Estimate each cost for the mitigation based on the following budget. Financial Plan for Implementation of the Information Security Organization 1. Total Annual Infrastructure Budget: 1.2 million (hardware, software, licenses, spares, etc.) 2. Total Annual Supplies Budget:0.2 million (user computers, batteries, etc.) 3. Total Annual Personnel Budget: TBD (will be determined in Week 5 financial plan) 4. Total Training Budget: TBD (will be determined in Week 5 financial plan) The Total Annual Operating Budget will be the sum of the 4 areas above. The Infrastructure Budget includes SOC equipment which is to include SIEM servers and software (e.g., vulnerability scanners, log correlation, event monitoring). Weak Password Policy: Mitigation Action: Implement password complexity requirements (NIST SP 800-53 AC-2). Cost: Minimal to moderate, depending on the current system's capabilities. Time Frame: 1-2 weeks. Unencrypted Data Transmission: Mitigation Action: Enable encryption for data transmission (NIST SP 800-53 SC-8). Cost: Moderate to high, depending on the current system's capabilities and the encryption solution chosen. Time Frame: 1-3 months. Lack of Regular Security Updates: Mitigation Action: Establish a patch management process (NIST SP 800-53 CM-2). Cost: Moderate, considering the need for dedicated personnel and possibly software tools. Time Frame: 1-2 months. Insufficient User Training: Mitigation Action: Develop and conduct regular security training sessions (N