Duty of Care Risk Analysis: Leveraging the New Risk Assessment Method to Reduce Liability
Duty of Care Risk Analysis (DoCRA) is a new standard that describes processes for evaluating information security risks and their safeguards so that the resulting analysis
is easily communicated to and accepted by authorities, such as regulators and judges, and to other parties who may be harmed by those risks. Regulators expect that the burden of safeguards should be balanced against an organization’s mission. Attorneys and judges similarly use balancing tests to determine whether foreseeable harm could have been prevented by safeguards that would pose a reasonable burden.
While conventional risk analysis methods have neglected to include these significant perspectives, DoCRA describes how they may be incorporated. To bridge information security risk analysis with legal and regulatory expectations, DoCRA builds on and extends the classic risk analysis calculus. The new standard also serves as the foundation for CIS RAM, the Center for Internet Security® Risk Assessment Method co-developed by HALOCK Security Labs and published earlier this year.
Join us at the next Midwest Cyber Security Alliance meeting to learn more about DoCRA and CIS RAM. The MCSA’s very own Terry Kurzynski and Jennifer Rathburn will provide a history lesson on how the courts decide on negligence as well as discuss:
- Why the disconnect persists between the legal system and information security community
- How current risk frameworks are failing to protect us
- How to upgrade your organization’s risk assessment methods to meet Duty of Care
Attendees will enjoy complimentary cocktails and networking before the presentation.
There is no fee to attend this event, but advance registration is required.
Reserve your seat today.
Wednesday, September 19, 2018
5:00 – 7:00 p.m.
Foley & Lardner LLP
777 East Wisconsin Avenue
Milwaukee, WI 53202
HALOCK is headquartered in Schaumburg, IL, in the Chicago area and advises clients on information security throughout the US.