Journal of Information Assurance, Security, and Protection (JIASP)

Welcome to JIASP! Our community consists of technology leaders, managers, practitioners, researchers, and academicians.

The goal for all utilized contributions is to provide a means for continuing the research and study of information assurance in more detail. The intent is to ensure that such collaborations will then lead to additional inquiries, research, sharing of findings, and publications.

You are welcome to utilize the Leave a Comment or the Contact form options to share ideas, research, upcoming events, and noteworthy items for our community stakeholders.

Upcoming Event

020 North America CACS
12-14 May 2020 | Baltimore, Maryland

THIS YEAR’S VENUE

Baltimore Convention Center
Palexpo Convention Centre

As the program is developed, we will continue to add information—check back frequently for updates!
39 CPE Hours Available

See What’s Next at North America CACS 2020.
Don’t Miss Your Best Chance to Save on the Top Audit, Control and Security Event in North America—Sign Up Now!
Stay ahead of trends and tools across your professional landscape.

Join us at North America CACS 2020, Tuesday, 12 – Thursday, 14 May in Baltimore, Maryland, and be a part of the top conference for IS audit and security professionals!
Register Early and Save US$400
Use Promo Code: NAC20FAL

See the pricing page for more details.
Here’s what last year’s attendees had to say about North America CACS:

“If you want an event where you will have a wide perspective of cybersecurity, governance, risk, control and audit, this is the place to go.”

“If you’re attending North America CACS, you’re going to get the information you need to develop as a professional, and you’re going to learn from the whole experience what’s on the horizon.”
Continue Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a three-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 39 CPE credits; 18 by attending North America CACS 2020, 14 for the 2-day workshops and 7 for the one-day workshops. ISACA conferences are Group Live and do not require any advanced preparation.

Please note that the session scanners at the Conference do not track CPE credit hours. You will still need to allocate your CPE hours in “My ISACA” following the conference. Certificates of Attendance will be accessible via your MyISACA profile 4-6 weeks after the conference. To view your certificate, log into your account at http://www.isaca.org/MyISACA. Select the “ISACA CPE Records tab” below your dashboard to see your ISACA CPE Certificates.

Your Certificate of Attendance details the maximum number of CPE hours you could have earned by attending this event. CPE policies for each ISACA certification, as well as details on how to report your CPE hours, are available here on ISACA’s website. Reporting can also be done by submitting information on the annual renewal invoice

What’s in it for you?

Grow Your Network

Enjoy direct access to leaders and fellow professionals, and interaction with our expert speakers in the breakout sessions and innovators and solutions providers in the Expo Hall.
Enhance Your Knowledge

Choose from dynamic, timely topics that help you address challenges and learn innovative solutions. Conference track sessions and workshops will feature topics that are current and timely, subject matter that is cutting edge, a thought-leadership perspective that understands today’s industry challenges and is on the leading edge of new ideas.

What is in it for your organization?

Embrace fresh insights, tools and solutions you can apply immediately in your organization with your choice of 100+ track sessions.

Share your experiences with fellow conference attendees and bring back their tactics, techniques and stories of hard-earned successes to enlighten and energize your team. Add to your professional value and ready your organization’s ability to see and shape what is coming next for the world of information systems, cybersecurity, technology and business.

Follow @ISACANews and join the North America CACS conversation by using the hashtag #NACACS.

Like ISACA on Facebook to stay informed.

Follow @ISACANews on Instagram to see behind the scenes photos of the conference.

Follow ISACA’s Company page on LinkedIn for updates.

Who should attend?

North America CACS 2020 brings together experts and practitioners in the areas of audit, security, cybersecurity, compliance, risk, privacy, control and IT, from a wide range of industries, including finance, banking, tech services, government, insurance, medical and more.

North America CACS sessions are for professionals at any point in their career, with three learning levels, hands-on labs, technical and soft-skill training, lectures, panel discussions and more. There is something for everyone at North America CACS.

Program
As the program is developed, we will continue to add information to this page—check back frequently for updates!
Opening Keynote
Alison Levine

First American Women’s Everest Expedition Team Captain, New York Times bestselling author of On the Edge

“Fear is OK, But Complacency Will Kill You”

Alison Levine knows what it’s like to survive (and thrive) in the world’s toughest environments. She served as team captain of the first American Women’s Everest Expedition, scaled the “Seven Summits,” and skied to the North and South Poles—making history along the way. In addition to climbing mountains, she also spent time climbing the corporate ladder in sales, in marketing and then on Wall Street after earning her MBA from Duke University. In her New York Times bestseller, On the Edge: Leadership Lessons from Everest and Other Extreme Environments, Alison asserts that the principles that apply to the world of extreme adventure also apply to demanding business environments. A former adjunct professor at West Point, Alison understands what it takes to lead teams through challenging situations. Her commitment to developing leaders of consequence earned her the Ellis Island Medal of Honor which has been awarded to seven US presidents, numerous world leaders, and two Nobel laureates.
Tracks for 2020

