The SEC recently adopted rules that require organizations to disclose details about cybersecurity incidents that they determine to be “material” and the “material aspects” of the incident, including impact and likely material impact. Organizations need to be able to consistently and coherently define these “material” cybersecurity events and risks, communicate precisely how these risks are being managed, and publicly disclose "material" cybersecurity events. Compliance requires precision, and Cyber Risk Quantification (CRQ), such as the Open FAIR™ Methodology, offers a comprehensive, systematic approach.
Join this webinar to hear a panel of professionals and experts discuss this recent SEC ruling and the applicability of CRQ techniques, including Open FAIR, for meeting these compliance requirements.
Meet your speaker:
Jack Whitsitt, Director of CRQ at Ostrich Cyber Risk, is a long-time practitioner and leader in the Cyber Risk Quantification space.
Backed by over two decades of information security experience ranging from manipulating bits and bytes to weighing in on international policy, he also has seven years of quantified decision support experience building FAIR-based programs for organizations large and small. Jack has also spent several years volunteering in non-profit roles advocating for and advancing the state of the art of quantified information risk analysis.