This talk will explore how the typical organization goes about creating/planning their cybersecurity strategy, and how this method is flawed. We’ll explore how to assess whether your current cybersecurity program is meeting your organizational needs, and discuss data-driven methods/strategies for getting your program into an effective state.
Audience: Information security practitioners interested in understanding how to define effectiveness in the context of cybersecurity initiatives.