Print this page

Paradigm Shift: Using NIST Cybersecurity Principles to Drive Risk Strategy


Recorded:    November 16 | 2021      Watch

Cybersecurity risks come in many forms, and most importantly, risks are evolving at an increasingly rapid pace. Organizations across industries should work to implement adaptive cybersecurity processes that enable them to predict, prepare and react to the shifting landscape of cyber threats. The NIST Cybersecurity Framework enables organizations to apply the principles and best practices of security to drive risk management and protect against constantly advancing cyber attacks.

Attend this CPE webinar to learn how to go about this, including how to:

  • Outline the common security risks organizations face
  • Define cybersecurity threats, vulnerabilities, and consequences
  • Map the NIST CSF with security controls and reporting
  • Develop an established incident response plan


colin whittakerColin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.

Headshot Todd BoehlernewTodd Boehler, Senior Vice President of Product Strategy, at Process Unity. Todd collaborates with customers, partners and internal product teams to develop and deliver high-value risk and compliance solutions. In his role, he drives the company’s cloud services roadmap and defines ProcessUnity’s overall strategic direction. For nearly 20 years, Todd has served in product management and strategy roles for leading technology providers. In 2003, his governance, risk and compliance (GRC) startup was purchased by Stellent, which was soon after bought by Oracle Corporation. Todd worked for Oracle for seven years before joining ProcessUnity in 2014. He has extensive GRC experience, working with organizations’ engineering, services and sales teams to develop solutions, enable sales and deliver customer success.

ChrisPoulin Headshot Wide HiRes 2Chris Poulin, Principal Consulting Engineer, BitSight. Chris guides enterprises in assessing risk metrics and managing third-party relationships. He’s been in cybersecurity for almost 35 years, in both technical roles as a developer for the DoD intelligence community, and executive positions, such as CSO for Q1 Labs and CEO of his own boutique consultancy. Chris has spent time in both the startup community and at established companies, such as IBM and Booz Allen Hamilton. Chris brings this breadth of experience to customers, clients, and the stage.

Ilia SotnikovIlia Sotnikov, Security Strategist & VP of User Experience. Ilia’s 20 years of experience in cybersecurity and IT management include building the product management function at Netwrix. Today he is responsible for technical enablement, UX design, and product vision and strategy. In this role, he is focused on helping customers quickly get the most value from Netwrix solutions


DaveDavid Stapleton, Vice President & CISO at CyberGRX | CISSP. David is a cybersecurity risk professional with over a decade of experience in both the public and private sectors. David began his career at the Department of Health and Human Services (HHS) where he developed and managed Risk & Compliance functions for the Food and Drug Administration (FDA) and Indian Health Service (IHS). David is a Certified Information Systems Security Professional (CISSP).