SLE Rate of frequency ARO ALE Internal hardware failure $ per week $ DDoS attack $ per year $ Phishing attack $ per week $ Citywide power outage $ per quarter $ Employee vandalism $ per months $ Bruteforce attack $ per month $ Data manipulation $ per year $ Ransomware $ per week $ Eavesdropping $ per quarter $ Tornado $ per years $Using the following formula to perform a cost benefit analysis CBA the company is calculating whether investing in this risk control technology NGFW which costs $ annually is cost effective to mitigate the attack. A positive CBA number indicates a cost effective investment, and a negative number indicates a poor investment. CBA ALE pre control ALE post control ACS Where, ALE pre control the annualized loss expectancy of the risk before the implementation of the risk control ALE post control the ALE examined after the risk control has been in place for a period of time Annual Cost ACS the annual cost of the risk control Based on the formula, what is the CBA in this scenario? Is it cost effective for the company to invest in this security technology? Explain your reasoning.
below demonstrates partial information about these calculations.
Threat category SLE Rate of frequency ARO ALE
Internal hardware failure $ per week $
DDoS attack $ per year $
Phishing attack $ per week $
Citywide power outage $ per quarter $
Employee vandalism $ per months $
Bruteforce attack $ per month $
Data manipulation $ per year $
Ransomware $ per week $
Eavesdropping $ per quarter $
Tornado $ per years $Using the following formula to perform a cost
benefit analysis
CBA
the company is calculating whether investing in this risk control technology
NGFW
which costs $
annually is cost
effective to mitigate the attack. A positive CBA number indicates a cost
effective investment, and a negative number indicates a poor investment.
CBA
ALE
pre
control
ALE
post
control
ACS
Where,
ALE
pre
control
the annualized loss expectancy of the risk before the implementation of the risk control
ALE
post
control
the ALE examined after the risk control has been in place for a period of time
Annual Cost
ACS
the annual cost of the risk control
Based on the formula, what is the CBA in this scenario? Is it cost
effective for the company to invest in this security technology? Explain your reasoning.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access with AI-Powered Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started