Most cybersecurity leaders have a good understanding of the things that need to be done to improve a security program, but how do you show senior leaders and board members those needs and progress as improvements are made? In this talk, the speaker will show an approach that uses the NIST Cyber Security Framework (CSF) to conduct a maturity assessment, set a roadmap around it, and report progress towards the roadmap over time.
Learning Objectives:
Understand how to translate a cybersecurity framework into a maturity assessment and metrics framework.
Learn how to conduct effective assessments and provide actionable reporting to senior leadership.
Demonstrate an ability to translate the highly technical contents of a cybersecurity framework and program to meaningful metrics and data for senior leadership and beyond.
