To fill the gap created by the lack of a national, statutory, cross-sector minimum standard of information security in this country, a group of tech and legal experts wrote a guide for lawyers and courts, as well as businesses, auditors, and regulators to help define reasonable cybersecurity when the compromise of protected information gives rise to litigation or regulatory action. #reasonablecybersecurity #CISControls #cybersecurity
Center for Internet Securityâs Post
More Relevant Posts
-
Vice President, Cybersecurity | CISSP | CCSK | GCDA | GDSA | GMON | GCIA | Security+ | with visa eligible to work in Hong Kong
What is considered reasonable cybersecurity? This guide can provide some information
To fill the gap created by the lack of a national, statutory, cross-sector minimum standard of information security in this country, a group of tech and legal experts wrote a guide for lawyers and courts, as well as businesses, auditors, and regulators to help define reasonable cybersecurity when the compromise of protected information gives rise to litigation or regulatory action. #reasonablecybersecurity #CISControls #cybersecurity
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
Vice President, Cybersecurity | CISSP | CCSK | GCDA | GDSA | GMON | GCIA | Security+ | with visa eligible to work in Hong Kong
What is considered Reasonable Security? This guide will help provide some guidance
To fill the gap created by the lack of a national, statutory, cross-sector minimum standard of information security in this country, a group of tech and legal experts wrote a guide for lawyers and courts, as well as businesses, auditors, and regulators to help define reasonable cybersecurity when the compromise of protected information gives rise to litigation or regulatory action. https://bit.ly/3UBLdwD #reasonablecybersecurity #CISControls #cybersecurity
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
To fill the gap created by the lack of a national, statutory, cross-sector minimum standard of information security in this country, a group of tech and legal experts wrote a guide for lawyers and courts, as well as businesses, auditors, and regulators to help define reasonable cybersecurity when the compromise of protected information gives rise to litigation or regulatory action. https://bit.ly/3UBLdwD #reasonablecybersecurity #CISControls #cybersecurity
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
Channel Director - SLED @ Foresite Cybersecurity | Sales Enablement, Strategy, Presales Support Helping the public sector to minimize cyber risk.
While there is no comprehensive U.S. law defining reasonable cybersecurity in all settings, this guide offers principles that may be used in interpreting and applying the laws that do exist.
To fill the gap created by the lack of a national, statutory, cross-sector minimum standard of information security in this country, a group of tech and legal experts wrote a guide for lawyers and courts, as well as businesses, auditors, and regulators to help define reasonable cybersecurity when the compromise of protected information gives rise to litigation or regulatory action. https://bit.ly/3UBLdwD #reasonablecybersecurity #CISControls #cybersecurity
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
A cyber security incident can happen to anyone.
What do you do when federal and state statutes, regulations, policies, and caselaw reference "reasonable" cybersecurity but don't specify how to meet it? You work with recognized technical cybersecurity and legal experts to define it. #cybersecurity #reasonableness
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
What do you do when federal and state statutes, regulations, policies, and caselaw reference "reasonable" cybersecurity but don't specify how to meet it? You work with recognized technical cybersecurity and legal experts to define it. #cybersecurity #reasonableness
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
The United States lacks a national standard for information security, resulting in various efforts by federal and state governments that fail to specify what organizations must do to meet the standard of reasonable cybersecurity. To address this issue, the Center for Internet Security (CIS) has published a guide in collaboration with experts to provide practical guidance for organizations seeking to develop a cybersecurity program that satisfies the general standard. This guide aims to assist cybersecurity professionals, businesses, and consumers in assessing whether an organization's program meets the standard in cases of litigation or regulatory action. It also aims to reduce litigation resulting from data breaches by identifying minimally adequate information security protections. The guide offers principles that can be used in interpreting and applying existing laws and regulations and provides an example of how one framework, the CIS Critical Security Controls, can be implemented to ensure reasonable cybersecurity measures are taken.
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
A Guide to Defining Reasonable Cybersecurity uses existing constructs from law and the cybersecurity community to define reasonableness. https://bit.ly/3UBLdwD #reasonablecybersecurity #CISControls #cybersecurity
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
From CIS: Ungated download, robust whitepaper for "reasonable" overall with "common sense" section--includes current state regs... https://lnkd.in/gEnS3-63 "critical baseline to assist counselors, cybersecurity consultants, auditors, and regulators, as well as lawyers, litigants, and courts"
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
-
CISO / CISSP, CISM, CISA, CRISC, CCSK, PCIP / Building security culture supportive of business success, innovation, and employee empowerment
Interesting new resource from CIS - this document attempts to answer the question of what constitutes "reasonable" cybersecurity measures for US companies, who have to contend with a lack of consistent national legislation in this important area. Worth a read, especially for smaller, more resource constrained organizations who need to make every cybersecurity dollar count.
Reasonable Cybersecurity Guide
cisecurity.org
To view or add a comment, sign in
133,498 followers
EXPERT EN CYBERSÃCURITà & AUDITEUR IT : ISO 27001 LI & LA | ISO 27005 RM | GRC ITILv3 | CIS Controls | NIST CSF | SWIFT CSP | PCIDSS 4.0 Protection des Données Personnelle
2moThis is "novel" I will read in the next coming weeks. Thank you!