In 2004 AT&T Wireless was sold in what was the largest cash acquisition in US History at the time.  The terms and conditions required that the company pass a cyber security audit based on SOX 404 with zero deficiencies and we had 10 months to assess our position, implement new controls, test, and document.  This became the basis of Demonstrate Due Diligence to a Defensible Standard of Care.   Based on the successful security strategy used for overhauling AT&T Wireless’s cybersecurity, serial CISO and Strategist Karen Worstell will give a 5 part strategy you can use to get started with cyber risk governance, management, and reporting to meet the SEC’s new cybersecurity rules.