2026-04-26 –, Track 2
In today’s rapidly evolving threat landscape, organizations are under increasing pressure to maintain robust cybersecurity postures while ensuring compliance with newly implemented regulations such as the SEC Cybersecurity Rules, CMMC, and DORA. This presentation explores how proactive defensive measures, including the use of the Cyber Defense Matrix and the MITRE ATT&CK framework, DeTT&CT, & D3fend projects, can significantly enhance an organization’s ability to align security operations with compliance requirements. By mapping capabilities, identifying gaps, and systematically organizing security functions, these tools not only strengthen cyber defenses but also provide structured approaches to meeting regulatory controls. Attendees will gain insight into integrating these frameworks into their cybersecurity strategy to improve visibility, accountability, and resilience while maintaining audit-readiness and governance alignment.
In a rapidly changing threat landscape, organizations are grappling with dual pressures: maintaining a robust security posture and complying with a wave of stringent new regulations. This includes the U.S. SEC Cybersecurity Rules, the now live Cybersecurity Maturity Model Certification (CMMC), and the comprehensive Digital Operational Resilience Act (DORA). Simply reacting to these mandates is not enough; a proactive, structured approach is essential for true resilience and audit-readiness.
This session will show you how to move beyond basic compliance checks by strategically deploying powerful cybersecurity frameworks to align security operations with regulatory requirements.
With a background in law enforcement and cybersecurity, Steve is highly skilled in cyber risk management, cloud security, threat mitigation, and intelligence gathering and analysis. Steve has expertise in a range of cybersecurity incident response and threat hunting tools, as well as in information security system design, management, and analysis. Steve also brings a wealth of specialized experience in both Healthcare and Financial Services sectors and has a legal background focused on regulatory compliance and digital privacy.