Duty of Care Risk Analysis: Leveraging the New Risk Assessment Method to Reduce Liability

Duty of Care Risk Analysis (DoCRA) is a new standard that describes processes for evaluating information security risks and their safeguards so that the resulting analysis

is easily communicated to and accepted by authorities, such as regulators and judges, and to other parties who may be harmed by those risks. Regulators expect that the burden of safeguards should be balanced against an organization’s mission. Attorneys and judges similarly use balancing tests to determine whether foreseeable harm could have been prevented by safeguards that would pose a reasonable burden.

While conventional risk analysis methods have neglected to include these significant perspectives, DoCRA describes how they may be incorporated. To bridge information security risk analysis with legal and regulatory expectations, DoCRA builds on and extends the classic risk analysis calculus. The new standard also serves as the foundation for CIS RAM, the Center for Internet Security® Risk Assessment Method co-developed by HALOCK Security Labs and published earlier this year.

Join us at the next Midwest Cyber Security Alliance meeting to learn more about DoCRA and CIS RAM. The MCSA’s very own Terry Kurzynski and Jennifer Rathburn will provide a history lesson on how the courts decide on negligence as well as discuss:

Attendees will enjoy complimentary cocktails and networking before the presentation.
There is no fee to attend this event, but advance registration is required.

Reserve your seat today.

Wednesday, September 19, 2018
5:00 – 7:00 p.m.

Foley & Lardner LLP
777 East Wisconsin Avenue
40th Floor
Milwaukee, WI 53202

HALOCK is headquartered in Schaumburg, IL, in the Chicago area and advises clients on information security throughout the US.