Time is of the essence when protecting your organization from complex cyberthreats. The clock doesn’t start when you have been breached—it’s always ticking. The board must articulate risk tolerances, management must set the strategy and IT must execute. The NIST CSF provides a common language for internal and external stakeholders, and helps the organization to stop translating and start defending.

Learning Objectives:
1: Learn how the NIST CSF can be used for more than just IT security.
2: Learn to use the CSF as a common language with the board, employees and customers.
3: Learn to adapt the CSF to the changing threat environment.

Speakers: Dawn Cappelli, Umair Masud

Dawn Cappelli is Rockwell Automation’s VP Global Security and CISO. She joined Rockwell in 2013 as Insider Risk Director and became CISO in 2016. Previously she was Founder and Director of Carnegie Mellon’s CERT Insider Threat Center. She is a leader in insider threat mitigation and has worked with government and industry leaders on national strategy issues. She has worked in cybersecurity since 2001 in partnership with the DOD, DHS, US Secret Service, other federal agencies, the intelligence community, private industry and academia. Previously she developed software for nuclear power plants for Westinghouse, and for Carnegie Mellon. She co-authored the book The CERT Guide to Insider Threats: How to Prevent, Detect and Respond to Information Technology Crimes (Theft, Sabotage, Fraud).

Umair Masud manages the Consulting Services Portfolio at Rockwell Automation. He holds primary responsibility for the strategic roadmap for industrial cybersecurity services including consulting services such as risk assessments and audits as well as managed security services such as threat detection and incident response services. Since joining Rockwell Automation in 2009, Masud has held various positions. Prior to his current position, Masud served as a Security Consultant helping Rockwell Automation’s customers find ways to increase the security posture of their industrial control systems environments through a combination of strategic and tactical approaches. Masud holds a bachelor of science degree in industrial and systems engineering from Georgia Institute of Technology.

Detailed Presentation:

(Source: RSA Conference USA 2018)
 
 
E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform