Scenario:
You have just been hired as an information security engineer for a large, multi-international corporation. Unfortunately, your company has suffered multiple security breaches that have threatened customers' trust in the fact that their confidential data and financial assets are private and secured. Credit card information was compromised by an attack that infiltrated the network through a vulnerable wireless connection within the organization. The other breach was an inside job where personal data was stolen because of weak access control policies within the organization that allowed an unauthorized individual access to valuable data. Your job is to develop a risk management policy that addresses the two security breaches and how to mitigate these risks