Question

You are a very small company that sells healthcare insurance plans. You estimate that the breach of your customer database will cost you $200,000 and that this might happen once in 5 years. A vendor wants to sell you a Data Loss Prevention (DLP) solution that would cost $50,000 per year. Which of the following is the best course of action?a. Spend $25,000 on cyber insurance to transfer the risk.b. Spend the $50,000 to mitigate the risk.c. Accept the risk. d. Spend whatever it takes to ensure that this data is safe.

Answer 1

Answer:

C. Accept the risk

Explanation:

The first option is close but might not be suitable for a small company considering it's cost.

The second option which is to spend fifty thousand dollars per year on a data loss prevention solution is projected to cost you more than the risk.

The third option isn't specific and lacks a course of action.