If you are breached and your case goes to litigation, you will likely be asked to demonstrate “due care” and that your controls were “reasonable.” Many are surprised to learn that a breach by itself does not constitute negligence in most cases. But judges will ask a set of questions that help them determine whether your controls were reasonable. (more…)
Recent Cyber Legislation that Will Impact Businesses by the Definition of “Reasonable”
(more…)
Highlight your RSA Experience at the Author! Author! Happy Hour.
(more…)
As the cybersecurity industry grows, so do the concepts and terms to help us manage security policies and business objectives. This edition of ‘What is the Meaning of This?’ focuses on duty of care, reasonableness, and CIS RAM.
(more…)
Cybersecurity is a major concern for all organizations today that utilize digital technology, but one of the initial questions for any organization must be, “What are my legal obligations when it comes to cybersecurity?” (more…)
This two-hour workshop will demonstrate how to conduct a risk assessment – from beginning to end – using CIS’ new risk assessment method. A brief introduction to CIS RAM’s foundations will be followed by example walk-throughs of developing criteria for assessing and accepting risk, for evaluating current controls for risk acceptability, and for modeling safeguards that are demonstrably reasonable and appropriate. (more…)
