The annual conference that brings together Chicagoland professionals from the fields of IT Audit/Assurance, Governance, Risk, Compliance, Cybersecurity, and Infosecurity.
Complying with the new SEC Cybersecurity Rule – Five Deliverables Every Cybersecurity Team Needs to Survive, Thrive.
Review tools and templates that help Information Security Teams justify technical investments by translating cybersecurity risks in the language of the C-Suite.Information security is speaking the language of threats, vulnerabilities, and impacts to technical assets. The C-suite is speaking the language of impacts to customers, business goals, and third-party obligations.
By providing a “universal translator” between information security terminology and the language of the C-suite, you can:
- Ensure your security program is legally defensible and compliant with the new SEC Cybersecurity Rule, published July 26, 2023.
- Define a “clear line of acceptable risk” below which you accept risks and above which you remediate.
- Understand the “total risk” (i.e., your risk FICO score) to your organization.
- Provide C-suite a roadmap for your program that reduces risk to an acceptable level (answering the C-suite question of, “Are we where we need to be? If not, when will we get there?”)
- Communicate risks and justify expenditure requests in business terms.
DoCRA and Considering Your Risk Obligations to Others