Historically, organizations have relied on compliance standards to dictate their information security programs. Information Technology (IT) and Information Security (IS) teams found it easy to justify expenditures to the Board if they were “out of compliance” with a standard. The problem is that standards have historically been controls-focused rather than risk-based, and have not considered the ever-changing world of bad actors and threat landscapes.
With the soon-to-be-released Payment Card Industry Data Security Standard (PCI DSS) version 4.0, even a standard historically known as being one of the most rigid has moved toward allowing organizations to take a risk-based approach to maintaining their compliance. It’s time that your organization does the same.
We hope you can join us at the next Midwest Cyber Security Alliance (MCSA) meeting on Thursday, January 20, 2022, to learn more. Thomas Freeman, Senior Consultant with fellow sponsor Sikich LLP’s cybersecurity practice, will discuss merging typical “checkbox” compliance audits with enterprise risk management programs in a manageable way that allows organizations to integrate new risk-based versions of compliance standards.
To register, click the registration link and select in-person or virtual attendance. There is no fee to attend this event, but advanced registration is required.
Continuing legal education (CLE) credits will be applied for in all applicable states. Foley & Lardner LLP certifies that this activity has been approved for California MCLE Credits by the State Bar of California. Foley & Lardner LLP is a State Bar of California MCLE approved provider.
To be eligible for CLE credit, you will need to be logged into the Microsoft Teams meeting for the full duration of the live event; credit may not be obtained by viewing and/or listening to a program recording after the event. Your first and last names must also be entered upon joining the meeting and displayed throughout the program. Additionally, you will need to complete and return the Attorney Affirmation Form that will be made available.
This program may be eligible for continuing privacy education (CPE) credit toward CISA, CISM, CGEIT, and/or CRISC certifications and maintenance. Please visit the ISACA website to review the specific CPE requirements for your certification and verify whether the topic(s) addressed in this program align with one or more of your certification’s job practice areas: CISA, CISM, CGEIT, and CRISC. If determined to be eligible, an ISACA Verification of Attendance form will be made available for self-reporting purposes.