Certified Information Security Manager (CISM) — Question 1227

Which of the following would BEST support a business case to implement an anti-ransomware solution?

Answer options

• A. Industry benchmark of anti-ransomware investments
• B. A threat and vulnerability assessment
• C. Trend analysis of ransomware attacks
• D. A reduction in required backups and associated costs

Correct answer: B

Explanation

The correct answer, B, emphasizes the importance of understanding the specific threats and vulnerabilities that could affect the organization, which is crucial for justifying an anti-ransomware solution. The other options, while relevant, do not directly assess the unique risks faced by the business, making them less effective for building a strong business case.