9) Assume you are the cybersecurity consultant brought in post-incident.

Recommend a comprehensive cybersecurity strategy for SAA that addresses:

• Risk assessment

• Cyber hygiene and awareness

• Network security enhancements

• Incident response improvements

• Regulatory compliance (15 marks)