In today’s dynamic threat landscape, cybersecurity professionals face the daunting challenge of protecting their organizations from a wide range of evolving risks. The OWASP Threat and Safeguard Matrix [TaSM], developed by Ross Young, offers an actionable framework to safeguard and enable business operations. By overlaying major threats—such as phishing, supply chain attacks, and ransomware—with the NIST Cybersecurity Framework Functions [Identify, Protect, Detect, Respond, Recover], TaSM enables organizations to build a robust, defense-in-depth strategy tailored to their unique needs.

This presentation will demonstrate how to use TaSM to identify gaps in safeguards, prioritize high-impact actions, and track progress through measurable metrics. Attendees will learn how to incorporate TaSM into threat modeling, enhance risk committee discussions, and address emerging challenges like AI-related risks. Real-world examples and practical tools, including a Cyber Report Card, will equip participants with techniques to clearly communicate cybersecurity performance and strategy to executive leadership.

Join us to explore how the TaSM framework can transform your organization’s approach to mitigating threats, aligning security efforts with business goals, and ensuring resilience in the face of adversity. This session is ideal for CISOs, risk leaders, and anyone responsible for driving cybersecurity strategy and innovation.