Presented at RIMS RiskWorld 2022
In post-data breach litigation, you must demonstrate due care and reasonable control. Learn what basic questions the court will ask and how the duty of care risk assessment (DoCRA)—based on judicial balancing tests and regulatory definitions of reasonable risk—helps you answer them. Distinguish the risk assessment criteria that allow for comparison, reflect your organization’s values and hold up to public scrutiny. See how you can employ DoCRA to fulfill regulators’ requirements for a complete and thorough risk assessment following a data breach, with a valuable perspective for cyber insurance. Understand how to define ‘reasonable security’ through examples from ‘whistleblower’ movies and their risk management process.
PRESENTER: Chris Cronin, ISO 27001 Auditor | Board Chair – The DoCRA Council | Partner – HALOCK Security Labs