Mega data breaches at large retailers, banks, and other major organizations make headlines. Nearly everyone has heard of the Target breach, the Anthem breach, and the breach at the federal Office of Personnel Management.
What is less well known is that smaller businesses, including law firms, are not immune to cyber attacks and data breaches. In fact, more than 100 of the 576 businesses that had a data breach affecting California residents in the past four years were small businesses. Just as in the case of big companies, many successful cyber attacks on smaller businesses take advantage of security holes: the failure to apply controls to known vulnerabilities.
In this two-hour seminar, the California Attorney General's Office and the Center for Internet Security will describe the types of breaches experienced by small businesses and the common vulnerabilities that enabled them. But that's not all.
Participants will also get an overview of the Center for Internet Security's Critical Security Controls (CIS Controls). The CIS Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to thwart the most pervasive attacks. The CIS Controls are a relatively short list of high-priority, highly effective defensive actions that provide a starting point for every enterprise seeking to improve their cyber defense.
The seminar will address the following topics:
• The current threat environment
• The key cybersecurity questions every organization needs to answer to assess their risk
• How the CIS Controls address specific kinds of threats
• The CIS Controls and their benefit
• Tools for measuring the Controls
• Resources for implementation
This seminar will be presented in plain English and is designed for solo to medium firm attorneys and business owners to understand their vulnerabilities and steps they can take themselves to prevent an attack.
|SCCBA New Admittee:
(Under 5 years in practice)
|Non-Member Event Attendee:
Program: 5:30pm - 7:30pm
1.5 General Substantive Law & .5 Legal Ethics
Technical Product Manager, CIS Critical Security Controls
Director of Privacy Education and Policy, California Department of Justice
Senior VP and Chief Evangelist, Center for Internet Security