Module 4 – Case

Module 4 – Case

Cyber Risk Assessment and Cyber Insurance

Case Assignment

There are various methods in conducting a risk assessment.  Any method used is likely to include in some shape or form hazards, vulnerabilities and impacts.  Once completed, this risk assessment can be used to develop strategies to prepare, respond, recover, and mitigate cyber threats.

For this case, answer the following:

Describe the steps to conduct a risk assessment to achieve the goals for information security (availability, integrity, confidentiality, accountability, and assurance).  

Assignment Expectations

Assignments should be 3-5 full pages, double-spaced, not counting the cover or reference page. Paper format: (a) Cover page, (b) Header, (c) Body. Submit your assignment by the last day of this module. Provide quotations to support your responses.

  • Relevance—All content is connected to the question.
  • Precision—Specific question is addressed. Statements, facts, and statistics are specific and accurate.
  • Depth of discussion—Present and integrate points that lead to deeper issues.
  • Breadth—Multiple perspectives and references, multiple issues/factors considered.
  • Evidence—Points are well-supported with facts, statistics and references.
  • Logic—Presented discussion makes sense; conclusions are logically supported by premises, statements, or factual information.
  • Clarity—Writing is concise, understandable, and contains sufficient detail or examples.
  • Objectivity—Avoids use of first person and subjective bias.
  • References—Sources are listed at the end of the paper.

Use strong credible sources – peer-reviewed references, government documents, and subject matter expert materials to support your answer. Your paper will not exceed 5 pages (excluding cover sheet and reference page(s).

Module 4 – SLP

Cyber Risk Assessment and Cyber Insurance

Despite the fact that cyber risks and cyber security are widely acknowledged to be a serious threat, many companies today still do not purchase cyber risk insurance. However, this situation is changing. Recent legal developments underscore the fact that reliance on traditional insurance policies is not enough, as companies face growing liabilities in this fast-evolving area. For example, more than 70 class actions lawsuits were filed against Target Corporation alone by its customers following its 2013 holiday season data breach that compromised up to 110 million customer accounts.

For this SLP, answer the following:

  1. What do cyber insurance policies cover and exclude (i.e., First Party vs. Third Party)?
  2. What factors might an insurance company consider in assessing the risk level (exposure) of a certain business (i.e., Organizational, Technical, Policies & Procedures, Legal & Compliance)?
  3. In your opinion, are cyber insurance policies a viable option for businesses to mitigate cyber risk? Explain.

SLP Assignment Expectations

Assignments should be 3–5 full pages, double-spaced, not counting the cover or reference page. Paper format: (a) Cover page, (b) Header, (c) Body. Submit your assignment by the last day of this module. Provide quotations to support your responses.

  • Relevance—All content is connected to the question.
  • Precision—Specific question is addressed. Statements, facts, and statistics are specific and accurate.
  • Depth of discussion—Present and integrate points that lead to deeper issues.
  • Breadth—Multiple perspectives and references, multiple issues/factors considered.
  • Evidence—Points are well-supported with facts, statistics and references.
  • Logic—Presented discussion makes sense; conclusions are logically supported by premises, statements, or factual information.
  • Clarity—Writing is concise, understandable, and contains sufficient detail or examples.
  • Objectivity—Avoids use of first person and subjective bias.
  • References—Sources are listed at the end of the paper.

Use strong credible sources—peer-reviewed references, government documents, and subject matter expert materials to support your answer. Your paper will not exceed 5 pages (excluding cover sheet and reference page(s).

Required Reading

Boot, Max (2015, July 12). What is the greatest threat to U.S. national security? Commentary. Retrieved from https://www.commentarymagazine.com/american-society/military/greatest-threat-to-national-security

Causey, B. (2013, January), How to conduct an effective IT security risk assessment. Retrieved from https://security.vt.edu/content/dam/security_vt_edu/downloads/risk_assessment/strategy-how-to-conduct-an-effective-it-security-risk-assessment_2411470.pdf

Hartwig, R. P. (2014). Cyber risks: The growing threat. Insurance Information Institute. Retrieved from https://www.iii.org/sites/default/files/docs/pdf/paper_cyberrisk_2014.pdf

Howard, T., & Cruz, J. (2017). A cyber vulnerability assessment of the U.S. Navy in the 21st Century. Retrieved from http://cimsec.org/cyber-vulnerability-assessment-u-s-navy-21st-century/30405

Romanosky, S., Ablon, L., & Kuehn, A. (2017). A content analysis of cyber insurance policies. RAND. Retrieved from https://www.rand.org/content/dam/rand/pubs/working_papers/WR1200/WR1208/RAND_WR1208.pdf

Required Websites

Federal Emergency Management Agency (FEMA) (n.d.). Risk Assessment. Retrieved from http://www.ready.gov/risk-assessment

Risk Assessment. IT Information Technology. Retrieved from https://www.it.iastate.edu/policies/risk

 
"Looking for a Similar Assignment? Order now and Get 10% Discount! Use Code "Newclient"
[promo2]