Question

1 Approved Answer

Posted on Jul 26, 2024

Problem: A specialty online retail company with profits of $200 mil has conducted a cyber risk analysis of its business and has determined that it

Problem: A specialty online retail company with profits of $200 mil has conducted a cyber risk analysis of its business and has determined that it has significant exposure to a hack. The probability that such a hack would occur 2% per vear. The losses resulting from the druption of business due to hack are estimated to be $100 million The company has maximum vulnerability. The company has explored the following options Completely avoid the potential hack and subsequent disruption by having a third party hande internet interface and billing. This would result in an annual loss of $3 mil in profit Utilize an IBM DataPower Gateway application as a doud service for $200,000 per year. This would reduce the vulnerability index to 0.05. Utilize an IBM DataPower Gateway as an independent server within the IT infrastructure for $10 mil dollars. This would reduce the losses of disruption resulting from a hack to $500,000 due to the ability for quick system restoration. The Independent server has an expected lifetime of 4 year. AIG Cyber Risk Insurance, Cyberdigel, is available for $300.000 per year and will reduce the impact to $20 mil per year. Solution Risk Impact X Probability X Vulnerability Index Baseline Risk $100 mil X 0.02 X 10 - $2.0 mil Accept: Cost = $0.00 Risk = $100 mlX0.02 x 10 Risk = $2.0 MB Delta Risk (Do nothing aption, Difficult to really quantity Transfer: a) Third party Cost = $3.0 Mi Risk = 0 (As long as the third party does not default. Delta Risk-$2.0 ml b) AIG CyberEdge Insurance Cost $300k Risk $10.0 milX0.02 X 1.0 Risk $200K Delta Risk = $1,800 Mitigate: a) IBM DataPower Gateway Server Cost = $1.0 mil/4 years or $250k Risk - 5500k X 0.02X10-$10% Risk $10k Delta Risk $1.99 ml bj te DataPower Gateway Cloud Application Cost = $200k Risk = $100 ml 0.02 X 0.05 Risk $100 Delta fisk $1.90 mil Avoid: This is the get out of business option Cost = $200 mil (Total loss of profit) Delta Risk $2.0 mil Conclusion: Based on a cost/benefit ratio, the BM DataPower Gateway Cloud Application provides the least cost per reduction exposure of any of the proposed strategies. Problem: A specialty online retail company with profits of $200 mil has conducted a cyber risk analysis of its business and has determined that it has significant exposure to a hack. The probability that such a hack would occur 2% per vear. The losses resulting from the druption of business due to hack are estimated to be $100 million The company has maximum vulnerability. The company has explored the following options Completely avoid the potential hack and subsequent disruption by having a third party hande internet interface and billing. This would result in an annual loss of $3 mil in profit Utilize an IBM DataPower Gateway application as a doud service for $200,000 per year. This would reduce the vulnerability index to 0.05. Utilize an IBM DataPower Gateway as an independent server within the IT infrastructure for $10 mil dollars. This would reduce the losses of disruption resulting from a hack to $500,000 due to the ability for quick system restoration. The Independent server has an expected lifetime of 4 year. AIG Cyber Risk Insurance, Cyberdigel, is available for $300.000 per year and will reduce the impact to $20 mil per year. Solution Risk Impact X Probability X Vulnerability Index Baseline Risk $100 mil X 0.02 X 10 - $2.0 mil Accept: Cost = $0.00 Risk = $100 mlX0.02 x 10 Risk = $2.0 MB Delta Risk (Do nothing aption, Difficult to really quantity Transfer: a) Third party Cost = $3.0 Mi Risk = 0 (As long as the third party does not default. Delta Risk-$2.0 ml b) AIG CyberEdge Insurance Cost $300k Risk $10.0 milX0.02 X 1.0 Risk $200K Delta Risk = $1,800 Mitigate: a) IBM DataPower Gateway Server Cost = $1.0 mil/4 years or $250k Risk - 5500k X 0.02X10-$10% Risk $10k Delta Risk $1.99 ml bj te DataPower Gateway Cloud Application Cost = $200k Risk = $100 ml 0.02 X 0.05 Risk $100 Delta fisk $1.90 mil Avoid: This is the get out of business option Cost = $200 mil (Total loss of profit) Delta Risk $2.0 mil Conclusion: Based on a cost/benefit ratio, the BM DataPower Gateway Cloud Application provides the least cost per reduction exposure of any of the proposed strategies