In Chapter 3 you read about managing risk; who owns risk, what are the risks, and calculating risks. It also mentions insurance. Especially due to the increase in ransomware attacks over the past few years, cyber insurance has become much more prevalent. Having cyber insurance, no matter the size of the company, can really prove as a ROI for the company. The readings also mention the difficulty of identifying that ROI in cybersecurity as many times the elements are intangible. This also makes it difficult to work with business leaders that are not in IT.
The second reading for this week identifies three ways to achieve ROI in cybersecurity – reduction in risk, compliance, and meeting business objectives. Write a paper that explains specifics of what you can do to implement these three areas into ROI for your company, BioHuman. Give examples for each. Also, consider the different types of tools and calculators that are out there to assist with coming up with the ROI. Discuss at least two different tools that you can implement to achieve this that would coincide with your examples.