19 Apr, 2018, 09:10 ET
SCHAMBURG, Ill., April 19, 2018 /PRNewswire/ -- HALOCK Security Labs has donated its proprietary Duty of Care Risk Analysis ("DoCRA") method to CIS® (Center for Internet Security, Inc.) to be openly shared and supported as a CIS community consensus product. CIS has published this Risk Assessment Method ("CIS RAM"), and is hosting a worldwide introduction webinar for CIS RAM at 10 a.m. EDT on Monday, April 30, 2018.
"What makes our Duty of Care Risk Analysis unique is its ability to clearly define 'risk' in terms that the legal profession refers to as 'reasonable and appropriate,' and thus bridge the gap between information security and the judicial system," said HALOCK founder Terry Kurzynski. "By donating our Intellectual Property, we are making a contribution to our industry and preparing organizations to demonstrate 'due care' to judges and 'reasonable and appropriate' controls to regulators."
"The CIS RAM, when properly implemented, helps prioritize risks in a way that shows balance: balance between protecting the organization and the harm that could come to others," said Chris Cronin, DoCRA principal author and a partner at HALOCK. "This balance is exactly what regulators and judges look for to determine whether an organization has been reasonable."
HALOCK's CEO, Jim Mirochnik, stated, "Our business mission is to protect people and their assets. Our Duty of Care risk assessment method is the first of its kind and a game-changer in communicating with regulators and judges. Donating this risk assessment method helps fulfill our mission. We partnered with CIS because of their world-class reputation and their philosophy of promoting practical best practices for cyber defense, including their CIS Controls." HALOCK's CIS RAM donation was timed to coincide with the launch of the CIS Controls™ Version 7 in March 2018.
"The CIS RAM is a powerful tool to guide the prioritization and implementation of the CIS Controls, and complements their technical credibility with a sound business risk-decision process," said Tony Sager, Senior Vice President and Chief Evangelist at CIS. "We see the CIS RAM as a method that organizations of all maturity levels can use."
Need more information on CIS RAM?
To understand the principles that make Duty of Care Risk Analysis work, sign up for the CIS RAM worldwide introduction webinar taking place on April 30. You can download CIS RAM and resource documents now.
CIS (Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. Our CIS Controls and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing & Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.
About HALOCK Security Labs
Founded in 1996, HALOCK Security Labs is a thought-leading information security firm, that combines strengths in strategic management consulting with deep technical expertise. HALOCK's service philosophy is to apply just the right amount of security to protect critical assets, satisfy compliance requirements and achieve corporate goals. HALOCK's services include: Security and Risk Management, Compliance Validation, Penetration Testing, Incident Response Readiness, Security Organization Development, and Security Engineering. For more information, visit halock.com or follow us on Twitter: @halock or LinkedIn.
Contact: Cindy Kaplan, Director of Marketing
SOURCE HALOCK Security Labs
Share this article