This is the 2021 Agenda - The Full Agenda for 2022 Will Available Shortly. (See Available Training Options for 2022) - Register for 2022 Now
Back To Schedule
Tuesday, October 26 • 3:20pm - 4:00pm
Leveraging the NIST CSF where Compliance Doesn’t Apply

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Enhancing your cyber posture and achieving critical infrastructure resiliency is essential to your business. To achieve it, you need to understand the challenges of building such a cyber program, despite the evolving threat landscape and perpetually expanding regulatory standards.  When our clients seek to develop a more comprehensive cyber security program based on the NIST Cyber Security Framework (“CSF”), they intend to create a cyber security program to cover assets in their Operational Technology (OT) network not currently covered by regulatory compliance requirements. The starting point for achieving cyber resiliency is to implement a risk-centric program. To implement a risk-centric program, we assess the cyber threats and set realistic implementation goals to be completed.

Furthermore, well-defined governance processes enable organizations to continually adjust the program as both the business and threat environments change. Implementing a Cyber Resiliency program would likely not be practical without addressing the organizational disparity between the business technology environment and the ICS side. The program is not simply an expanded set of technical requirements—it may also require shifts in adoption and use, re-engineering of design and construction standards and processes, and new collaboration and accountability mechanisms.

Learning Objectives:
  • Develop a working understanding of NIST Cyber Security Framework
  • Understand the benefits of risk-based approach

avatar for John Biasi

John Biasi

Senior Consultant, Burns & McDonnell
John Biasi is a Senior Consultant with Burns & McDonnell.  He is also an adjunct professor at the Oklahoma State University Institute of Technology.  He received his Master of Business Administration degree with a concentration in Cybersecurity Management and his Bachelor of Science... Read More →

Tuesday October 26, 2021 3:20pm - 4:00pm EDT