The accreditors of this session require that you periodically check in to verify that you are still attentive.
Please click the button below to indicate that you are.
Organizations are starting to understand the security risks that must be addressed within their organizations resulting in businesses hiring CISOs, directors of information security, and other security professionals to address this problem. The question then becomes, where to begin?
Using the NIST Cybersecurity Framework as a baseline will give clarity of the security gaps and what needs are to be addressed. The next step is how will this be communicated to the C-Suite to obtain buy-in and, more importantly, budget.
This session will present a process for security professionals to build an information security program from the beginning, obtain buy-in from executives, facilitate a culture of security throughout the organization and communicate security posture to the executive team in their language.
Learning Objectives:
Use the NIST Cybersecurity Framework as roadmap that can include metrics to determine progress.
Develop an outline of an information security program for small and mid-size companies.
Develop business cases for security controls and solutions that will be needed to reduce cybersecurity risk.