An organization has determined that fixing a security vulnerability in a critical application is too costly to be feasible, but the impact is material to the business. Which of the following is the MOST appropriate risk treatment?
A.
Purchase cybersecurity insurance.
B.
Accept the risk associated with continued use of the application.
C.
Implement compensating controls for the application.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit