CDPSE · Question #398
Which of the following is the BEST approach for an organization that wants to transfer risk associated with a potential breach involving customer personal data?
The correct answer is B. Purchase cyber insurance. Risk transfer means shifting financial liability or impact to another party. Cyber insurance (B) directly achieves this by covering breach-related costs. Adopting standards (A) and retaining third parties (C, D) are risk mitigation/reduction, not transfer. "Risk transfer is commo
Question
Which of the following is the BEST approach for an organization that wants to transfer risk associated with a potential breach involving customer personal data?
Options
- AAdopt industry standards for breach response
- BPurchase cyber insurance
- CHire an external data processor
- DRetain a third party for breach investigation
How the community answered
(36 responses)- A3% (1)
- B89% (32)
- C3% (1)
- D6% (2)
Explanation
Risk transfer means shifting financial liability or impact to another party. Cyber insurance (B) directly achieves this by covering breach-related costs. Adopting standards (A) and retaining third parties (C, D) are risk mitigation/reduction, not transfer. "Risk transfer is commonly achieved via insurance coverage for breach costs and liabilities."
Topics
Community Discussion
No community discussion yet for this question.