1: Use the structure of the Cyber-Defense Matrix to organize vendors and find gaps in your portfolio.
2: Understand how to define concrete security metrics to manage risk, prioritize investments and minimize business impact.
3: Gain a fuller understanding of the entire space of cybersecurity and how existing frameworks fit in.
Attendees should have a cursory knowledge of the NIST Cybersecurity Framework and its five primary functions (identify, protect, detect, respond, recover). If attendees have any experience with security metric development and measurement that would be beneficial. Lastly, experience with security risk analysis methodologies would be helpful.