The North America CACS Conference is the premier conference for Audit/Assurance, COBIT®, Compliance, Risk, Security, and Strategy/Governance professionals. This year’s program will include sessions on:

IT Audit & Assurance
Security/Cyber Security
Emerging Technology & Techniques
IT Governance, Compliance & COBIT
IT Risk Management
Data Analytics & Information Management
Leadership Development & Career Management
Industry Trends & Insights

Closing Keynote
Amy Webb

2020 Emerging Tech Trends Report

You’ve studied trends within your own industry, but how can you prepare yourself and your business for what’s next in a world of constant disruption? Amy Webb contextualizes emerging trends that matter to IT, Audit, Risk, Control & Security and explains how they fit into a more holistic vision of the future. She will distill and help your organization prioritize which trends to pay attention to, and how to think more exponentially about what’s on the horizon.

Amy Webb, quantitative futurist and bestselling, award-wining author, is a professor of strategic foresight at the NYU Stern School of Business and the Founder of the Future Today Institute. Webb was named to the Thinkers50 Radar list and won the 2017 Thinkers50 Radar Award. Webb is a Fellow in the United States-Japan Leadership Program, a Foresight Fellow in the U.S. Government Accountability Office Center for Strategic Foresight, and was a Visiting Nieman Fellow at Harvard University, where her research received a national Sigma Delta Chi award. She was also a Delegate on the former U.S.-Russia Bilateral Presidential Commission, where she worked on the future of technology, media and international diplomacy. Webb’s research focus is artificial intelligence. She has advised three-star generals and admirals, White House leadership and CEOs of some of the world’s largest companies on their futures. She is the bestselling author of The Signals Are Talking: Why Today’s Fringe Is Tomorrow’s Mainstream (2016) and The Big Nine: How The Tech Titans and Their Thinking Machines Could Warp Humanity (2019), a call-to-arms about the broken nature of artificial intelligence, and the powerful corporations that are turning the human-machine relationship on its head.
Interactive Workshops

ISACA will host a variety of 2- and 1-day workshops immediately before and after the North America CACS Conference in 2020 to help you maximize your time, travel and CPE!

2-day Pre-Conference Workshops (14 CPE)
Sunday, 10 May & Monday, 11 May 2020 – Courses will run 9:00am – 5:00pm both Sunday & Monday

WS1— Cybersecurity Audit Certificate
WS2— Risk Management & Communication
WS3— Cloud Computing Security & Audit
WS4— Penetration Testing Overview

1-Day Post-Conference Workshops (7 CPE)
Thursday 14 May & Friday 15 May 2020 – Courses will run 1:00pm – 5:00pm on Thursday & 9:00am – 12:00pm on Friday.

WS5— Implementing the NIST Cybersecurity Framework Using COBIT 2019
WS6— Robotic Process Automation (RPA) & the Auditor
WS7— Coming Soon
WS8— Coming Soon

Go Green!
Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a three-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 25.5 CPE credits; 18 by attending GRC 2020, and 7.5 by attending one of the pre-conference workshops. ISACA conferences are Group Live and do not require any advanced preparation.

Please note that the session scanners at the Conference do not track CPE credit hours. You will still need to allocate your CPE hours in MyISACA following the conference. Certificates of Attendance will be accessible via your MyISACA profile 4-6 weeks after the conference. To view your certificate, log into your account at http://www.isaca.org/MyISACA. Select the “ISACA CPE Records tab” below your dashboard to see your ISACA CPE Certificates.

Your Certificate of Attendance details the maximum number of CPE hours you could have earned by attending this event. CPE policies for each ISACA certification, as well as details on how to report your CPE hours, are available here on ISACA’s website. Reporting can also be done by submitting information on the annual renewal invoice.
Go Green!

Do you have a topic that you think should be offered at this conference? We want to know! Tell us about it by submitting your idea on Twitter using #GRCConf
Conference Registration Fees
Act quickly to take advantage of early savings.
Full Conference Registration

Register and pay for the full conference before 11:59 PM CT on Friday, 8 May 2020 to receive the standard rate:
Member Price: US$1795 Non-Member Price: US$1995
Workshop Only

Pre- and post-conference workshops are optional and can either be added to your conference registration for an additional fee, or registered for by themselves. Prices for workshops will vary; full information will be posted here once the workshops are announced.
Member Price: Prices vary based on workshop. See individual workshop for details. Non-Member Price: Prices vary based on workshop. See individual workshop for details.
Onsite Registration Rate

Register and pay for the full conference after Friday, 8 May 2020 and receive the onsite rate:
Member Price: US$1995 Non-Member Price: US$2195
Cancellation Deadline: Saturday, 11 April 2020
Terms and Conditions
Cancellation Policy

All cancellations must be received by the published deadline to receive a refund of registration fees. A cancellation charge of US $295 will be subtracted from conference refunds; a cancellation charge of US $250 will be subtracted from 2-day workshop refunds; and a cancellation charge of US $125 will be subtracted from 1-day workshop refunds. No refunds can be given after the cancellation deadline above. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be an additional nonmember fee due.

