Reference no: EM131405745
A firm is considering two options for improving the security of its employee accounts from remote compromise. The firm calculates that the probability of compromise without enacting any additional security measures is 0.5, and that successful attacks cost the company $20K. Option 1 is to adopt a stricter password policy (e.g., a minimum of 8 characters, including at least one special character and upper-case letter). Option 2 would manually disable browser plug-ins from Adobe.
Option 1 is cheap, costing $500 initially and $1K annually due to added overhead from dealing with more password reset requests. It is not especially effective, reducing the probability of attack to 0.4. Option 2 is much more effective, reducing the probability of successful attack to 0.1. However, it imposes high indirect costs on workers, estimated at $5,000 initially due to training and $5,000 each year.
Include any R code used in the calculation as part of your homework.
a. Calculate ROSI for each method, based on the initial costs only. Based on this metric, which approach is preferred?
b. Calculate the NPV for each method assuming a 6% discount rate. Assume that any savings beyond eight years are ignored. Based on this metric, which approach is preferred?
c. Having calculated ROSI and NPV for both options, which option would you recommend investing in and why?
d. Plot the NPV for both methods as a function of the discount rate (for discount rates up to 60%). Include the code and a printout of the graph with your assignment. Your graph should look similar to this graph, which is calculated for the example from the lecture notes:Include your R code that created the graph.
e. Which option mitigates more risk? Which option accepts more risk, and how much risk is accepted annually by that option?
Classes of breach-probability functions
: The Gordon-Loeb model considers two classes of breach-probability functions, including:
|
Describe how organizations operate as open systems
: MGT/230- Describe how organizations operate as open systems • explain productivity as a measure of organizational performance • distinguish between performance effectiveness and performance efficiency.
|
Develop a model of proposed system
: In the prior unit, systems planning, you prepared a feasibility study and proposed a broad solution to problems you identified. In the systems analysis phase you will develop a model of your proposed system. This phase applies modeling techniques ..
|
Determine the key characteristics of the user of the product
: Determine the key characteristics of the users of the products and/or services of the health care provider you selected.Analyze the competitive environment of the health care provider you selected and recommend a course of action for strategic mark..
|
Improving the security of its employee accounts
: A firm is considering two options for improving the security of its employee accounts from remote compromise. The firm calculates that the probability of compromise without enacting any additional security measures is 0.5, and that successful atta..
|
Displays the values of some string variables
: Create a new script from scratch that defines and displays the values of some string variables. Use double quotation marks in the echo or print statement that outputs the values. For added complexity include some HTML in the output. Then rewrite t..
|
Why you try to take care of your body
: "What is the most important reason why you try to take care of your body: Is it mostly because you want to be attractive to others, or mostly because you want to keep healthy, or mostly because it helps your self-confidence, or what?"
|
Different ways to produce a forensically sound image
: Question One: Since we have so many different ways to produce a forensically sound image, why do you think we need more than one? Is there some advantage of one over another?
|
What pre-service and in-service training will they receive
: Develop a proposal for a specific program for older adults and/or their families. Assume that your budget is flexible but consider real world limitations to implementing the program.What is your theoretical and research informed rationale for the ..
|