Risk Assessment of Home Depot Malware Attack
Reading: Krebs, B. (2014).Home Depot Hit By Same Malware as Target. (https://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target/)Instructions: For this assignment you need to read the linked article and discuss vulnerabilities, threats, and risks that played a role in these data breaches. You do not have to provide an overly technical answer. There is not much detail available to specifics of data breaches that impacted both Target and Home Depot. Focus on the definitions of risk, threat, and vulnerabilities and look for connections between both breaches. Your answer for each of the following questions should be in approximately 200 words. Include at least three references. Both in-text citations and the bibliography should be in the APA format.
Case Study Questions:1.As you read through the linked article first write a brief description of the Home Depot case.
2.List vulnerabilities threats and resulting risks that both Target and Home Depot may have faced. Risk Assessment of Home Depot Malware Attack
3.What are the benefits of quantitative risk assessment over qualitative risk assessment? What are the disadvantages of quantitative risk assessment compared with qualitative assessment? Connect your discussion to the Home Depot case.
4.How can identification of risk help Home Depot with organizational decision making? Provide another example(cyberattack incident e.g.)that effective cyber risk identification helped organizational decision making?
5.Which of the three (3) risk assessment techniques (quantitative qualitative hybrid) could have helped with early identification of data breach risks at affected stores? Risk Assessment of Home Depot Malware Attack
3.What are the benefits of quantitative risk assessment over qualitative risk assessment? What are the disadvantages of quantitative risk assessment compared with qualitative assessment? Connect your discussion to the Home Depot case.
4.How can identification of risk help Home Depot with organizational decision making? Provide another example(cyberattack incident, e.g.)that effective cyber risk identification helped organizational decision making?
5.Which of the three (3) risk assessment techniques (quantitative, qualitative, hybrid) could have helped with early identification of data breach risks at affected stores?