The Risk Dr ®

Category: Regulation

Navigating Cyber Governance Post-Chevron Deference Ruling

I recently wrote an article for the ISSA Journal discussing the significant shifts in U.S. cyber governance after the recent Supreme Court decisions that overturned the 1984 Chevron Deference precedent. These rulings now require courts to interpret legislation more literally, leading to uncertainty about the future of cyber regulations. However, it’s important to understand the…

22 August 2024

·

ISSA, Regulation, Risk
Interviewed on the SEC’s new Cyber Risk Disclosure Guidance

I was recently interviewed by the FAIR Institute on the recently released guidance for firms to disclose material cyber risk.

21 March 2018

·

Compliance, Regulation, Reporting, Risk
Risk and Regulation

My latest @ISACA article was published today. In it, I focus on the notion of where our authority comes from in Information Security. Too often, in my opinion, we rely on regulation as a source of “why” when articulating control requirements. I think this is dangerous and counter to the very nature of what an…

8 March 2017

·

@ISACA, ISACA, Policy, Politics, Regulation, Risk