Assignment:
Case Assignment
CYBER RISK ASSESSMENT
There are various methods in conducting a risk assessment. Any method used is likely to include in some shape or form hazards, vulnerabilities and impacts. Once completed, this risk assessment can be used to develop strategies to prepare, respond, recover, and mitigate cyber threats.
For this case, answer the following:
Describe the steps to conduct a risk assessment to achieve the goals for information security (availability, integrity, confidentiality, accountability, and assurance).
Assignment Expectations
Assignments should be 3 to 5 full pages, double-spaced, not counting the cover or reference page. Paper format: (a) Cover page, (b) Header, (c) Body. Submit your assignment by the last day of this module. Provide quotations to support your responses.
• Relevance-All content is connected to the question.
• Precision-Specific question is addressed. Statements, facts, and statistics are specific and accurate.
• Depth of discussion-Present and integrate points that lead to deeper issues.
• Breadth-Multiple perspectives and references, multiple issues/factors considered.
• Evidence-Points are well-supported with facts, statistics and references.
• Logic-Presented discussion makes sense; conclusions are logically supported by premises, statements, or factual information.
• Clarity-Writing is concise, understandable, and contains sufficient detail or examples.
• Objectivity-Avoids use of first person and subjective bias.
• References-Sources are listed at the end of the paper.
Use strong credible sources - peer-reviewed references, government documents, and subject matter expert materials to support your answer.
Your paper will not exceed 5 pages (excluding cover sheet and reference page(s).
SLP
Despite the fact that cyber risks and cyber security are widely acknowledged to be a serious threat, many companies today still do not purchase cyber risk insurance. However, this situation is changing. Recent legal developments underscore the fact that reliance on traditional insurance policies is not enough, as companies face growing liabilities in this fast-evolving area. For example, more than 70 class actions lawsuits were filed against Target Corporation alone by its customers following its 2013 holiday season data breach that compromised up to 110 million customer accounts.
For this SLP, answer the following:
1. What do cyber insurance policies cover and exclude (i.e., First Party vs. Third Party)?
2. What factors might an insurance company consider in assessing the risk level (exposure) of a certain business (i.e., Organizational, Technical, Policies & Procedures, Legal& Compliance)?
3. In your opinion, are cyber insurance policies a viable option for businesses to mitigate cyber risk? Explain.
SLP Assignment Expectations
Assignments should be 3 to 5 full pages, double-spaced, not counting the cover or reference page. Paper format: (a) Cover page, (b) Header, (c) Body. Submit your assignment by the last day of this module. Provide quotations to support your responses.
• Relevance-All content is connected to the question.
• Precision-Specific question is addressed. Statements, facts, and statistics are specific and accurate.
• Depth of discussion-Present and integrate points that lead to deeper issues.
• Breadth-Multiple perspectives and references, multiple issues/factors considered.
• Evidence-Points are well-supported with facts, statistics and references.
• Logic-Presented discussion makes sense; conclusions are logically supported by premises, statements, or factual information.
• Clarity-Writing is concise, understandable, and contains sufficient detail or examples.
• Objectivity-Avoids use of first person and subjective bias.
• References-Sources are listed at the end of the paper.
Use strong credible sources-peer-reviewed references, government documents, and subject matter expert materials to support your answer. Your paper will not exceed 5 pages (excluding cover sheet and reference page(s).
Required Reading
Boot, Max (2015, July 12). What is the greatest threat to U.S. national security? Commentary.
Causey, B. (2013, January), How to conduct an effective IT security risk assessment.
Hartwig, R. P. (2014). Cyber risks: The growing threat. Insurance Information Institute.
Howard, T., & Cruz, J. (2017). A cyber vulnerability assessment of the U.S. Navy in the 21st Century.
Romanosky, S., Ablon, L., & Kuehn, A. (2017).A content analysis of cyber insurance policies. RAND.
Required Websites
Federal Emergency Management Agency (FEMA) (n.d.). Risk Assessment.
Risk Assessment. IT Information Technology.