NOTE: If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact ISACA:
Phone: +1.847.660.5505
Fax: +1.847.253.1443
E-mail: https://support.isaca.org

Disclaimer

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording of presentations and workshops in any form is prohibited.

Please note that any attendee requested paperwork or documentation that ISACA needs to provide information or fill out, can take up to 10 business days.

Discounts

Discounts for the conference are available and detailed below. Please note that discounts cannot be applied retroactively and must be applied at the time of purchase. All discounts are applied to the main conference registration fee and cannot be applied to workshop registrations. Discounts cannot be combined with any other registration discount offerings.
Groups:

ISACA offers discounts to organizations sending 4 or more employees to a single conference.
Government Employees:

ISACA offers a US $350 conference registration discount to government employees.
Academic and Student:

ISACA offers a US $350 conference registration discount to academic institution employees and students. Please note that you must be an ISACA Student Member in order to receive the student discount; additional membership and qualification details can be found here.

Please contact ISACA for more details and eligibility verification on any of the above discounts at +1.847.660.5505 or https://support.isaca.org.

Dress

Business casual is appropriate for this and all ISACA conference events.

Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the website or contact the membership department at membership@isaca.org

NOTE: This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.

Payment Methods

Pay online at https://next.isaca.org/cart

Mail your payment to:
ISACA
1055 Paysphere Circle
Chicago, IL 60674 USA

Bank Wires—send electronic payments in US dollars to:
Bank of America
135 S. LaSalle St.
Chicago, IL 60603
ABA #0260-0959-3
ISACA Account #22-71578
S.W.I.F.T. code BOFAUS3N
* Please include attendees name on the Advice of Transfer.

Consent for Photos, Audio and Video Recordings Taken at Events or for Marketing Purposes

I agree irrevocably and free of charge that ISACA or any third party who is acting on ISACA’s behalf may create images, videos and/or sound recordings of me (“works”) at the event for marketing purposes. For these purposes, the granting of rights in the works also includes the rights to adapt, reproduce, distribute, perform, making available to the public, broadcast, retransmit or sublicense the works to ISACA’s affiliates. The granting of rights in the works also includes all current and future media, goes beyond the repetition of an event and is not restricted to time or territory. View ISACA’s Privacy Notice >>

Registration and Payment Policy

You must be 18 years of age or older to attend this event.

Registration submissions for this conference and any additional workshops are note processed and a seat is not confirmed or reserved until full payment is received. All submissions not paid in full will be placed on a waitlist and priority will be given to paid registrants in a payment first come, first-served basis. Space is limited, so it is highly recommended that payment is provided at the time of submission to guarantee a seat within the conference and related events.

Registration rate is determined by the date payment is received by ISACA HQ and current membership status. Please plan accordingly, as it may take 10 or more business days for a wire transfer or mailed check to reach ISACA. Should we receive payment after a registration rate deadline, your account will be adjusted to reflect the current due amount. Entrance to the conference and all related events is contingent upon full payment.

Justify Your Attendance

Click here for a deeper dive into how North America CACS 2020 benefits your enterprise.

Check out quick takes from North America CACS 2019 to review the speakers, education and content you can expect at a CACS conference.

North America CACS 2019 Report

Check out the conference highlights from the North America CACS 2019 conference

Please check back for more highlights about North America CACS!
Welcome to Baltimore!
Baltimore, “city of neighborhoods”

Baltimore’s diverse city landscape makes it the perfect setting for professionals from all different career walks of life to get together in one place for a variety of focused sessions. Explore Baltimore’s Inner Harbor where you can find plenty of dining and entertainment including the National Aquarium, site-seeing boat cruises and delicious seafood, or explore the vibrant restaurants and bars located just beyond the right field wall of Oriole Park at Camden Yards on Eutaw Street! The “city of neighborhoods” has a little something for everybody. Start planning your trip now! Click here to check out all there is to do in Baltimore!

