Defining "Reasonable" Security at (ISC)2 Security Congress

Approaching Reasonable Security for Regulatory Requirements such as The SHIELD Act, CCPA, California's Internet of Things (IoT) and more

News provided by

The DoCRA Council

26 Sep, 2019, 06:43 ET

SCHAUMBURG, Ill., Sept. 26, 2019 /PRNewswire/ -- The DoCRA (Duty of Care Risk Analysis) Council, a not-for-profit (501(C)(3)) organization that authors, maintains, and distributes standards and methods for analyzing and managing risk, will be presenting at the (ISC)² Security Congress taking place on October 28th – 30th in Orlando, FL, at the Walt Disney World Swan and Dolphin Resort.

Terry Kurzynski, Board Member of The DoCRA Council and partner of HALOCK Security Labs will be presenting "The Questions a Judge Will Ask You After a Data Breach" with co-presenter, Aaron DeMaster of Rexnord Corporation on Wednesday, October 30th at 1:45 p.m. ET in Northern E2. The session addresses the evolving challenge of information security professionals in defining 'reasonable' security for changing regulations.

The presentation offers a practical approach to establish reasonable safeguards based on an organization's mission, objectives, and obligations. For those that have been breached with a case going to litigation, a judge will ask them if they practiced "due care" or "reasonable" security. Referencing case law, regulatory oversight, CIS RAM and the Duty of Care Risk Analysis, this session prepares professionals to

  • Define risk assessment criteria so they allow for comparison, reflect the organization's values and will hold up to public scrutiny.
  • Model and select threats that are relevant to information assets and controls.
  • Estimate the likelihood of risks.

The (ISC)² Security Congress brings together a global community of cyber security professionals The event offers 175+ educational and thought-leadership sessions, and fosters collaboration with other forward-thinking companies.

ABOUT THE DoCRA COUNCIL

The DoCRA Council is comprised of member organizations that require standards of practice in risk analysis and risk management, and who therefore have an interest in the methods used for analyzing risks and safeguards that reduce risk. The organization operates under a charter that describes its methods of authorship, review, and stewardship of risk analysis standards and methods.

SOURCE The DoCRA Council

PRN Top Stories Newsletters

Sign up to get PRN’s top stories and curated news delivered to your inbox weekly!

Thank you for subscribing!

By signing up you agree to receive content from us.
Our newsletters contain tracking pixels to help us deliver unique content based on each subscriber's engagement and interests. For more information on how we will use your data to ensure we send you relevant content please visit our PRN Consumer Newsletter Privacy Notice. You can withdraw your consent at any time in the footer of every email you'll receive. Mit Ihrer Anmeldung erklären Sie sich damit einverstanden, Inhalte von uns zu erhalten.
Unsere Newsletter enthalten Zählpixel, die die Lieferung einzigartiger Inhalte in Bezug auf das Abonnement und die Interessen der einzelnen Abonnenten ermöglichen. Weitere Informationen über die Verwendung Ihrer Daten im Hinblick auf die Zusendung von relevanten Inhalten, finden Sie in unserer PRN Consumer Newsletter Privacy Notice. Ihre Zustimmung können Sie jederzeit in der Fußzeile jeder erhaltenen E-Mail widerrufen. En vous inscrivant à la newsletter, vous consentez à la réception de contenus de notre part.
Notre newsletter contient des pixels espions nous permettant la fourniture à chaque abonné, d’un contenu unique en lien avec ses souscriptions et intérêts. Pour de plus amples informations sur l’utilisation faite de vos données en vue de l’envoi des contenus concernés, nous vous invitons à consulter la politique de confidentialité disponible à partir du lien suivant PRN Consumer Newsletter Privacy Notice. Vous pouvez à tout moment revenir sur votre consentement par le biais des informations situées au bas de chaque e-mail reçu. Регистрирайки се, Вие се съгласявате да получавате информационно съдържание от нас. Нашите бюлетини съдържат проследяващи пиксели, които ни помагат да предоставяме уникално съдържание въз основа на ангажираността и интересите на всеки абонат. За повече информация относно начина, по който ще използваме Вашите данни, за да гарантираме, че Ви изпращаме подходящо съдържание, моля, направете справка с нашето Уведомление за поверителност на потребителския бюлетин на PRN. Можете да оттеглите съгласието си по всяко време в долния колонтитул на всеки от имейлите, които ще получите.