Upcoming events and important dates regarding Duty of Care Risk Analysis (DoCRA)


OCT 23, 2018 – Chicago, 3:00-5:00pm 

Reserve your seat at


FEB 13, 2019 – Chicago & Webinar

Reserve your seat at


OCT 17, 2018

UW E-Business Consortium, University of Wisconsin-Madison – Cyber-Defense Strategies and Solutions: Preparing for a Cyber-breach: From Forensics to Litigation


NOV 7, 2018

LOUISIANA HOSPITAL ORGANIZATION – Acceptable Security Risk and Negligence: It’s a Fine Line

Duty of Care Risk Assessment (DoCRA): Preparing and Evaluating Risk Assessments for Reasonable Person Defenses

This presentation will cover an emerging approach for defining reasonableness in cybersecurity that uses “due care” as its basis. Referencing case law, regulatory oversight, and the recently-released CIS RAM (Center for Internet Security Risk Assessment Method), the speaker will explore the future implications of this emerging approach toward defining reasonableness.


NOV 7, 2018

NIST Cybersecurity Risk Management Conference 2018

Evaluating ‘Reasonable’ Cyber Risk Using the Center for Internet Security Risk Assessment Method

Center for Internet Security published a new risk assessment method in April 2018 that enables organizations to conduct risk assessments so they are meaningful to both internal
and external audiences: regulators, litigators, cyber security specialists, and non-technical
managers. The Center for Internet Security Risk Assessment Method (CIS RAM) provides
detailed and practical guidance that builds on NIST 800-30, and is consistent with
regulatory and legal expectations for establishing “reasonable” and “appropriate” risk. The
proposed panel discussion will feature the authors of CIS RAM who will present the
method, its basis in security frameworks and law, and case studies that illustrate its use in
legal and non-legal contexts.