Click here to save with Baltimore’s Show Your Badge Program
Baltimore Convention Center

All conference events take place at The Baltimore Convention Center (BCC), unless explicitly noted in the event schedule. ISACA highly recommends that attendees stay at one of the 3 conference hotels located within walking distance from the BCC – see full hotel details below. Click here for more information on the Baltimore Convention Center

Hotels
Hilton Baltimore Inner Harbor

401 West Pratt Street
Baltimore,MD 21201
Phone: +1.443.573.8700

ROOM RATE
ISACA Group Rate: US$229 + taxes/fees per night, single/double occupancy

Group Room Rate Deadline: 10 April 2020

Cancellations with full refund will be allowed up until 24 hours prior to the arrival date of the reservation.
Baltimore Marriott Inner Harbor Camden Yards

110 South Eutaw Street
Baltimore,MD 21201
Phone: +1.410.962.0202

Click Here to Make Your Reservation
ROOM RATE

ISACA Group Rate: US$209 + taxes/fees per night, single/double occupancy

Group Room Rate Deadline: 17 April 2020

Cancellations with full refund will be allowed up until 72 hours prior to the arrival date of the reservation.
Sheraton Inner Harbor

300 South Charles Street
Baltimore,MD 21201
Phone: +1.410.962.8300

Click Here to Make Your Reservation
ROOM RATE

ISACA Group Rate: US$209 + taxes/fees per night, single/double occupancy

Group Room Rate Deadline: 17 April 2020

Cancellations with full refund will be allowed up until 72 hours prior to the arrival date of the reservation.
ISACA’s Group Room Rate

There are a limited number of rooms available at ISACA’s Group Room Rate and reservations will be handled on a first come-first served basis. All reservations made after the deadline or after the room block fills, whichever comes first are subject to space and rate availability. In order to guarantee hotel reservations, guests will be required to provide credit card. Please note, credit card may be charged if reservation is cancelled after the deadline.

Help Us to Help You!

For the best possible experience, ISACA strongly encourages conference delegates to stay at one of the host hotels listed above. They are the most convenient locations for attendees to be as close as possible to all conference activities at a negotiated price. In addition, every reservation made for those attending the 2020 North America CACS Conference helps ISACA fulfill its commitment to the hotel, in turn allowing ISACA to continue to keep the cost of both conference fees and membership dues as low as possible.

Please note: ISACA will never contact you with guest room promotions offering a better deal. With the advent of discount aggregators or housing “pirates,” if you experience a problem with a “pirate” reservation, ISACA cannot assist you. However, please know that ISACA staff will work with you to resolve issues that may arise if you make your reservation through the ISACA-provided housing registration link.

Area Airports

Baltimore International Airport (BWI)
10 miles/20 minutes from Baltimore Convention Center

Dulles International Airport (IAD)
60 miles/75 minutes from Baltimore Convention Center

Ronald Reagan Washington National Airport (DCA)
42 miles/60 minutes from Baltimore Convention Center

Local Transportation

As part of the “Show Your Badge Program” The following companies are offering discounted rates for conference attendees. Please use codes listed below to obtain discount.

Battle’s Transportation Inc.
CODE: BTIVBAL

KD Elite Transportation
CODE: KD2017

Supershuttle Airport – BWI Airport
CODE: ZG7TC

Thank You to Our 2020 Sponsors!
Diamond
Platinum
Gold
Silver
Bronze
Supporting Sponsors
Synopsys
2020 Speakers
Ferris Adi
Ferris Adi
Senior Cyber Security and Compliance Manager, Rogers, Toronto

Ferris is a Senior Cyber Security and compliance manager with Rogers, Toronto. Before Rogers, Ferris worked as Security and Risk Manager at TD bank for four years. Ferris is an experienced professional with over 20 years of experience specializing in information security Governance, IT risk management, project management, compliance, operational risk, and enterprise infrastructure and operations for clients in the Telecom, financial services, construction, engineering, and retail industries. Ferris has also performed information security functions for the most significant public and private companies in Canada, Aecon and Symcor and TD bank. Ferris is an instructor, Cyber Security Management Program at the University of Toronto. Ferris developed leadership skills through his career, i.e., communicating effectively, thinking strategically and analytically and solving problems. Ferris holds a Master of Business Administration – MBA-Project Management. Ferris is a Certified Information Systems Security Professional (CISSP). Ferris is a frequent speaker at cybersecurity conferences such as ISACA Canada, CIFI Toronto Conference, CISO forum, data connectors and information security forum in Dublin, Ireland.
Rafael Alvarez
Rafael Alvarez
Founder and CTO of Fluid Attacks

Rafael is the Founder and CTO of Fluid Attacks. He is responsible for red team operations and product development focused on fast exploitation and vulnerability disclosure. A frequent speaker on software development, information security, and entrepreneurship. Rafael was a member of the technical committee responsible for the Colombian homologation of ISO security standards, leader of the first Colombian ISO 27001 certification, and an adjunct lecturer of Operating Systems, Distributed Systems, and TCP/IP Networks.
Icon
Tom Arnold
Co-founder and Vice President of PSC

