The NIST CSF—which is being adopted across public and private sectors—embodies proactive cyber-risk management. This facilitated session will discuss generalized cross-sector observations on adopting the NIST CSF, highlighting any differences, and some common trends around tailoring, prioritization and maintenance.

Learning Objectives:
1: Learn about proactive cyber-risk management common practices.
2: Understand key benefits and challenges of adopting the NIST CSF.
3: Using a Framework to make defensible cybersecurity prioritization decisions.