Midwest Cyber Security Alliance Meeting: Duty of Care Risk Analysis: Leveraging the New Risk Assessment Method to Reduce Liability
Foley Partner Jennifer Rathburn, member of the firm’s Technology Transactions & Outsourcing Practice, will present at the Midwest Cyber Security Alliance meeting held in the Foley Milwaukee office on September 19, 2018. Foley is pleased to co-sponsor this event alongside HALOCK Security Labs.
Duty of Care Risk Analysis (DoCRA) is a new standard that describes processes for evaluating information security risks and their safeguards so that the resulting analysis is easily communicated to and accepted by authorities, such as regulators and judges, and to other parties who may be harmed by those risks. Regulators expect that the burden of safeguards should be balanced against an organization’s mission. Attorneys and judges similarly use balancing tests to determine whether foreseeable harm could have been prevented by safeguards that would pose a reasonable burden.
While conventional risk analysis methods have neglected to include these significant perspectives, DoCRA describes how they may be incorporated. To bridge information security risk analysis with legal and regulatory expectations, DoCRA builds on and extends the classic risk analysis calculus. The new standard also serves as the foundation for CIS RAM, the Center for Internet Security® Risk Assessment Method co-developed by HALOCK Security Labs and published earlier this year.
Join us at the next Midwest Cyber Security Alliance meeting to learn more about DoCRA and CIS RAM. The MCSA’s very own Terry Kurzynski and Jennifer Rathburn will provide a history lesson on how the courts decide on negligence as well as discuss:
- Why the disconnect persists between the legal system and information security community
- How current risk frameworks are failing to protect us
- How to upgrade your organization’s risk assessment methods to meet Duty of Care
Moderator
Jennifer Rathburn, Partner, Foley & Lardner LLP
Speaker
Terry Kurzynski, CISSP, CISA, PCI QSA, ISO 27001 Auditor, Senior Partner, HALOCK Security Labs
Attendees will enjoy complimentary cocktails and networking before the presentation.
There is no fee to attend this event, but advance registration is required. Please let us know if you can attend by clicking here.
Event Co-Sponsor
About MCSA
The Midwest Cyber Security Alliance (MCSA) is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professional firms advocating for more effective cybersecurity solutions. MCSA’s mission is data privacy and security through education, specifically, cyber preparedness and security awareness. The organization is a meeting place for all cybersecurity stakeholders, in every industry, to collaborate on current cyber threats as well as cyber defenses and strategies.
Continuing Education
CLE
Foley & Lardner LLP will apply for CLE credit after the program, wherever applicable. Foley & Lardner LLP certifies that this activity has been approved for California MCLE credits by the State Bar of California. Foley & Lardner LLP is a State Bar of California MCLE approved provider. Please note that participants must be in attendance on the date of the event; credit may not be obtained by viewing and/or listening to a program recording after the event. Certificates of attendance will be distributed to eligible participants approximately eight weeks after the program via email.
Important Information for New York Attorneys: This program is appropriate for experienced attorneys only.
CPE
This program may be eligible for continuing privacy education (CPE) credit toward CISA, CISM, CGEIT, and/or CRISC certifications and maintenance. Please visit the ISACA website to review the specific CPE requirements for your certification and verify whether the topic(s) addressed in this program align with one or more of your certification’s job practice areas: CISA, CISM, CGEIT, CRISC. If determined to be eligible, you may pick up a copy of the ISACA Verification of Attendance form onsite during the program.