Tom Arnold is Co-founder and Vice President of PSC, part of NCC Group. Based out of San Jose, California, he heads PSC’s Digital Incident Response and Forensics team and specializes in internal and external security assessments related to US and international standards. He leverages his payments background to evaluate and design security controls and secure systems that accept a variety of traditional and emerging consumer payment technologies. Among his clients are trans-global payment processors; over-the-air and traditional & digital credit card production companies; global telecommunication companies; travel and hospitality companies; and, large multi-national retailers. Mr. Arnold has been directly involved investigating and resolving over 120 cases involving unauthorized access to computer systems that store or process payment card data. He has been the lead investigator on large breaches where environments spanned over 7,000 servers and involved complex threat hunting to find the adversary.
James Baird
James Baird
Owner, Cybersecurity Management Consulting Group, LLC

Since his first role in IT in 1993, James has worked in the Information Technology field for companies in both the private and public sectors with opportunities at MCI Worldcom, the State of Georgia, CompuCredit, Global Payments and the American Cancer Society. Prior to his role with the Society, James was the Vice President of Information Protection and Compliance for TransCentra, the largest independent conventional Payments Processor in the US, and he currently is performing CISO duties for International Market Centers, and finishing up the build on his BBQ Shaque.
Icon
Radhika Bajpai
Senior Level Executive Director

Radhika Bajpai is a Senior Level Executive Director with over 18 years of financial services experience performing financial, operational, compliance and regulatory internal control reviews, risk assessments, analysis and risk mitigation. Radhika has expertise within Risk Management, Control Oversight, Strategic Planning, Regulatory Response, Operational Risk, Project Management, Compliance, Recovery and Resolution, Business Continuity Planning, Sarbanes Oxley (SOX), Risk and Control Self-Assessment (RCSA), SSAE18/SOC1 domains. She is an IT risk and cybersecurity professional with exceptional interpersonal skills and “hands-on” experience in information risk management, incident response, policy development, regulatory compliance and training & awareness program development. Radhika has led external audit assurance program with responsibility for continuous control monitoring and data analytics in various top tier global financial institutions like Goldman Sachs and Bank of New York Mellon. She has led various projects in designing IT general controls following NIST Cybersecurity, ISACA COBIT and Unified Compliance frameworks including access and entitlement management, change management, technical operations and physical security domains. Radhika has a keen understanding of national and international laws, regulations, policies and ethics related to cybersecurity controls in financial industry. She has recently completed her second master’s degree in Cybersecurity Risk & Strategy from NYU School of Law and Tandon School of Engineering.
Victoria Beckman
Victoria Beckman
Partner. Co-Chair Privacy & Data Security. Chair Latin America Desk, Frost Brown Todd

Victoria is a member in the Columbus office of Frost Brown Todd, Co-chair of the Privacy and Data Security group, and Chair of the Latin America Desk. She assists clients with compliance of state, federal, and international privacy laws as well as preparing strategies for responding to data breaches and other security incidents. Her experience includes facilitating the resolution of cases involving ransomware, assisting multi-global companies with recovery of losses after a breach, proactively reviewing existing policies for domestic and foreign companies to minimize risk of potential litigation, and developing and assisting clients with the implementation of cybersecurity programs and policies. Victoria also represents U.S. and foreign companies in intellectual property, business, and cross border litigation. Victoria’s fluency in Spanish and her education and work experience in Latin America allow her to help U.S. and foreign companies navigate through transnational disputes and issues of foreign law. Prior to practicing law, Victoria was an industrial engineer in the technology and automotive sectors and a competitive figure skater.
Icon
Matt Beland
CEO, Smooth Sailing Solutions

Matt Beland is an industry-leading IT and security professional with 25 years of experience in the field. His crew at Smooth Sailing Solutions builds comprehensive privacy and security programs through whole-organization engagement. Matt’s experience has proven that the most successful way to build productive practices and programs is to employ existing resources and capabilities before reaching for shiny new tools.
Icon
Alex Bermudez
GDPR Manager, OneTrust

Alex Bermudez serves as Privacy Consulting Manager of the Americas at OneTrust – the #1 most widely used privacy, security and third-party risk technology platform. In his role, Bermudez leads OneTrust’s team of Solution Consultants across the Americas, working with emerging and enterprise companies on data protection regulation solution implementations, focused on building and scaling global privacy programs. Bermudez has presented on a variety of privacy and security topics, providing deep insight into regulatory issues and practical approaches to compliance. Additionally, he helps facilitate OneTrust’s PrivacyConnect workshops across North America. Prior to OneTrust, Bermudez spent several years at a leading Healthcare Information Technology services organization where he gained valuable experience working with national healthcare providers to implement HIPAA-compliant workflow solutions. Bermudez is a Certified Information Privacy Professional (CIPP/E, CIPM) and holds a B.S. from the University of South Carolina.
Icon
Clint Bircheat
Sr. IT Security Risk Analyst, Guidewire Software

