Assignment 4

The Chief Financial Officer (CFO) made some complaints to the CEO regarding recent capital expenditures for security software. You try to lighten the blow by explaining the value of controlling security.

In a point paper to the CEO, explain the cost benefit analysis method you use to do a quantitative assessment before investing in a security control.

Complete and include the table below in your paper.

Historical PCS incidents	Cost per Incident	Frequency of Occurrence	SLE	ARO	ALE
Theft of information (hacker)	$25,500	1 every 5 years	25,500	.2
Theft of information (employee)	$50,000	1 every 2 years	50,000	.5
Web defacement	$500	1 per month		12.0	$6,000
Theft of equipment	$5,000	1 per year		1.0	$5,000
Virus, worms, Trojan horses	$1,500		1,500	52.0	$78,000
Denial-of-service attacks	$2,500		2,500	4.0	$10,000

  You are currently deciding whether to invest in data loss prevention software. You have some reliable statistics that the software will reduce your information theft incidents by half of the current values. The cost of the software is $100K per year. Recalculate the new ARO and ALE for hacker and employee information theft. Based on these new values, explain your decision whether or not to invest in the Data Loss Prevention Software.

Projected PCS incidents with Data Theft Prevention Software	Cost per Incident	Frequency of Occurrence	SLE	ARO	ALE
Theft of information (hacker)	$25,500	1 every 5 years	25,500
Theft of information (employee)	$50,000	1 every 2 years	50,000

The requirements for your assignment are:

· 2-3 page APA paper excluding title and reference pages

· Provide at least two references and in-text citations in APA format

· College level writing