Chris Cronin is an ISO 27001 Auditor and has over 15 years of experience helping organizations with policy design, security controls, audit, risk assessment and information security management systems within a cohesive risk management process. Chris is Chair of The DoCRA Council and the principal author of CIS Risk Assessment Method (RAM). Chris is also a member of The Sedona Conference, Data Security and Privacy Liability – Working Group 11 (WG11).
He is a frequent speaker and presenter at information security conferences and events. Chris earned his Masters of Arts from Case Western Reserve University.
SPEAKING & PANELIST ENGAGEMENTS
MER Conference: Defining “Reasonable Security Measures” When it Comes to Data Protection | Wed May 11, 11:00 AM – 12:00 PM EDT / 10:00 AM – 11:00 AM CDT
Cleveland-Marshall College of Law – Cleveland State University: 2022 Cybersecurity and Privacy Protection Conference | May 19-20, 2022
Center for Internet Security, Inc. (CIS®) Podcast: Conceptualizing Reasonableness for Risk Analysis
RIMS 2022: The Questions a Judge Will Ask You After a Data Breach | April 11, 2022
Center for Internet Security, Inc. (CIS®): CIS Risk Assessment Method (RAM) v2.1 for Implementation Group 2 (IG2) Workshop | Tuesday, February 8, 2022 | 2:00 p.m. EST
Midwest Cyber Security Alliance (MCSA): You’re Expected to Know and Disclose the Foreseeable Cybersecurity Threats that Face Your Organization and Reasonably Defend Against Them: How Do You Do This? | Nov 16, 2021
The Center for Internet Security, Inc. (CIS®): CIS Risk Assessment Method (RAM) v2.0 Webinar | Nov 17, 2021
RSA Conference 2021: Forecasting Threats is Way Easier Than You Think | May 18, 2021
RSA Conference 2021: Your Breached Controls May Have Been Reasonable After All | May 19, 2021
National Foundation for Judicial Excellence (NFJE) 2020 Annual Judicial Symposium Law in the New Age: How Automation and Artificial Intelligence Will Change Judging in Substance and Procedure | Judging Efforts to Protect Personal Information: What Test Should Apply? | Oct. 15, 2020
Cyber Security Summit: Denver Threat Forecasting – Using Open Source Data to Foresee Your Next Breach | Sep 10, 2020
Cyber Security Summit: Chicago CMMC and CCPA. Using Duty of Care Risk to Comply With New Challenges | Sep 1, 2020
Cyber Risk Podcast Can DoCRA Duty of Care Risk Analysis tell you if your cybersecurity controls reasonable? | Aug 4, 2020
Federal Trade Commission Information Security and Financial Institutions: FTC Workshop to Examine Safeguards Rule | July 13, 2020
NetDiligence Cyber Risk Summit 2020 What is Reasonable Cyber Security? | July 7, 2020
The Sedona Conference Online Meeting for Draft Commentary on Proactive Privacy and Data Security Governance | June 24, 2020
CyberNext Summit 2019 – KuppingerCole Analysts The Questions A Judge Asks You After a Data Breach | Gallery
CUNA (Credit Union National Association) Technology Council Conference The Questions a Judge Will Ask You After a Data Breach – A Panel Discussion
Cyber Security Summit: Chicago 2019 Reasonable Security in the Age of Risk | Gallery
ITAC: W3 The Cycle of Cybersecurity Integrating Cyberdefense into your Risk Decision-Making Process
Cleveland-Marshall’s Cybersecurity and Privacy Protection Conference Cyber Risk Management (or How to Comply with Everything)
Compliance Week Webinar The Questions A Judge Asks You After a Data Breach
NIST Cybersecurity Risk Management Conference 2018 Evaluating “Reasonable” Cyber Risk Using the Center for Internet Security Risk Assessment Method
CIS RAM ((Center for Internet Security Risk Assessment Method) Workshop Live & Webinar
Cyber Security Summit: Chicago 2018 CIS RAM: This Math will Save You
CIS Controls v7 Launch | Gallery