Speaker

Paul Innella

Paul Innella

CEO, TDI

Washington, District of Columbia, United States

Actions

Paul Innella, CEO of TDI, is a globally recognized cybersecurity executive with over 30 years of experience advising critical infrastructure, government, and enterprise organizations. He pioneered Cybersecurity Performance Management (CPM), a strategic approach to measuring cybersecurity effectiveness in operational environments. Paul has guided top institutions including DARPA, the U.S. Navy, Deutsche Bank, and the IMF. His insights have appeared in Forbes, Financial Times, CNBC, and ABC News. He holds CISSP-ISSMP, CISM, and NSA IAM certifications and completed executive programs at Cambridge, IMD, and Edinburgh Business School. He also chairs White Hat USA, supporting Children’s National Medical Center.

Area of Expertise

  • Business & Management
  • Government, Social Sector & Education
  • Information & Communications Technology
  • Physical & Life Sciences
  • Transports & Logistics

Topics

  • cybercrime
  • cyber security
  • AI and Cybersecurity
  • cybersecurity awareness
  • Cybersecuirty
  • Cybersecurity Threats and Trends
  • Cybersecurity Governance and Risk Management
  • Artificial Intelligence and Machine Learning for Cybersecurity
  • Emerging Cybersecurity Topics
  • Cybersecurity Strategy
  • cybersecurity compliance
  • Cybersecurity Compliance and Auditing
  • Risk
  • Risk Management
  • Risk Mitigation
  • Governance risk and compliance
  • Cybersecurity Regulations and Compliance
  • Information Security Governance and Risk
  • Third Party Risk Management
  • cyber risk
  • CPM
  • cyber performance management
  • Governance
  • Board of Directors
  • Data Governance
  • Dashboards
  • Executive Leadership
  • Strategy
  • IT governance
  • CIO
  • CISO
  • CEO
  • Entrepreneur
  • CYBER PERFORMANCE

Measuring ICS Cybersecurity Effectiveness: Implementing Cybersecurity Performance Management (CPM)

Cyber threats targeting Industrial Control Systems (ICS) are rapidly evolving, placing critical infrastructure—utilities, manufacturing plants, and transportation networks—under increased risk. Despite investments in cybersecurity, many ICS operators still rely heavily on traditional activity-based metrics such as patches deployed or alerts acknowledged. These metrics often fail to demonstrate actual security resilience or meaningful risk reduction.

Cybersecurity Performance Management (CPM), a strategic framework developed and championed by cybersecurity expert Paul Innella, empowers ICS leaders to transition cybersecurity management from reactive to proactive, focusing clearly on measurable outcomes. CPM provides critical infrastructure organizations with precise, outcome-focused metrics—such as vulnerability remediation effectiveness, asset visibility in OT environments, incident response speed, and resilience of critical control systems.

This session will equip attendees with a practical understanding of CPM implementation in ICS environments, demonstrating real-world case studies and best practices. Paul Innella, with over three decades of cybersecurity experience advising high-stakes organizations such as DARPA, Deutsche Bank, and the U.S. Navy, will outline methods to accurately measure ICS cybersecurity performance, communicate strategic insights clearly to executive leadership, and ensure cybersecurity investments deliver demonstrable operational impact and ROI.

Participants will leave this session with actionable strategies for adopting CPM, strengthening ICS cybersecurity posture, and effectively reducing operational and financial risks.

Cybersecurity at the Speed of Mission: Delivering Management of Risk and ROI

Cybersecurity leaders across government face intensifying demands to prove the effectiveness of their programs and not just in compliance terms - in measurable performance, mission alignment, and return on investment. As threats evolve and federal guidance advances - from NIST CSF 2.0 to EO 14028 and Zero Trust - executives must adopt new models of continuous oversight and strategic assurance. This session introduces Cybersecurity Performance Management (CPM) as a transformative framework that enables real-time visibility into cyber risk, maturity, and impact. CPM replaces legacy activity metrics with Cybersecurity Performance Indicators (CPIs) that support strategic decision-making, continuous authorization (cATO), and executive-level reporting. When integrated with containerized RMF automation tools and platforms , CPM empowers agencies to shift from static control validation to continuous, data-driven governance. Attendees gain a forward-looking model for aligning cybersecurity with mission, investment, and accountability, positioning cyber as a performance function critical to trust, transparency, and resilience. This is the future of cyber governance: where federal executives lead with data, justify investments with confidence, and drive resilience through performance, not paperwork.

2025 ICS Cybersecurity Conference Sessionize Event Upcoming

October 2025 Atlanta, Georgia, United States

Paul Innella

CEO, TDI

Washington, District of Columbia, United States

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top