1、 October 2024A Guide to Defining Reasonable CybersecurityVersion 1.1 AcknowledgementsAcknowledgementsCIS would like to recognize the following individuals and organizations for their support in creating this guide.Their time and expertise were a vital component of completing this important work.Prin

2、cipal AuthorsAaron Charfoos,Paul Hastings LLPChris Cronin,HALOCK Security LabsBrian de Vallance,Crosscut Consulting,LLCCurtis Dukes,Center for Internet SecurityKirk M.Herath,CyberOhio,State of OhioPhyllis Lee,Center for Internet SecurityBrian Ray,Leon M.and Gloria Plevin Professor of Law,Cleveland S

3、tate UniversityTony Sager,Center for Internet SecuritySharon Shoemaker,Center for Internet SecuritySamuel A.Thumma,Phoenix,ArizonaIra Victor,Chief Forensic Analyst,Discovery TechnicianCommunity Reviewers and ContributorsJennifer D.Bailey,Circuit Court Judge,Miami,FL(ret.)Jay Billington,Center for In

4、ternet SecurityShay Cleary,National Center for State CourtsRick Doten,VP,Information Security,Healthplan CISO,CenteneSteven Fugelsang,Program Director,Cybersecurity,National Governors AssociationCasey Kennedy,Director,Information Services,Texas Office of Court AdministrationRobin Regnier,Center for

5、Internet Security This publication is for general information only and is not intended to provide nor should it be relied on for legal advice.CIS and the authors and contributors to this guide make no warranties or representations of any kind as to the contents,accuracy,or timeliness of its contents

6、,and disclaim any responsibility arising out of or in connection with any reliance on the guide or the information within it and for any inaccuracies or omissions.ContentsContentsSection 1 Executive Summary 1Section 2 Introduction 2Section 3 Summary of Current Cybersecurity Law in the United States