as its basis. The selected computing system should be from a free Wifi hotspot. In this assignment, initial creation and population of adversarial and a non-adversarial risk assessment tables patterned after Table I-5 and Table I-7 in NIST SP 800-30 will be performed. This assignment is intended to prepare for another assignment which will apply this risk assessment assignment, wherein use of these populated tables will be used to gain insight in the selected system's risks, apply knowledge, and apply relevant information security metrics, and discuss the considerations that should go into an actual information security risk assessment discussion -- limited to adversarial and non-adversarial threats. This means that you should fill out those two templates as a minimum as part of the deliverable for this assignment should be a brief description of your selected information system and Tables I-5 and I-7 created and populated.
I was needing 1 page on the following:
Assume that your class is the management team of a medium-size business that sells goods to consumers online. You conduct a security assessment, and identify that the information systems are vulnerable to information leakage, and that account and customer information can be stolen; in essence a breach of PII. What controls or safeguards would you recommend implementing to address this situation, how would you select a control based on effectiveness and cost, and, based on your selected control(s), what specific considerations would need to be factored into a high level implementation mitigation plan and why?