A small company with 25 employees is attacked and its data are encrypted. The chief executive officer (CEO) does not think their insurance would cover the cost of restoration and the company would have to shut down operations for more than 3 months. As a result, they will probably going out of business. They did not spend any of their information technology (IT) budget on cybersecurity. What should they have done before this happened?(1 point)

Question

A small company with 25 employees is attacked and its data are encrypted. The chief executive officer (CEO) does not think their insurance would cover the cost of restoration and the company would have to shut down operations for more than 3 months. As a result, they will probably going out of business. They did not spend any of their information technology (IT) budget on cybersecurity. What should they have done before this happened?(1 point)

Responses

They should have increased their IT budget only.
They should have increased their IT budget only.

They should have increased their insurance coverage.
They should have increased their insurance coverage.

They should have spent 10% of their IT budget on cybersecurity.
They should have spent 10% of their IT budget on cybersecurity.

They should have increased their return on investment (ROI).

Answer 1

They should have spent 10% of their IT budget on cybersecurity. By allocating a portion of their IT budget specifically for cybersecurity measures, they could have implemented necessary protections to prevent such attacks and minimize the potential impact on their business. Additionally, increasing their insurance coverage could have provided financial support in the event of a cyber attack.