Having a background formed by all 3 lines of defense across 5 market industries, Clint brings a decade of experience to the field as a Security Practitioner and Ambassador. While some like to talk about security others like to dig in a solve problems asking, “how does it work?” and “what’s next?”. New technology and new forms of old technology beg us to think forward and be more ingenuitive thinkers and problem solvers. Come join the discussion for building a better tomorrow for our lives and organizations.
Icon
James Bothe
Director of Operations, Coordinated Response

Starting his career in 1975, Mr. Bothe possesses forty years of experience in the information technology field, with the last twenty focused in information security. His experiences encompass a wide range of disciplines, ranging from the development of information security strategies and programs to architecting and managing the deployment of information security technology. Working nearly exclusively in the private sector, Mr. Bothe’s clients have included organizations in the communications, healthcare, banking, insurance, technology, retail and manufacturing sectors.
Icon
Mary Breslin
Founder of Verracy

Mary Breslin is the Founder of Verracy and specializes in Internal Audit transformations, Operational and Financial Auditing, Fraud Auditing & Investigations, and Corporate Accounting. Ms. Breslin’s career spans over 20 years in Internal Auditing, Management and Accounting for companies such as ConocoPhillips, Barclays Capital, Costco Wholesale, and Boart Longyear. With significant International experience, she has managed audit programs in more than 50 countries. Most recently, Ms. Breslin held the title of Vice President and Chief Audit Executive where she transformed a checklist audit function into a value-add audit department delivering measurable business results. Mary was an early adopter of analytics and has been utilizing data analytics in her career in both audit and fraud work for over 15 years. Through her expertise, she has helped large global organizations leverage analytics to increase coverage, automate continuous auditing and monitoring, and actively fight fraud. Additionally, Ms. Breslin has conducted major fraud investigations on multiple continents including large scale federal cases. Ms. Breslin attended Rutgers University and received an MBA from the University of Phoenix while living and working overseas. She is a member of the Institute of Internal Auditors (IIA), American Institute of Certified Public Accountants (AICPA), ISACA, the Society of Corporate Compliance (SCCE), and the Association of Certified Fraud Examiners (ACFE) and is currently an instructor and conference speaker for the IIA, The ACFE and ISACA.
Jakub Bryl
Jakub Bryl
Manager Supplier Quality IS Services, Philip Morris International

Jakub Bryl – IT manager with vast experience in IT governance, IT quality and IT security fields. Throughout his career, Jakub has held various consultancy, audit and managerial roles, including IT/IS Auditor, ITCP Test Manager, SAP Infrastructure Test Manager, QA Team Manager, GRC Manager, IT Architecture Standards Manager. He had worked both as an individual contributor, and as a leader of large (over 45 individuals) teams. Jakub has been a speaker at several software quality and software security conferences and seminars. He has published both in academic and industry journals. He holds multiple professional designations, including CISM, CISA, ISO 27001 Lead Auditor, ITIL Expert and ISTQB.
Jamie Burgess
Jamie Burgess
Consulting Partner, RSM

Jamie is a consulting partner with over 17 years of experience, with over seven years working in a Big Four global consulting firm. She is experienced in enhancing the reliability of processes and systems to better manage and control risk within the business enterprise. Her primary responsibilities are to provide consulting services focusing on clients’ business and information technology needs, including strategy, compliance, risk management and audit services. Jamie’s background includes exposure to identification and evaluation of key risks and controls, including compliance with regulatory guidelines.
Icon
Christopher Clai
Senior Cyber Security Engineer, Keno Kozie Associates

Christopher is a Senior Cyber Security Engineer and Diversity and Inclusion advocate from Chicago, IL. When not spending time defending networks, they can be found advocating for various minority communities, mentoring coworkers and those aspiring in IT, speaking on various topics, and blogging on syntaxbearror.io.
Andrew Clark
Andrew Clark
Data Economist, Monitaur

Andrew Clark is a Data Economist at BlockScience; engineering, research, and development, and analytics firm focused on the design and analysis of complex networks. At BlockScience Andrew creates ecosystem economic design specifications by simulating the designed ecosystem using Python-based methods. Employing mathematical engineering technologies, he creates novel solutions by utilizing time-tested systems engineering practices to solve business problems. Andrew is co-founded, and Chief Technology Officer, of a machine learning assurance company called Monitaur. Monitaur solves a key problem that has been preventing wide-spread machine learning adoption: the lack of a holistic approach to machine learning risk management. Monitaur has created a risk management and regulator friendly ‘SIEM’ system that records all model predictions with an understandable description of why a transaction has occurred. Andrew received a B.S. in Business Administration with a concentration in Accounting, Summa Cum Laude, from the University of Tennessee at Chattanooga, an M.S. in Data Science from Southern Methodist University, and is a Ph.D. student in Economics at the University of Reading. He also holds the Certified Analytics Professional, American Statistical Association Graduate Statistician, and AWS Certified Solutions Architect – Associate certifications. An avid conference speaker, Andrew has appeared as a speaker at numerous conferences presenting on open source audit analytics, machine learning, and emerging technologies.
Icon
Trony Clifton
CEO, BNY Mellon Bank

