As the cybersecurity industry grows, so do the concepts and terms to help us manage security policies and business objectives. This edition of ‘What is the Meaning of This?’ focuses on duty of care, reasonableness, and CIS RAM.
Chicago Tribune – HALOCK Security Labs is conducting an informative webinar to help establish ‘reasonable’ risk in cybersecurity controls, based on the Duty of Care Risk Analysis (DoCRA) standard. This event is hosted by Compliance Week at 2:00 p.m. EDT on Thursday, March 21, 2019.
If you are breached and your case goes to litigation, you will likely be asked to demonstrate “due care” and that your controls were “reasonable.” Many are surprised to learn that a breach by itself does not constitute negligence in most cases. But judges will ask a set of questions that help them determine whether your controls were reasonable. (more…)
This two-hour workshop will demonstrate how to conduct a risk assessment – from beginning to end – using CIS’ new risk assessment method. A brief introduction to CIS RAM’s foundations will be followed by example walk-throughs of developing criteria for assessing and accepting risk, for evaluating current controls for risk acceptability, and for modeling safeguards that are demonstrably reasonable and appropriate. (more…)
Four Chicago-area cybersecurity experts shared their thoughts with Crain’s Custom Media on this ever-changing landscape, including what organizations can do to keep their workplaces, employees and customers safe. Read the discussion.