Organizations are expected to perform their duty of care by protecting the organization, its clients, suppliers, and the general public from foreseeable harm. Until recently, the jobs of the Chief Information Security Officer, Risk Officer, and Compliance Officer have been challenging to determine what is foreseeable.
Fortunately, the data is available to predict the likeliest threat vectors — paths cybercriminals use to gain access to and take advantage of vulnerabilities in networks or devices — for particular industry types. Join us at the next Midwest Cyber Security Alliance virtual meeting on Tuesday, November 16, 2021, where fellow sponsor HALOCK Security Labs will demonstrate how you can use publicly available breach data to forecast the most likely ways your organization will be attacked. See how the data that feeds Verizon’s Data Breach Investigations Report predicts your weaknesses in surprising detail.
Discussion topics include:
- Incorporating likely threat vectors into your organization’s existing risk analysis (Risk = Impact x Likelihood)
- Learn how Likelihood fits with Duty of Care Risk Analysis impact criteria (missions, objective, and obligations)
- Use the risk calculus as a guide to help your organization prioritize risks based on foreseeable threats that could harm the company itself or others outside the organization, including customers, vendors, and more
In addition, Bryan House, Foley partner and member of the firm’s Securities Enforcement & Litigation and Government Enforcement Defense & Investigations Practices, will provide an update on SEC guidelines on cyber risk reporting, including:
- Recent enforcement actions
- The SEC’s proposed rules regarding cyber disclosures (expected by the end of October 2021)