You are an ICT Security and Risk consultant and you have been approached by Globex Corp to
help them recover from a cyber attack. You have successfully isolated the machines affected by
the attack and brought the company’s system back into operation.
Globex Corp Director is still not entirely convinced that this is necessary, but wants you to develop a proposal for some security policies, just in case they win a government contract.
Be able to critically analyze the various approaches for mitigating security risk, including when to use insurance to transfer IT risk.