Cisco 892 And Cisco Catalyst 2960S 48LPS L Switch Windows Se ✓ Solved

Cisco 892 Isrcisco Catalyst 2960s 48lps L Switchwindows Server

For this assignment, evaluate the above network diagram for a basic small marketing firm in San Francisco, CA. You have been asked to write a basic risk assessment for this company. In the first part, brainstorm and list every risk you can imagine (realistic for this company) include virtual, physical and “stupid” in your listing. Provide a brief one-to-two sentence overview for each risk you list. In the second section, pick the top risk and create a Quantitative RA (last week) for a single loss expectancy. Each event will have its own price tag and amount of downtime. The values for each device is listed as “P” for physical cost and “V” for the estimated value of the data on each device. Each day the network is down results in a loss of $86,000.00. P -$9423.00 V -$242,000.00 P -$7453.00 V -$49,000.00 P -$14,785.00 V -$132,000.00 P -$924.00 P -$2754.00 P -$1425.00 Each P -$1274.00 Each P -$399.00 Each P -$199.00 Each

Paper For Above Instructions

In today’s technology-driven world, firms must conduct comprehensive risk assessments to identify and mitigate potential threats to their operations and data integrity. This assignment focuses on a small marketing firm based in San Francisco that utilizes a variety of technologies, including Cisco network devices, Windows Server 2008 R2, and various client devices, including desktops and mobile systems. This risk assessment will cover an evaluation of potential risks and provide quantitative data on the most significant threat to the firm’s functional integrity.

Identified Risks

The following risks have been identified for the marketing firm:

  • Data Breach (Virtual Risk): Unauthorized access to confidential client data may occur due to weak passwords or inadequate cybersecurity measures, leading to significant financial and reputational damage.
  • Malware Attack (Virtual Risk): Malware could infiltrate the network through unprotected devices or email attachments, disrupting operations and potentially corrupting critical data.
  • Physical Theft (Physical Risk): Theft of physical devices such as laptops or servers can result in loss of sensitive information and breakdown of trust with clients.
  • System Failure (Physical Risk): Hardware failures, particularly with servers hosting critical applications, can lead to extensive downtime and loss of productivity, impacting revenue and client satisfaction.
  • Human Error (Stupid Risk): Mistakes made by employees, such as deleting essential files or misconfiguring network devices, can lead to unnecessary data loss and operational disruptions.
  • Natural Disasters (Physical Risk): Events such as earthquakes or floods could damage physical infrastructure, resulting in costly repairs and disruptions to business continuity.
  • Outdated Software (Virtual Risk): Failure to update software and operating systems exposes the firm to vulnerabilities that could be exploited by cybercriminals.
  • Inadequate Backups (Physical Risk): Without proper backup procedures, the firm risks permanent data loss due to events such as hardware failures or unexpected disasters.
  • Insider Threats (Virtual Risk): Disgruntled employees may maliciously leak or sabotage data, causing severe consequences for the organization.
  • Network Overload (Virtual Risk): An overburdened network may lead to decreased performance, impacting productivity and client service delivery.

Top Risk Analysis

After careful consideration, the most significant risk identified is the Data Breach. The potential for unauthorized access to sensitive client information poses not only financial but also reputational risks. As data breaches have become increasingly common, organizations find themselves facing legal repercussions, damage to their brand, and loss of customer trust (Ponemon Institute, 2020).

Quantitative Risk Assessment for Data Breach

Each day of network downtime results in a loss of $86,000. The specific costs associated with the data breach are based on the following values for physical devices and the estimated data value:

  • Physical cost (P) = $9,423.00, Data value (V) = $242,000.00
  • Physical cost (P) = $7,453.00, Data value (V) = $49,000.00
  • Physical cost (P) = $14,785.00, Data value (V) = $132,000.00
  • Physical cost (P) = $924.00
  • Physical cost (P) = $2,754.00
  • Physical cost (P) = $1,425.00
  • Physical cost (P) = $1,274.00
  • Physical cost (P) = $399.00
  • Physical cost (P) = $199.00

To calculate the Single Loss Expectancy (SLE) for a data breach, we sum the physical costs and estimated data values:

SLE = P + V

Considering the most significant data breach incident, let’s take the highest values: $9,423.00 (P) + $242,000.00 (V) = $251,423.00.

In the case of a single data breach event, assuming it results in a complete shutdown of the operations for a full day, the total expected loss, including operational downtime, would be:

Total Expected Loss = SLE + Daily Downtime Loss

Total Expected Loss = $251,423.00 + $86,000 = $337,423.00.

Conclusion

In conclusion, the small marketing firm in San Francisco faces a variety of risks, with data breaches posing the most significant threat due to their potential impact on financial loss and brand reputation. It is crucial for the firm to implement robust cybersecurity measures, regularly update their software, and establish comprehensive data backup protocols to mitigate this risk, thereby ensuring the integrity of their operations and the trust of their clientele.

References

  • Ponemon Institute. (2020). The Cost of a Data Breach Report 2020. Retrieved from https://www.ibm.com/security/data-breach
  • Verizon. (2021). Data Breach Investigations Report. Retrieved from https://enterprise.verizon.com/resources/reports/dbir/
  • Gartner. (2021). Forecast: Information Security, Worldwide, 2020-2026. Retrieved from https://www.gartner.com/en/information-technology
  • INFORMS Revenue Management and Pricing Section. (2019). The Economics of Cyber Risk for Businesses. Retrieved from https://www.informs.org/Explore/Research/Research-Areas/Revenue-Management
  • Cybersecurity & Infrastructure Security Agency (CISA). (2020). Security Considerations for Data Breach Response. Retrieved from https://www.cisa.gov
  • IBM Security. (2021). The 2021 Cost of a Data Breach Report. Retrieved from https://www.ibm.com/security/data-breach
  • NIST. (2020). Framework for Improving Critical Infrastructure Cybersecurity. Retrieved from https://www.nist.gov/cyberframework
  • European Union Agency for Cybersecurity. (2020). Cybersecurity Risk Management. Retrieved from https://www.enisa.europa.eu
  • SANS Institute. (2019). The Cybersecurity Risks Facing Businesses Today. Retrieved from https://www.sans.org
  • McAfee. (2021). The Economic Impact of Cybercrime. Retrieved from https://www.mcafee.com

Related Assignments