Part 2: Building a Cybersecurity Program Aligned to Risk and Business Needs
This second session in the three-part series builds on the threat intelligence insights explored in Part 1 and shifts the focus to designing and implementing a robust cybersecurity program. Participants will learn how to translate risk insights into strategic action by establishing a security foundation rooted in business objectives and aligned with leading frameworks.
Whether you're creating a program from scratch or refining an existing one, this session will guide you through the core elements of a risk-based security approach—from conducting assessments to mapping your current and target cybersecurity posture using the NIST Cybersecurity Framework (CSF) v2.0.
What You’ll Learn in Part 2:
-
How to establish the foundational components of a cybersecurity program
-
How to integrate threat intelligence and business drivers into your risk assessment
-
How to use NIST CSF v2.0 and CIS Controls to evaluate maturity and guide investment
Session Topics:
2.1 Establishing a Security Program Foundation
Learn how to pull together insights from threat reports, business priorities, and compliance needs to perform a meaningful risk assessment and define a clear cybersecurity strategy.
2.2 NIST CSF v2.0 Overview
Explore the structure and practical use of the NIST CSF 2.0 to assess your current cybersecurity profile and define a realistic, business-aligned target state.
2.3 CIS Controls Overview
Understand how to apply the CIS Critical Security Controls as a prioritized roadmap to implement protections based on your risk assessment.
This session will help participants move from awareness to action—translating threats into priorities and setting the groundwork for a resilient cybersecurity program. Part 3 will cover testing resilience and preparing for disruption.
Sushila Nair is the CEO of Cybernetic LLC, a board advisor, and a cybersecurity consultant. She previously served as Vice President of Capgemini’s North American Cybersecurity practice and Vice President of Global Security Services at NTT DATA Services. Sushila is a pivotal figure in driving secure digital transformation globally. With over 30 years of experience in computing infrastructure, business, and security risk analysis, she has carved a niche in the cybersecurity domain.
Her journey includes a decade-long leadership of her own IT and cybersecurity company across major UK cities and serving as a Chief Information Security Officer (CISO), where she mastered the art of safeguarding against evolving digital threats. An esteemed thought leader, Sushila’s insights have graced global platforms like RSA and ISACA’s conferences. Her role in the ISACA Global Emerging Trends Working Group and as Vice President of ISACA’s Greater Washington, D.C. Chapter showcases her commitment to advancing the field.
In 2024, Sushila was recognized as a Top Cybersecurity Leader by Security Magazine and cyber magazine received the prestigious ISACA Technology for Humanity Award for her efforts in championing the next generation of cybersecurity talent and promoting diversity in the field.
.png){kind=icon}
