Information Security Assurance and Risk Control

(Your answers should show all the steps required.)

A cloud service provider CSP Cloud International establish a data center and start to
host its clients  Information Asset. The total cost of both the tangible and Intangible asset
is $42 Million dollars. The intangible asset exposed to the hacking threat is valued at a score
proportional to  the ratio where each million dollars is assigned to a value of 1. The total
value of the intangible asset is calculated on the scale of 0 to 100. The British Cyber Industry
reports indicate a 15% chance of an attack this year, based on an estimate of one attack every
15 years.

The Cloud Service International CyberSecurity department risk assessment report proves
that due to the existing network and application vulnerabilities and weak IDS and IPS,  any
successful cyber-attack has a 55% of penetrating into the cloud data center and compromising
the critical servers. 

The Chief Security Officer reported to the senior Management that unless additional
investment is not approved to purchase another IDS security tool, the damage could
affect 72% of the intangible asset.
Estimation of the above risk assessment report is found to be 88 % accurate.

Question:

      – Find the loss frequency
      – Find the loss magnitude
      – Estimate the Risk Rating for Asset A.
      – What is the Uncertainty