The Hand Rule: Managing the Upper Limits of Security CostsWhile presenting a talk at CAMP IT last week I got (more…)Cindy Kaplan2024-08-01T20:37:00+00:00Categories: Governance & Risk Management, Risk Assessments|Tags: burden, hand rule, HIPAA, likelihood, negligence, NIST 800-30, Reasonable, reasonable and appropriate, Risk Assessment, Risk Treatment, security control|