Unit 4 Individual Assignment for CIS222: Fundamentals of Security
Unit 4 Individual Assignment
The Chief Financial Officer (CFO) made some complaints to the CEO regarding recent capital expenditures for security software. You try to lighten the blow by explaining the value of controlling security.
In a point paper to the CEO, explain the cost benefit analysis method you use to do a quantitative assessment before investing in a security control.
Complete and include the table below in your paper.
Historical PCS incidents
Cost per Incident
Frequency of Occurrence
SLE
ARO
ALE
Theft of information (hacker)
$25,500
1 every 5 years
25,500
.2
Theft of information (employee)
$50,000
1 every 2 years
50,000
.5
Web defacement
$500
1 per month
12.0
$6,000
Theft of equipment
$5,000
1 per year
1.0
$5,000
Virus, worms, Trojan horses
$1,500
1,500
52.0
$78,000
Denial-of-service attacks
$2,500
2,500
4.0
$10,000
You are currently deciding whether to invest in data loss prevention software. You have some reliable statistics that the software will reduce your information theft incidents by half of the current values. The cost of the software is $100K per year. Recalculate the new ARO and ALE for hacker and employee information theft. Based on these new values, explain your decision whether or not to invest in the Data Loss Prevention Software.
Projected PCS incidents with Data Theft Prevention Software
Cost per Incident
Frequency of Occurrence
SLE
ARO
ALE
Theft of information (hacker)
$25,500
1 every 5 years
25,500
Theft of information (employee)
$50,000
1 every 2 years
50,000
The requirements for your assignment are:
· 2-3 page APA paper excluding title and reference pages
· Provide at least two references and in-text citations in APA format
· College level writing
Students: Be sure to read the criteria, by which your paper/project will be evaluated, before you write, and again after you write.