Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Part 2 : Risk Control and Cost Benefit Analysis ( CLO 2 ) : You are assigned the task to analyze the following scenarios and

Part 2: Risk Control and Cost Benefit Analysis (CLO2):
You are assigned the task to analyze the following scenarios and answer the questions at the end:
Case #1 Data Breach:
The CYZ faces the risk of a cybersecurity breach because of chatbot on its website that could result in data breach and severe financial consequences.
It is expected that frequency with which the data breach can occur once in 7 weeks.
Each breach can cost up to $25,000.
The organization has implemented security control costing $100,000 annually with an effectiveness of 80%.
The confidence of the company that this security control will fix the vulnerability is 90%.
The likelihood of a breach occurring in a year is 55% with potential impact is 80.
Case #2 Equipment Failure:
The CYZ also faces the risk of its data storage failure, leading to downtime and repair costs.
The potential impact of equipment failure is estimated at 1.
The likelihood of equipment failure in a year is 60%.
The organization has implemented preventive maintenance measures with an effectiveness of 40%.
The equipment failure is expected to occur at least twice per year.
Each incident can cost up to $50,000.
Case #3 Earthquake preparedness:
One hospital branch is located in a seismic activity-prone region, and the risk of earthquake-induced disruptions to business operations is a concern.
On average there is an earthquake every 2 years.
Last time due to an earthquake, the services were disrupted for almost 2 months and the organization was unable to recover its complete data as no backup was available.
On average the company losses $50,000 after every earthquake.
The company needs data security plans to safe guard its organizational data so it needs your recommendations.
Management has asked you to help them deciding, by reporting on the following:
1. Propose most suitable risk control strategy for each of the cases mentioned above.
2. Calculate the risk and Annual Loss Expectancy.
3. The viability justification of the proposed solutions after cost benefit analysis.
Risk Formula
Risk =(L*I)-((PRC)(L*I))+((U)(L*I))
ALE = SLE x ARO
SLE = Asset Value x EF
CBA = ALEprior - ALEpost - ACS

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Expert Performance Indexing In SQL Server

Authors: Jason Strate, Grant Fritchey

2nd Edition

1484211189, 9781484211182

More Books

Students also viewed these Databases questions

Question

Explain why you agree or disagree with this statement.

Answered: 1 week ago