Educational Webinar

From CAT to CSF: A Strategic Conversation for Financial Institutions

September 30, 2025
2:00 PM - 3:00 PM CDT

Now that the FFIEC Cybersecurity Assessment Tool (CAT) retired on August 31, 2025, many financial institutions are turning to the NIST Cybersecurity Framework (CSF) as a flexible, scalable alternative. But how can you make the shift effectively and get organizational buy-in along the way?

In this webinar, we’ll be joined by Daniel Eliot from NIST’s Applied Cybersecurity Division and the CSF 2.0 project team to explore:

•  Why the NIST CSF is a strong fit for community institutions
•  Best practices for implementing the NIST CSF effectively
•  Common questions and challenges when adopting the framework

Whether you’re early in planning or actively using the framework, this session will offer useful tips and expert insight to help you move forward with confidence.

Meet the Presenters

Daniel Eliot, Applied Cybersecurity Division, National Institute of Standards and Technology (NIST)

Daniel Eliot works within the Applied Cybersecurity Division of the National Institute of Standards and Technology (NIST), part of the U.S. Department of Commerce. Daniel helps lead the NIST Cybersecurity Framework (CSF) 2.0 project, working to expand the portfolio of CSF 2.0 resources and regularly promoting adoption and use of the CSF more broadly. Daniel also serves as the lead for small business engagement, working across NIST's cybersecurity and privacy program to advise and support development of cybersecurity resources, communication materials, and collateral tailored for use by small businesses and their resource partners. Prior to joining NIST, Daniel held cybersecurity roles at MITRE Corporation’s Center for Securing the Homeland, the National Cybersecurity Alliance, and the University of Delaware’s Office of Economic Innovation and Partnerships.

Alyssa Pugh, GRC Content Manager, Tandem

Alyssa Pugh is an educator, expert, and content creator with a passion for helping people navigate the challenges of governance, risk management, and compliance (GRC). She has more than ten years of professional technical and information security experience. She currently serves as the GRC Content Manager for Tandem, where she supervises the Tandem Content team and oversees the development of cybersecurity compliance content and educational resources. In addition to her passion for technology, Alyssa is also a wife, graphic designer, and video game enthusiast.