Information Security Professional PCI-QSA, CISA, CISM, CGEIT, CRISC, CPA Relevant experience in payment solutions: Mellon Financial Services New Jersey – Audit Director: Responsible for managing operational and information technology audit function for Buck Consulting, Buck International, HR Total Benefits Outsourcing and managing IT Audits for Dreyfus, and Mellon Investor Services. Scoped and managed all financial, operational and IT audits using both COSO and COBIT methodologies.
Prescott Coleman
Prescott Coleman
Director – Global IT Audit, IHS Markit

Prescott has done work from every “column.” In addition to internal auditing, he was a production floor manager, ran treasury and investments for Colorado’s third-largest city, and guided universities in the U.S. and Canada to develop effective brand marketing programs. In auditing, he served on the global audit leadership team of one of the UK’s largest insurance companies and worked to build world-wide consistency from their London headquarters. He built their U.S. IT Audit practice and created a team that consulted on new projects and initiatives. In 2009, he became the first Chief Internal Auditor for Denver Water, the most significant water utility in the western U.S., and over a 10-year period, helped it dramatically transform its operating and control environment. It was at Denver Water, while immersed in the organization’s uncompromising and highly successful “Lean journey,” that Active Auditing was born. Prescott is now the global IT Audit Director at IHS Markit, where he is starting to implement many of the tools and techniques from Active Auditing.
Diego Curt
Diego Curt
Deputy Chief Information Security Officer, State of Idaho

Prior to June 2019, Diego was the State of Idaho’s Deputy Chief Information Security Officer and did more than set state-wide policy and direction to protect information system assets. Using his more than 7 years IT Auditing and Performance Improvement experience within his 25-year IT career, he’s determined to apply and combine his unique education and experience in cybersecurity to simplify the implementation of major control frameworks such as NIST SP 800-53. Diego and a team of state agency personnel developed the State of Idaho’s first state-wide Incident Response capability based on best-practices. Diego is married to his best friend Dina and has three children all over 18 years of age. Diego is a U.S. Coast Guard veteran and loves to go out for a ride on his Harley when he can get the chance.
Icon
Tanner Duncan
Manager, Charles Schwab

Graduated from the University of Utah with a master’s degree in accounting. Worked in the Advisory IT Audit practice at Ernst & Young for about 3 years focusing on integrated financial audits and SOC reporting. Currently (4+ years) an IT Audit team manager at Charles Schwab focusing on SOX and ICOC compliance audits. Is a CPA and CISA.
Todd Fitzgerald
CISO, Cybersecurity Leadership Author, CISO Spotlight, LLC

Todd Fitzgerald has built and led information Fortune 500/large company security programs for 20 years. He was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books- CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), Information Security Governance Simplified: From the Boardroom to the Keyboard, ground-breaking CISO Leadership: Essential Principles for Success, E-C Council Certified Chief Information Security Officer Body of Knowledge and contributed to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.
David Foote
David Foote
Chief Analyst & CEO, Foote Partners, LLC

David Foote is co-founder and chief analyst at Foote Partners, headquartered in Vero Beach, Florida. A tech labor trends benchmark research pioneer and one of the most quoted industry authorities on global technology workforce evolution, he has spent more than two decades introducing groundbreaking data-driven benchmark research techniques and innovating industry practices for more accurate tech compensation benchmarking and tracking/forecasting of tech skills supply and demand. He built his reputation at Gartner and several Silicon Valley companies prior to co-founding Foote Partners in 1997. There he leads a senior team of analysts, consultants and researchers in publishing continuously updated quantitative and empirical tech labor research supported by close research partnerships with 5,470 employers in the United States, Canada, and Europe.
Benny Forer
Benny Forer
Deputy District Attorney, Los Angeles District Attorney’s Office

Benny is a veteran criminal prosecutor with experience prosecuting cases ranging from narcotics offenses to gang murders to complex white-collar crime. Currently, as a member of the prestigious Cyber Crime Unit, his job focuses on complex technologically based crimes and sex crimes, including child pornography, solicitations of minors and other cyber-sex crimes. Benny is also a Lecturer in USC’s Viterbi School of Engineering, teaching Cyber & Privacy Law to undergraduate students. The course is geared toward helping forensic professionals identify potential privacy pitfalls, as well as assisting pre-law students in understanding legal issues. Additionally, Benny is an internationally recognized and experienced lecturer, lecturing on matters pertaining to being a District Attorney. Topics he has lectured on include: criminal justice, criminal procedure, privacy concerns, constitutional issues, sex crimes, complex fraud and white-collar offenses.
Egdares Futch
Egdares Futch
IT Specialist, Inter-American Development Bank

