Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years.
Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the
system for $25,000. The breached system is scheduled to be replaced in five years.
Which of the following should Sara do to address the risk?
Accept the risk saving $10,000.
Ignore the risk saving $5,000.
Mitigate the risk saving $10,000.
Transfer the risk saving $5,000.
Risk transference involves sharing some of the risk burden with someone else, such as an insurance company.
The cost of the security breach over a period of 5 years would amount to $30,000 and it is better to save