Jump to navigation Jump to content

Speaker

Paul Innella

Paul Innella

CEO, TDI

Washington, District of Columbia, United States

Actions

Paul Innella, CEO of TDI, is a globally recognized cybersecurity executive with over 30 years of experience advising critical infrastructure, government, and enterprise organizations. He pioneered Cybersecurity Performance Management (CPM), a strategic approach to measuring cybersecurity effectiveness in operational environments. Paul has guided top institutions including DARPA, the U.S. Navy, Deutsche Bank, and the IMF. His insights have appeared in Forbes, Financial Times, CNBC, and ABC News. He holds CISSP-ISSMP, CISM, and NSA IAM certifications and completed executive programs at Cambridge, IMD, and Edinburgh Business School. He also chairs White Hat USA, supporting Children’s National Medical Center.

Links

Area of Expertise

  • Business & Management
  • Government, Social Sector & Education
  • Information & Communications Technology
  • Physical & Life Sciences
  • Transports & Logistics

Topics

  • cybercrime
  • cyber security
  • AI and Cybersecurity
  • cybersecurity awareness
  • Cybersecuirty
  • Cybersecurity Threats and Trends
  • Cybersecurity Governance and Risk Management
  • Artificial Intelligence and Machine Learning for Cybersecurity
  • Emerging Cybersecurity Topics
  • Cybersecurity Strategy
  • cybersecurity compliance
  • Cybersecurity Compliance and Auditing
  • Risk
  • Risk Management
  • Risk Mitigation
  • Governance risk and compliance
  • Cybersecurity Regulations and Compliance
  • Information Security Governance and Risk
  • Third Party Risk Management
  • cyber risk
  • CPM
  • cyber performance management
  • Governance
  • Board of Directors
  • Data Governance
  • Dashboards
  • Executive Leadership
  • Strategy
  • IT governance
  • CIO
  • CISO
  • CEO
  • Entrepreneur
  • CYBER PERFORMANCE

Sessions

Performance Over Activity: Transforming Cybersecurity Metrics for Societal Impact

Traditional cybersecurity relies heavily on compliance checklists, tools deployed, and activities performed, rather than demonstrating genuine security effectiveness. Cybersecurity Performance Management (CPM) fundamentally changes this dynamic by emphasizing outcome-driven metrics—like incident response maturity, resilience to attacks, and measurable risk reduction. CPM empowers organizations to clearly align cybersecurity efforts with broader governance, societal expectations, and business objectives, enhancing accountability and trust. Attendees will differentiate clearly between activity-based and performance-oriented cybersecurity metrics, learn practical steps for implementing CPM frameworks, identify meaningful KPIs to measure cyber performance, and understand CPM’s direct impact on strengthening societal trust and informed decision-making. This session provides real-world strategies and industry-proven practices to leverage CPM effectively.

Cybersecurity Performance Management: A Framework to Unlock Real Impact and Measurable ROI

Frustrated that escalating cybersecurity investments don't clearly show reduced risk or meaningful outcomes? You're likely measuring activity, not effectiveness. Cybersecurity Performance Management (CPM) is a strategic, metrics-driven framework designed to evaluate cybersecurity through clear, outcome-based indicators - such as incident response efficiency, risk reduction, and security maturity. By shifting away from traditional metrics like audits completed or tools deployed, CPM enables leaders to make informed, proactive security decisions aligned with organizational objectives. Discover how integrating CPM can transform cybersecurity into a strategic asset, clarifying the ROI and effectiveness of your security initiatives.
Key Takeaways:
• Move from activity-based cybersecurity measurements to outcome-focused metrics.
• Understand CPM as a strategic framework, not just another security tool.
• Learn practical ways to measure and demonstrate cybersecurity effectiveness and strategic value.
• See how targeted AI integrations can enhance CPM's analytical insights without overreliance.

Measuring ICS Cybersecurity Effectiveness: Implementing Cybersecurity Performance Management (CPM)

Cyber threats targeting Industrial Control Systems (ICS) are rapidly evolving, placing critical infrastructure—utilities, manufacturing plants, and transportation networks—under increased risk. Despite investments in cybersecurity, many ICS operators still rely heavily on traditional activity-based metrics such as patches deployed or alerts acknowledged. These metrics often fail to demonstrate actual security resilience or meaningful risk reduction.

Cybersecurity Performance Management (CPM), a strategic framework developed and championed by cybersecurity expert Paul Innella, empowers ICS leaders to transition cybersecurity management from reactive to proactive, focusing clearly on measurable outcomes. CPM provides critical infrastructure organizations with precise, outcome-focused metrics—such as vulnerability remediation effectiveness, asset visibility in OT environments, incident response speed, and resilience of critical control systems.

This session will equip attendees with a practical understanding of CPM implementation in ICS environments, demonstrating real-world case studies and best practices. Paul Innella, with over three decades of cybersecurity experience advising high-stakes organizations such as DARPA, Deutsche Bank, and the U.S. Navy, will outline methods to accurately measure ICS cybersecurity performance, communicate strategic insights clearly to executive leadership, and ensure cybersecurity investments deliver demonstrable operational impact and ROI.

Participants will leave this session with actionable strategies for adopting CPM, strengthening ICS cybersecurity posture, and effectively reducing operational and financial risks.

Paul Innella

CEO, TDI

Washington, District of Columbia, United States

Links

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top