Breakfast Seminar: How to Build a NIST Based Cybersecurity Program

When:  Sep 25, 2019 from 8:30 AM to 10:30 AM (ET)
Larry Wilson, former UMass Chief Information Security Officer, has developed and delivered training classes on the NIST Cybersecurity Framework for InfraGard, Secureworld, UMass, New Horizon’s, etc. In addition, Larry has helped many organizations across industry sectors design and build a standards-based cybersecurity program based on the NIST Cybersecurity Framework.

The risks that come with cybersecurity can be overwhelming. Building out a robust cybersecurity program is complex for any organization, regardless of size. By adopting the NIST Cybersecurity Framework, organizations will realize many benefits including:
• Standards based framework for measuring risks and improve security
• Calls for senior management and Board understanding of cyber risk
• Currently voluntary, but likely the de-facto standard in event of a breach
• Common language, not “government speak”
• Maps to COBIT, ISO, NIST SP800-53, NIST 800-171, CIS Controls, HIPAA Security Rule, PCI-DSS, etc.
• Includes steps for “Establishing or Improving a Cybersecurity Program”
• Framework, not a risk management Process or maturity model

The seminar will discuss how to apply the process based NIST Risk Management Framework and capabilities based NIST Cybersecurity Framework to an organization’s critical IT assets and information resources. Cybersecurity roles and deliverables are analyzed from four different perspectives (leadership, risk management, engineering and operations) , which helps organizations develop a risk-based cybersecurity program.

Breakfast will be provided. 2 CPEs will be distributed for attendance.


John Hancock Tower, EY Office, 23rd Floor Conference Room
200 Clarendon Street
Boston, MA 02116