NIST Cyber Security Risk Management Conference – Reasonable Risk. Our partner, Chris Cronin will be speaking with Phyllis Lee of the CIS (Center for Internet Security).
Evaluating “Reasonable” Cyber Risk Using the Center for Internet Security Risk Assessment Method
Center for Internet Security published a new risk assessment method in April 2018 that enables organizations to conduct risk assessments so they are meaningful to both internal and external audiences: regulators, litigators, cyber security specialists, and non-technical managers. The Center for Internet Security Risk Assessment Method (CIS RAM) provides detailed and practical guidance that builds on NIST 800-30, and is consistent with regulatory and legal expectations for establishing “reasonable” and “appropriate” risk. The proposed panel discussion will feature the authors of CIS RAM who will present the method, its basis in security frameworks and law, and case studies that illustrate its use in legal and non-legal contexts.
Establish your reasonable security and reasonable risk.
HALOCK is a trusted cyber security and risk managementvconsulting firmheadquartered in Schaumburg, IL in the Chicago area servicing clients on managing risk with reasonable security throughout the United States.
