Brad is ultimately responsible for deciding which type of data encryption algorithm to use on a new platform being launched next quarter. What is the most significant factor Brad should consider?
A.
Price
B.
Regulatory compliance
C.
Business risk
D.
Vendor reputation
Explanation:
When determining which encryption algorithm should be used, one has to
understand the level of protection that specific data sets require. The level of
protection that needs to be provided needs to be weighed against business needs and
risks and a cost/benefit analysis should be carried out. Regulatory compliance is
encapsulated into business risk, because if a company is not compliant this can
result in fines or other punishments. So Brad should choose the right strength and
type of algorithm based on the data’s classification level and the risk level of
cryptoanalysis attacks.