An organization determines that the probability of unauthorized access to a data

Question

An organization determines that the probability of unauthorized access to a database that contains personally identifiable information (PII) about its clients and employees is 5% in a year. The total estimate of the loss due to this exposure is estimated to be 5 million dollars. This includes losses resulting from loss of reputation, business operations, fines imposed by FCC, legal fees. After consulting with a security firm, a product was identified that could implement stronger access control and that could allow security administrator to track such an unauthorized access. The total cost of the product is $500,000, plus $10,000/year for maintenance. The product should work well for next five years. It is estimated that, if implemented, it will protect from 90% of all such attacks. We want to know whether the organization should purchase this product

Explanation / Answer

Yes, The organization should purchase the product. For next five years, The organization protect from 90% of attacks. It's cost is high but organization have to trust it. For security reasons organization have to purchase product. Organization should have to take risk.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects