Register
An enterprise's Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) are meeting to discuss ongoing capacity and resource planning issues. The enterprise has experienced rapid,
127k views
2 votes
An enterprise's Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) are meeting to discuss ongoing capacity and resource planning issues. The enterprise has experienced rapid, massive growth over the last 12 months, and the technology department is stretched thin for resources. A new accounting service is required to support the enterprise's growth, but the only available compute resources that meet the accounting service requirements are on the virtual platform, which is hosting the enterprise's website.

Which of the following should the CISO be MOST concerned about?

A. Poor capacity planning could cause an oversubscribed host, leading to poor performance on the company's website.
B. A security vulnerability that is exploited on the website could expose the accounting service.
C. Transferring as many services as possible to a CSP could free up resources.
D. The CTO does not have the budget available to purchase required resources and manage growth.

User Imran Rasheed
by
7.8k points

1 Answer

4 votes

Final answer:

The CISO should be highly concerned about a security vulnerability on the website that could expose the new accounting service, considering previous incidents where breaches resulted in massive data exposure. Security should be prioritized over capacity planning to protect critical services.

Step-by-step explanation:

The Chief Information Security Officer (CISO) should be most concerned about the potential for a security vulnerability on the enterprise's website which could expose the accounting service to risk. When an enterprise experiences rapid growth, it is crucial to maintain the integrity and security of its computing resources. Hosting a new accounting service on the same virtual platform as the company's website could lead to a situation where a compromise of one service (e.g., the website) could directly impact the security of the other (e.g., the accounting service). The recent breaches in retailers and financial institutions have shown that such security vulnerabilities can result in significant exposure of personal information to identity theft and other cyber threats.

It is important that the Chief Technology Officer (CTO) and CISO work together to ensure that the technology department's resources are allocated in a way that does not compromise security. While capacity planning and budget constraints are also critical issues that need addressing, the immediate concern from a security standpoint is to ensure that critical services like accounting are insulated from potential breaches, thus maintaining the company's data integrity and customer trust.

User Jjharrison
by
8.8k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

9.5m questions

12.2m answers

Other Questions

Who was Adam Smith ? Anybody?
What can turn igneous rock into sediment?
In what way did the GI Bill contribute to the growth of professional and white-collar jobs ? A.by providing US laborers with new job-training programs B.by giving US veterans assistance to purchase a new
What is meant by data mining ?
What is the best way to describe a stock market?
Link Copied!