What is Reasonable Security? If you are breached and your case goes to litigation, you will likely be asked to demonstrate “due care” and that your controls were “reasonable.” Many are surprised to learn that a breach by itself does not constitute negligence in most cases. But judges will ask a set of questions that […]
Cybersecurity in this day and age is a collective effort. Its also a moving target as attack strategies, exploits and malware strains are constantly changing. To effectively protect users, data and capital investments from the bad guys, we continually enhance security strategies and tools with developing industry trends. For just as attack vectors evolve, so […]
RSA Conference 2019 kicked off with a visionary call to action by RSA leadership Rohit Ghai and Niloofar Razi Howe. Ghai and Howe described two alternative paths society could travel in terms of security; one is chaos and the other is trust.
Highlight your RSA Experience at the Author! Author! Happy Hour.
This two-hour workshop will demonstrate how to conduct a risk assessment – from beginning to end – using CIS’ new risk assessment method. A brief introduction to CIS RAM’s foundations will be followed by example walk-throughs of developing criteria for assessing and accepting risk, for evaluating current controls for risk acceptability, and for modeling safeguards […]
View the recorded presentation of CIS RAM: This Math will Save You by Chris Cronin regarding reasonable cyber security. This material was presented at the Cyber Security Summit in Chicago.
The SANS Security Leadership Poster: Five Keys for Building a Cyber Security Program and CIS Controls Version 7.
Proud to have spoken at the Cyber Security Summit: Chicago – How to practice duty of care for reasonable security. CIS RAM: This Math will Save You by Chris Cronin at the Cyber Security Summit in Chicago. Based on balance – Duty of Care Risk Analysis (DoCRA).