Cyber Resilience Awareness Day Virtual Summit 2025

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Introducing this year’s theme — “Resilient by Design” — drawing parallels to the “Secure by Design” movement, and emphasizing the need to build resilience directly into architectures, operations, and cultures. This message will underscore the importance of shared understanding, open frameworks, and real-world implementation examples, encouraging participants to use the day as a catalyst for action.

Featuring:
Francesco Chiarni, CEO & Chief Researcher, High Value Target (https://www.linkedin.com/in/chiarini/)
Mehdi Azaouioui, CEO & Founder, Limber Security (https://www.linkedin.com/in/mehdi-azaouioui-51a4431b/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Presenting the Recovery Maturity Model for Recovery from a Severe Operational Outage, a structured self‑assessment framework developed by the financial industry to measure and advance organizations’ preparedness for extreme cyber disruption.

Featuring:
Carlos Recalde, President & CEO, Sheltered Harbor LLC (https://www.linkedin.com/in/crecalde/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

MITRE’s Applied Cyber Resiliency Engineering (ACRE) methodology is a structured and repeatable implementation of NIST SP 800-160 Vol. 2 Rev. 1, “Developing Cyber-Resilient Systems: A Systems Security Engineering Approach”. ACRE has been designed to be applicable at all stages of the system development lifecycle and to provide documented traceability from an assessment of the system’s mission context to system requirements that support cyber resiliency in that context. MITRE’s Cyber Resiliency Engineering Framework (CREF) Navigator is a web-based tool that allows cyber engineers to easily trace the relationships defined in NIST SP 800-160 Vol. 2 Rev. 1.

This presentation will provide a high-level overview of the ACRE along with a demonstration of using the CREF Navigator to implement the methodology.

Featuring:
David Mann, Ph.D., Principal Cybersecurity Scientist, MITRE
Shane Steiger, Cyber Security Research - Resiliency & Innovation, MITRE

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

This expert panel will explore the critical shift from reactive cybersecurity postures to proactive cyber resilience engineered by design. Featuring leading voices from policy, architecture, implementation, and incident response, this session will bridge theory and practice on how resilience can and must be built into systems from the start — not added as an afterthought.

Featuring:
Francesco Chiarni, CEO & Chief Researcher, High Value Target (https://www.linkedin.com/in/chiarini/)
Jimmy Sanders, Information Security Leader President, ISSA International (https://www.linkedin.com/in/jimmy-s-cissp-crisc-cism/)
Ron Ross, Chief Executive Officer, RONROSSECURE, LLC (https://www.linkedin.com/in/ronrossecure/)
Mark Winstead, Principal Systems Security Engineer, MITRE (https://www.linkedin.com/in/markwinstead/)
Patrick Lechner, Managing Director, Resion (https://www.linkedin.com/in/patrick-lechner-resilience/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Building a strong cyber resilience strategy can be a complicated and lengthy process, and not all organizations have the same requirements. In this session, we highlight where organizations are focusing to build and then constantly improve on the building blocks of:

- Securing systems, especially the backup environment, aligning to zero trust principles and hardening against attacks
- Enhancing the ability to detect threat actor activity, such as using near real time information to protect high value storage systems which are not often well monitored due to their closed nature
- Technologies to protect systems and data to better enable timely recovery of operations from minimal, moderate and severe attacks.

Featuring:
Jim Shook, Director, Cybersecurity & Compliance Practice Cyber Resilience, Dell Technologies (https://www.linkedin.com/in/jamesshook/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Combining FAIR and Threat-Informed Defense to Evaluate Real-World Threat Exposure

Cybersecurity risk assessments frequently depend on qualitative scoring of controls based on standards like ISO 27001, NIST CSF 2.0, or CIS Controls. While these standards help establish good structure of a cybersecurity program, they fall short in addressing how real-world adversaries operate. They don’t guide prioritization based on actual attack techniques or measure the real effectiveness of defenses. We propose a threat-informed risk assessment framework that integrates threat-informed defense methods to link adversary behavior to mitigation coverage and directly inform the Loss Event Frequency input of the FAIR model.

Featuring:
Mehdi, Azaouioui, CEO & Founder, Limbersecurity (https://www.linkedin.com/in/mehdi-azaouioui-51a4431b/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Cyber defenders need a clear understanding of how security controls and capabilities align with their threat identification efforts, risk assessments, and security control programs. To support this, MITRE CTID has developed an open-source repository of mappings connecting security controls and capabilities to adversarial behaviors as described in MITRE ATT&CK. These mappings provide a foundation for a threat-informed approach by meeting the following objectives:

- Application of threat-informed analysis and decision-making to security control program design and implementation.
- Connect the design and implementation of controls to the adversary behaviors they mitigate.
- Improve management and board reporting with respect to control investment and threat protection.

Featuring:
Tiffany Bergeron, Chief Architect, Mappings Program - Center for Threat-Informed Defense, MITRE (https://www.linkedin.com/in/tiffany-bergeron/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Major cyber incidents expose gaps in critical asset protection, raising the question: how can MITRE ATT&CK help strengthen cyber resilience?

