CS SIG Webinar: Building a Cybersecurity Program Aligned to Risk and Business Needs

Part 2: Building a Cybersecurity Program Aligned to Risk and Business Needs

This second session in the three-part series builds on the threat intelligence insights explored in Part 1 and shifts the focus to designing and implementing a robust cybersecurity program. Participants will learn how to translate risk insights into strategic action by establishing a security foundation rooted in business objectives and aligned with leading frameworks.

Whether you're creating a program from scratch or refining an existing one, this session will guide you through the core elements of a risk-based security approach—from conducting assessments to mapping your current and target cybersecurity posture using the NIST Cybersecurity Framework (CSF) v2.0.

What You’ll Learn in Part 2:

• How to establish the foundational components of a cybersecurity program

• How to integrate threat intelligence and business drivers into your risk assessment

• How to use NIST CSF v2.0 and CIS Controls to evaluate maturity and guide investment

Session Topics:
2.1 Establishing a Security Program Foundation
Learn how to pull together insights from threat reports, business priorities, and compliance needs to perform a meaningful risk assessment and define a clear cybersecurity strategy.

2.2 NIST CSF v2.0 Overview
Explore the structure and practical use of the NIST CSF 2.0 to assess your current cybersecurity profile and define a realistic, business-aligned target state.

2.3 CIS Controls Overview
Understand how to apply the CIS Critical Security Controls as a prioritized roadmap to implement protections based on your risk assessment.

2.4  Testing resilience and preparing for disruption.

Sushila Nair – Visionary Cybersecurity Leader & CEO of Cybernetic LLC

Sushila Nair is an internationally recognized cybersecurity executive, thought leader, and the CEO of Cybernetic LLC. With over three decades of experience spanning computing infrastructure, digital business, and security risk management, she is at the forefront of enabling secure digital transformation across industries worldwide.

Previously, Sushila served as Vice President of Capgemini’s North American Cybersecurity Practice and Vice President of Global Security Services at NTT DATA Services, where she guided Fortune 500 companies through complex cyber challenges. Earlier in her career, she built and led her own IT and cybersecurity consultancy in the UK for over a decade, earning a reputation as a trusted CISO and strategist.

A sought-after voice in the industry, Sushila has delivered keynote insights at premier global conferences including RSA and ISACA, and she currently serves on ISACA’s Global Emerging Trends Working Group. As President of ISACA’s Greater Washington, D.C. Chapter, one of the largest in the world, she is committed to elevating the profession and developing the next generation of cyber talent. She is also a regular voice on national public radio, bringing clarity on complex cybersecurity issues to a wider audience.

Sushila’s leadership has been recognized with some of the field’s highest honors: in 2024 she was named a Top Cybersecurity Leader by Security Magazine and Cyber Magazine, and received ISACA’s prestigious Technology for Humanity Award for her efforts to champion diversity and empower future leaders in cybersecurity.