You’re Expected to Know and Disclose the Foreseeable Cybersecurity Threats that Face Your Organization and Reasonably Defend Against Them: How Do You Do This?
When: November 16, 2021 - November 16, 2021
Description: Organizations are expected to perform their duty of care by protecting the organization, its clients, suppliers, and the general public from foreseeable harm. Until recently, the jobs of the Chief Information Security Officer, Risk Officer, and Compliance Officer have been challenging to determine what is foreseeable. Fortunately, the data is available to predict the likeliest threat vectors — paths cybercriminals use to gain access and take advantage of vulnerabilities in networks or devices — for particular industry types. Join us at the next Midwest Cyber Security Alliance virtual meeting on Tuesday, November 16, 2021 where fellow sponsor HALOCK Security Labs will demonstrate how you can use publicly available breach data to forecast the most likely ways your organization will be attacked. See how the data that feeds Verizon’s Data Breach Investigations Report predicts your weaknesses in surprising detail. Discussion topics include:
• Incorporating likely threat vectors into your organization’s existing risk analysis (Risk = Impact x Likelihood)
• Learn how Likelihood fits with Duty of Care Risk Analysis impact criteria (missions, objective, and obligations)
• Use the risk calculus as a guide to help your organization prioritize risks based on foreseeable threats that could harm the company itself or others outside the organization, including customers, vendors, and more
In addition, Foley Partner Bryan House will provide an update on SEC guidelines on cyber risk reporting, including:
• Recent enforcement actions
• The SEC’s proposed rules regarding cyber disclosures (expected by the end of October 2021)
This presentation is intended for legal, compliance, risk, and technical roles. While some content is technical in nature, all staff responsible for your cybersecurity program will gain key insights to help protect your organization from cyber attacks.