Discussion Question

You are the chief information security officer (CISO), and due to a government shutdown and other factors, your desktop team is unable to migrate to Windows 7 as you initially planned. You know that Windows XP support will expire in just two weeks, and your agency will be vulnerable to all types of malware if you continue operating on it after the end of support deadline.

How would you handle this risk? Would you accept, reject, transfer, or mitigate it? How did you come to that decision?