Article: Chen, J. & Zhu, Q. (2019). Interdependent Strategic Security  Risk Management With Bounded Rationality in the Internet of Things. IEEE  Transactions on Information Forensics and Security, 14(11), 2958-2971. Borek, A. (2014). Total Information Risk Management: Maximizing the  Value of Data and Information Assets (Vol. First edition). Amsterdam:  Morgan Kaufmann Retrieved from The readings this week discusses broad context of risk and  investigative forensics. Part of risk management is to understand when  things go wrong, we need to be able to investigate and report our  findings to management. Using this research, or other research you have  uncovered discuss in detail how risk and investigate techniques could  work to help the organization. ERM helps to protect an organization  before an attack, where as forensics investigate technique will help us  after an attack – so lets discus both this week. A substantive post will do the following: At least one scholarly source should be used in the initial  discussion thread. Be sure to use information from your readings and  other sources from the UC Library. Use proper citations and references  in your post.

Risk management and investigative forensics play crucial roles in protecting organizations from potential threats and addressing incidents when they occur. In this regard, the article by Chen and Zhu (2019) titled “Interdependent Strategic Security Risk Management With Bounded Rationality in the Internet of Things” and the book by Borek (2014) titled “Total Information Risk Management: Maximizing the Value of Data and Information Assets” provide valuable insights into these topics.

Effective risk management seeks to identify, assess, and prioritize potential threats to an organization and develop strategies to mitigate them. It involves a systematic approach that integrates policies, processes, and tools to minimize the impact and likelihood of risks. One example of risk management practice is Enterprise Risk Management (ERM), which focuses on identifying and managing risks comprehensively across an entire organization. ERM aims to create a risk-aware culture, enhance decision-making processes, and increase resilience.

Borek (2014) discusses “Total Information Risk Management,” which emphasizes the importance of considering the value of data and information assets in risk management. It highlights the need for organizations to assess the potential risks associated with their information assets and take appropriate measures to protect them. This includes identifying vulnerabilities, implementing security controls, and establishing incident response plans.

Investigative forensics, on the other hand, plays a crucial role in post-incident analysis and investigation. It involves the collection, preservation, examination, and analysis of evidence to determine the cause, extent, and impact of an incident. Investigative techniques enable organizations to identify the origin of an attack, analyze the tactics and techniques used by the threat actor, and ultimately develop more effective preventive measures.

The article by Chen and Zhu (2019) focuses on strategic security risk management in the context of the Internet of Things (IoT). It recognizes the interdependent nature of risks in IoT systems and proposes a bounded rationality-based security risk management framework. The framework integrates risk assessment, decision-making, and resource allocation to optimize security investments and minimize potential risks. By incorporating decision-making models that account for the limitations of human rationality, the authors aim to provide more realistic solutions to address security risks in IoT environments.

In conclusion, risk management and investigative forensics are essential components of a comprehensive approach to protect organizations. By proactively identifying and addressing potential risks through risk management practices like ERM, organizations can mitigate the impact of incidents. Additionally, investigative forensics allows for post-incident analysis and investigation, enabling organizations to learn from incidents and improve their security posture. The article by Chen and Zhu (2019) and the book by Borek (2014) provide valuable insights into these areas and demonstrate the importance of incorporating risk management and investigative techniques to safeguard organizations.

Need your ASSIGNMENT done? Use our paper writing service to score better and meet your deadline.


Click Here to Make an Order Click Here to Hire a Writer