In this episode, sponsored by Darkstack7, Joshua sits down with Chris Cronin, partner at Halock Security Labs and founding partner of Reasonable Risk, to explore the intersection of cybersecurity, risk management, and the legal principles behind "reasonable" safeguards. Chris unpacks the DoCRA Standard and CIS RAM, sharing how historical and legal frameworks can guide today's cybersecurity strategies. From his journey in academia to his leadership in cyber risk, Chris offers practical insights on balancing risk, ensuring compliance, and applying reasonable security measures that stand up to regulatory and legal scrutiny. The discussion covers real-world risk assessments, notable legal cases, and emerging tools that automate and enhance risk management.
Key Topics: - How the DoCRA Standard and CIS RAM shape practical risk analysis
- Applying "reasonableness" from legal precedent to cybersecurity
- Balancing regulatory specificity with operational flexibility
- The role of community and professional standards in defining reasonable safeguards
- Historical analogies, insurance considerations, and executive decision-making in risk management Timestamps:
- 00:00 Introduction to Cybersecurity Challenges
- 00:26 Meet Chris: A Cybersecurity Expert
- 01:25 Chris's Journey into Cybersecurity
- 02:50 Where Law Meets Cybersecurity
- 04:37 Defining Reasonable Security Measures
- 06:37 Regulations and Compliance in Practice
- 08:24 The Legal Concept of Reasonableness
- 10:22 Translating Legal Standards into Cyber Practices
- 14:53 Practical Risk Analysis Steps
- 21:20 Balancing Flexibility and Specificity in Regulations
- 24:54 Professional Standards That Shape Reasonableness
- 25:49 Certifications and Industry Benchmarks
- 26:17 How Community Shapes Standards
- 26:34 Lessons from Aviation for Cybersecurity
- 28:29 The CIS RAM and Risk Assessment Methods
- 30:51 Legal Implications of Adopting Reasonableness
- 32:16 Insurance and Risk Management
- 34:38 Challenges in Incident Response Reporting 39:40 Risk Assessments for Executive Decision-Making
- 46:02 Closing Thoughts and Call to Action
www.darkstack7.com
Popular Podcasts
Spooky Podcasts from iHeartRadio
Whether you’re a scaredy-cat or a brave bat, this collection of episodes from iHeartPodcasts will put you in the Halloween spirit. Binge stories, frights, and more that may keep you up at night!
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.