week 9 discussion - Lea Munyon 1 IS3350 week 9 discussion Challenges Associated With Assessing Information Security Risks Reliably assessing information

week 9 discussion - Lea Munyon 1 IS3350 week 9 discussion...

This preview shows page 1 - 2 out of 4 pages.

Lea Munyon IS3350 week 9 discussion 1 Challenges Associated With Assessing Information Security Risks Reliably assessing information security risks can be more difficult than assessing other types of risks, because the data on the likelihood and costs associated with information security risk factors are often More limited and because risk factors are constantly changing. For example, A. Data are limited on risk factors, such as the likelihood of a sophisticated hacker attack and the costs Of damage, loss, or disruption caused by events that exploit security weaknesses B. Some costs, such as loss of customer confidence or disclosure of sensitive information, are inherently difficult to quantify. C. Although the cost of the hardware and software needed to strengthen controls maybe known, it is often not possible to precisely estimate the related indirect costs, such as the possible loss of productivity that may result when new controls are implemented D. Even if precise information were available, it would soon be out of date due to fast- paced changes in technology and factors such as improvements in tools available to would-be intruders.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture