In episode 84 of Cybersecurity Where You Are, co-host Tony Sager is joined by Brian de Vallance, Senior Advisor at Cambridge Global Advisors; and Phyllis Lee, VP of Security Best Practices (SBP) Content Development at the Center for Internet Security® (CIS®). Together, they discuss the notion of reasonable cybersecurity. They begin by providing some background about reasonableness in cybersecurity and identifying the problem we need to solve — namely, the lack of a definition of reasonableness around which organizations can build their cybersecurity program. They then discuss how a definition for reasonable cybersecurity needs to include security best practices that are doable. They conclude by exploring how CIS's work around this topic may influence its content development going forward.

Resources

• Follow Brian and Phyllis on LinkedIn
• Reasonable Cybersecurity Guide
• Reasonable Cybersecurity
• CIS Critical Security Controls
• CIS Critical Security Controls Implementation Groups
• CIS Community Defense Model 2.0

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].