If your worst-case scenario were to occur is your security program defensible? Would you and your security team survive? Could you and your team be held accountable?
You are likely familiar with the concept of legal defensibility. However, there are changes in case law all security practitioners should be aware of.
Bob Hayes, Managing Director of the SEC, provides a brief overview of the changes playing out in the legal realm of negligence, defensibility, and what constitutes a defensible security program.