You’re Expected to Know and Disclose the Foreseeable Cybersecurity Threats that Face Your Organization and Reasonably Defend Against Them: How Do You Do This?
Midwest Cyber Security Alliance Virtual Meeting
Organizations are expected to perform their duty of care by protecting the organization, its clients, suppliers, and the general public from foreseeable harm. Until recently, the jobs of the Chief Information Security Officer, Risk Officer, and Compliance Officer have been challenging to determine what is foreseeable.
Fortunately, the data is available to predict the likeliest threat vectors — paths cybercriminals use to gain access and take advantage of vulnerabilities in networks or devices — for particular industry types. Join us at the next Midwest Cyber Security Alliance virtual meeting on Tuesday, November 16, 2021, where fellow sponsor HALOCK Security Labs will demonstrate how you can use publicly available breach data to forecast the most likely ways your organization will be attacked. See how the data that feeds Verizon’s Data Breach Investigations Report predicts your weaknesses in surprising detail.
Discussion topics include:
- Incorporating likely threat vectors into your organization’s existing risk analysis (Risk = Impact x Likelihood)
- Learn how Likelihood fits with Duty of Care Risk Analysis impact criteria (missions, objective, and obligations)
- Use the risk calculus as a guide to help your organization prioritize risks based on foreseeable threats that could harm the company itself or others outside the organization, including customers, vendors, and more
In addition, Foley Partner Bryan House will provide an update on SEC guidelines on cyber risk reporting, including:
- Recent enforcement actions
- The SEC’s proposed rules regarding cyber disclosures (expected by the end of October 2021)
This presentation is intended for legal, compliance, risk, and technical roles. While some content is technical in nature, all staff responsible for your cybersecurity program will gain key insights to help protect your organization from cyber attacks.
To register, please click on the RSVP button below. There is no fee to attend this event, but advance registration is required.
CLE
Continuing legal education (CLE) credits will be applied for after the program in all applicable states. Foley & Lardner LLP certifies that this activity has been approved for California MCLE credits by the State Bar of California. Foley & Lardner LLP is a State Bar of California MCLE approved provider. To be eligible for CLE credit, you will need to be logged into the meeting for the full duration of the live event; credit may not be obtained by viewing and/or listening to a program recording after the event. Your first and last names must also be entered upon joining the meeting and displayed throughout the program. Additionally, you will need to complete and return the Attorney Affirmation Form that will be made available. Certificates of attendance will be distributed to eligible participants via email approximately eight weeks after the program. Important information for New York attorneys: This program is appropriate for experienced attorneys only.
CPE
This program may be eligible for continuing privacy education (CPE) credit toward CISA, CISM, CGEIT, and/or CRISC certifications and maintenance. Please visit the ISACA website to review the specific CPE requirements for your certification and verify whether the topic(s) addressed in this program align with one or more of your certification’s job practice areas: CISA, CISM, CGEIT, CRISC. If determined to be eligible, an ISACA Verification of Attendance form will be made available for self-reporting purposes.