Educational Webinar

From CAT to CSF: A Strategic Conversation for Financial Institutions

September 30, 2025
2:00 PM - 3:00 PM CDT

With the FFIEC Cybersecurity Assessment Tool (CAT) scheduled to sunset this August, many financial institutions are turning to the NIST Cybersecurity Framework (CSF) as a flexible, scalable alternative. But how can you make the shift effectively and get organizational buy-in along the way?

In this webinar, we’ll be joined by Daniel Eliot from NIST’s Applied Cybersecurity Division and the CSF 2.0 project team to explore:

•  Why the NIST CSF is a strong fit for community institutions
•  Best practices for implementing the NIST CSF effectively
•  Common questions and challenges when adopting the framework

Whether you’re early in planning or actively using the framework, this session will offer useful tips and expert insight to help you move forward with confidence.

Meet the Presenters

Alyssa Pugh, GRC Content Manager, Tandem

Alyssa Pugh is an educator, expert, and content creator with a passion for helping people navigate the challenges of governance, risk management, and compliance (GRC). She has more than ten years of professional technical and information security experience. She currently serves as the GRC Content Manager for Tandem, where she supervises the Tandem Content team and oversees the development of cybersecurity compliance content and educational resources. In addition to her passion for technology, Alyssa is also a wife, graphic designer, and video game enthusiast.

Daniel Elliot, Applied Cybersecurity Division, National Institute of Standards and Technology

Daniel Eliot works within the Applied Cybersecurity Division of the National Institute of Standards and Technology (NIST), part of the U.S. Department of Commerce. Daniel helps lead the NIST Cybersecurity Framework (CSF) 2.0 project, working to expand the portfolio of CSF 2.0 resources and regularly promoting adoption and use of the CSF more broadly. Daniel also serves as the lead for small business engagement, working across NIST's cybersecurity and privacy program to advise and support development of cybersecurity resources, communication materials, and collateral tailored for use by small businesses and their resource partners. Prior to joining NIST, Daniel held cybersecurity roles at MITRE Corporation’s Center for Securing the Homeland, the National Cybersecurity Alliance, and the University of Delaware’s Office of Economic Innovation and Partnerships.