A Reasonable Approach to Reasonable Security, the Sequel

Additional Information: Reasonable Security 2021

Symposium Description

Following last year’s successful symposium, this year’s annual symposium in support of Cybersecurity Awareness Month returns to the topic of reasonable security.

Ask ten cybersecurity professionals what “reasonable security” is and you’ll likely get ten different answers. That’s because – truth be told – what counts as “reasonable security” is a work in progress. Notwithstanding the lack of clarity as to what is – and what isn’t – reasonable, organizations may be legally responsible for having reasonable information security practices … and in Ohio, Connecticut, and Utah having “reasonable security practices” can serve as a “get out of jail free” card should you be sued as a result of a cyber incident.

The absence of a clear and unambiguous specification of reasonableness makes it imperative for business owners, Boards, executives, and their trusted advisors to know how to think through “reasonableness.”

Join SecureTheVillage and our expert panel of information security professionals for a workshop-style conversation on how to think through reasonable security.

Leave with a framework for ensuring your information security practices are reasonable.

  • Your information risk exposure
  • Your information risk tolerance
  • Your information risk management practices

Who should attend

  • Business owners, Board members, executives
  • Attorneys, accountants, insurance professionals, bankers, management consultants, other trusted advisors
  • Managed service provider (MSP), managed security service provider (MSSP), technology advisors, CIOs, CISOs


  • Introduction and overview of the day
  • Panel 1: Identifying your risk exposure & opportunities
    • Legal obligations
    • Security as a cost of entry
    • Financial exposures
  • Workshop 1: Risk exposure development
  • Panel 2: How to find your risk tolerance
    • Risk of Incident = Incident Likelihood * Incident Damage
    • When is risk acceptable
  • Workshop 2: Find your risk tolerance
  • Panel 3: Evolving elements of “reasonable security”
    • Evolving state laws
    • Other elements
  • Wrap-up and final thoughts

Our Expert Panelists

  • Robert Braun, JD, Privacy and Cybersecurity Attorney, Jeffer Mangels
  • Jason Meshekow, Risk Management / Insurance, intouch Insurance Services, SecureTheVillage Member of the Board
  • Chris Rose,CISSP, CISM, CSCS, MBA, Partner, Ariento, SecureTheVillage Member of the Board
  • Stan Stahl, PhD, Information Security Manager, Miller Kaplan; President, SecureTheVillage
  • George Usi,CEO Omnistruct, Co-Chair CA IPv6 Task Force, SecureTheVillage Member of the Board
  • Barry Weber,ITIL, CISM, CIPP/US, vCISO & Privacy Practice Leaders, Assured SPC

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge