SIT284 Cybersecurity Management- appropriate treatment strategy

SIT284 Cybersecurity Management- appropriate treatment strategy

Task:

Threat and threat actors

For each threat you identified above, obtain the following information, and add them to the ‘threat actors and attributes table’ below.
• identify one most probable threat actor.
• determine the set of appropriate factors (size, skill, motive, and opportunity) related to the selected threat actor,
• ARO (Annualized Rate of Occurrence): the frequency with which a threat is expected to occur in a particular year.
• EF (Exposure Factor): identifies the percentage of the asset value lost if the threat materializes.

You need to justify why you choose the above information and briefly explain, why you think the values for the parameters you collected correspond to the threat Cost-benefit analysis (CBA)

For each security control you propose, perform a cost-benefit analysis (CBA) to determine if the cost of protecting the asset against the risk outweighs the benefits from implementing the security control. From online sources, you will need to collectstatistics on parameterssuch asthe frequency with which a threat (you identified threats in section 2) is expected to occur in a particular year and the percentage of the asset value lost due to the security incident. Briefly explain, why you think the values for the parameters you collected correspond to the particular threat. You must justify and show step by step your work and include all the formulas required to arrive at youranswer.

Risk treatment strategies

For each risk, determine the residual risk and the appropriate treatment strategy. Provide a brief explanation of why you consider the treatmentstrategy you selected is appropriate for managing the risk

Read less
QUALITY: 100% ORIGINAL PAPER – NO PLAGIARISM – CUSTOM PAPER
error: Content is protected !!