Scenario: Cybersecurity Risk in a Financial Institution
A major financial institution has identified a potential risk of a sophisticated cyberattack
targeting its online banking platform. The likelihood is assessed as “high” due to recent
industry trends, and the impact is “critical” because of potential financial loss and
reputational damage. The institution has robust firewalls and regular employee training, but
new vulnerabilities are constantly emerging.
Which risk management strategy should the institution prioritize?

Question

Scenario: Cybersecurity Risk in a Financial Institution

A major financial institution has identified a potential risk of a sophisticated cyberattack

targeting its online banking platform. The likelihood is assessed as “high” due to recent

industry trends, and the impact is “critical” because of potential financial loss and

reputational damage. The institution has robust firewalls and regular employee training, but

new vulnerabilities are constantly emerging.

Which risk management strategy should the institution prioritize?

Answer

A) Accept the risk, as controls are already in place

Answer

B) Transfer the risk by purchasing cyber insurance only

Answer

C) Continuously update controls and conduct regular vulnerability assessments

Answer

D) Ignore the risk, as similar attacks have not occurred in the past year

Crowdly