This presentation explores how MITRE ATT&CK reveals lessons learned from real-world incidents - starting from Groups, through TTPs and Mitigations, to the intersection with cyber resilience via the MITRE Cyber Resiliency Engineering Framework (CREF). It demonstrates how ATT&CK with the CREF Navigator can help organizations shift from reactive threat tracking to proactive, resilience-oriented planning. By analyzing cyber incidents and IT disruptions, we underscore how MITRE ATT&CK can serve not only as a threat-tracking tool but also as a valuable reference for strengthening cyber resilience against both evolving adversaries and technological disruptions.

Featuring:
Lorenzo Vacca, Cybersecurity Manager, RSM Italy (https://www.linkedin.com/in/lorenzo-vacca/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Users fundamentally face risks that vary among different ICT sectors, constantly evolve, and require reasonable allocations of resources and actions.

As cybersecurity incidents and related losses continue to increase, multiple private and public sector activities and actions have emerged as different understandings of what is reasonable. In legal terms "reasonable cybersecurity" is the duty of care that an organization owes its customers. However, what is reasonable remains largely undefined and no global compilation exists of its use for cybersecurity purposes.

Featuring:
Curtis Dukes, EVP & GM Security Best Practices, Center for Internet Security (CIS) (https://www.linkedin.com/in/curtis-dukes-aa9966129/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Resilience in security ensures an organization's ability to anticipate, detect, withstand, recover, and adapt to cyber threats. To counter the ever-evolving cyber threat landscape, organizations rely on cybersecurity tools to prevent, detect, and respond to cyberattacks.

This presentation will compare these tools to the NIST 800-160 and MITRE ATT&CK models, highlighting any remaining gaps and challenges. This research employs a systematic literature review and case study approach to examine the present state of cybersecurity tools and their applicability. This research adopts the Resilience Engineering Theory to review and evaluate the resilience of cybersecurity tools.

Featuring:
Oluwatomisin Giwamogorewa, Cybersecurity Doctoral Candidate, Marymount University (https://www.linkedin.com/in/ogiwamogorewa/)
Oluwatobi Babatunde, Cybersecurity Doctoral Candidate, Marymount University (https://www.linkedin.com/in/oluwatobi-babatunde)
Ricky Katsuya, Cybersecurity Doctoral Candidate, Marymount University (www.linkedin.com/in/ricky-katsuya-51071421)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

With resilience, our aim is to “remain viable amidst adversity.” We prevent what we can, presuming a certain number of incidents will occur, forcing us to detect and recover. We know relying solely on technical controls is no longer sufficient. Malicious actors are increasingly focused on social engineering. We also know that one-third of incidents begin outside of our enterprise. We must focus on a collaboration of people, process, technology, and the organization across the entire cyber life cycle inside and outside of our enterprise.

This session will walk through the underlying principles to guide your journey while discussing the role of the Business Impact Analysis (BIA), the Operational Resilience Framework (ORF), and the Cyber Resilience Capability Maturity Model (CR-CMM) as tools to achieve your resilience objectives.

Featuring:
Alex Sharpe, Principle, Sharpe, LLC (https://www.linkedin.com/in/alex-sharpe-3rd/)
Mark Orsi, CEO, GRF (https://www.linkedin.com/in/markorsi/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

This session explores building cyber resilience using the NIST Cybersecurity Framework 2.0's Identify, Protect, Detect, Respond, and Recover approach to minimize operational impact from cyber incidents.

Discover how real-world attacks compromise backups, resulting in lengthy and uncertain recovery periods that may compel organizations to revert to outdated manual processes. The key focus: Leveraging AI to rapidly identify clean data, detect threats early, and enable quick recovery with minimal operational disruption.

Featuring:
Jim McGann, CMO, Index Engines (https://www.linkedin.com/in/mcgann/)

Sign up for this talk here, or for ALL sessions of the ISSA International Cyber Resilience Awareness Day Virtual Summit here: https://issa.brighttalk.com/summit/7595/

Public sector organizations and enterprises worldwide face increasingly sophisticated cyber threats that can disrupt operations, erode trust, and compromise mission success. Cyber resilience, defined as the ability to anticipate, withstand, recover from, and adapt to cyber events is now a critical component of national, organizational, and digital security strategies.

This session explores how cyber resilience strengthens deterrence and operational continuity across sectors by ensuring systems and data remain available, trustworthy, and secure - even under attack. Central to this is data centricity: treating data as the most valuable asset and ensuring its protection, governance, and accessibility at all times. By safeguarding data through classification, encryption, access control, and continuous monitoring - aligned with Zero Trust and proactive data security principles - organizations can deny adversaries the opportunity to disrupt essential services or degrade decision-making.

Participants will gain insights into how building resilience at the data and system levels not only protects critical operations but also establishes confidence, credibility, and deterrence in a globally connected environment.

Featuring:
Travis Rosiek, Public Sector CTO, Rubrik (https://www.linkedin.com/in/travis-rosiek-3255b669/)