Egdares Futch works as an IT Security Specialist in charge of Information Security – Access Management at the Inter-American Development Bank in Washington, DC. He was previously Regional Solutions Architect, Cloud IT and Disaster Recovery for Cable & Wireless Business Solutions in Central America, Colombia, and the Caribbean region. Strong background in IT governance in the financial sector, overseeing IT strategy and service delivery for a regional development bank in the Central American region. Named CIO of the Year (2008) by IT Now Magazine, primarily for leading the Business Continuity and Core Banking system renewal projects. Speaker for various international conferences in Colombia, Mexico, Guatemala, Honduras, and Costa Rica, as well as the TEDx conference in Tegucigalpa, Honduras. He has taught for more than 25 years as Computer Science professor at universities in Guatemala and Honduras.
Mariano Granella
Mariano Granella
Software Development Lead, Chevron

I graduated as IT Engineer in 2008 in UAI University of Buenos Aires. I have been working for 15+ in Software development in several technologies from MS .Net to Java and hybrid frameworks like Cordova and Ionic for desktop, web-based and mobile devices. I developed software for several industries like automotive, health and, oil and gas. I am currently leading a team of developers at Chevron Houston headquarters and creating mobile and web-based platforms for field workflow enablement.
Reg Harnish
Reginald Harnish
Executive Vice President, Center for Internet Security

Reg Harnish is a serial entrepreneur, nationally-recognized speaker, author and an Executive Vice President at the Center for Internet Security. Reg is also a founder of GreyCastle Security, the cybersecurity industry’s leading provider of risk, compliance, certification and privacy services. Reg has been practicing cybersecurity for nearly two decades. His experiences, skills and perspectives have established him as a highly-respected thought-leader. Reg is regularly featured in Time Magazine, Forbes, The Washington Post, CBS Nightly News, CIO Magazine, Dark Reading, Software Magazine, ComputerWorld, InfoWorld and countless other media outlets. Reg is a nationally-recognized speaker and has presented at countless industry and security conferences. His thoughtful and sometimes provocative perspectives on leadership and cybersecurity have made him a highly sought-after keynote speaker.
Guy Herbert
Guy Herbert, CISA
Risk Futurist, Atlassia

Guy has over 25 years working in Risk, IT and Technology across the Finance, Telecommunications, Pharmaceutical and Software industries. He has managed risk, compliance, audit and technical delivery teams during this time. Guy has been thinking of better ways for Atlassian to manage IT Risk and Compliance since Sept 2013. Atlassian is an Australian company started 17 years ago that builds software to help teams work better together – products include Jira, Confluence, Bitbucket, Trello, Statuspage and Opsgenie.
Robert Herman
Robert Herman
Risk Assurance Director, RSM

Bob is a Director with over 23 years of experience assessing, designing, and implementing internal control and process improvement solutions. As the leader of RSM’s Risk Consulting Intelligent and Robotics Process Automation practice, Bob is tasked with helping both RSM and our clients become more “digital” as it relates to the assessment and performance of internal controls. Bob has been trained on Automation Anywhere, UiPath, Virtual Operations VOLT RPA implementation methodology and is familiar with other automation tools and techniques. To date, Bob has lead the design and implementation of 50+ “bots” primarily in the areas of controls performance and controls validation to help improve and automate repetitive tasks performed by the 1st, 2nd and 3rd lines of defense. He also has experience in most industries including industrial products, retail and consumer, banking, pharmaceutical, energy, and high tech. Bob has spoken at multiple conferences and training sessions on the topic of SAP security and controls, project assurance and intelligent and robotics process automation.
Icon
Kevin Jackson
CEO, CISO, Cyber Services

Visionary Chief information Security Officer (CISO), virtual CISO, and cybersecurity expert. Experienced Enterprise Architect and Business Intelligence implementation expert. Business Management Leader with a diverse background in information systems development and integration, hardware/software engineering, management consulting, and project management. Experienced in government and commercial sectors including pharmaceuticals, finance, defense, healthcare, manufacturing, telecommunications, and academia.
Luis Jugo
Luis Jugo
Oversight Audit and Compliance Lead Specialist, Inter-American Development Bank

MBA, CISA, CIA, CRMA, CCSA, PMP Audit professional with 17 years’ experience reviewing business processes, information systems, and applying data analytics techniques. Since 2010, Luis works in the Internal Audit Department of the Inter-American Development Bank (IDB), where he orchestrated and led the Data Analytics Strategy improving internal audits’ efficiency and effectiveness, innovating products and services, and expanding the audit coverage. Prior to joining the IDB, Luis was a Business and Processes Improvement Manager in PricewaterhouseCoopers (PwC), where he led audit and consulting projects in multinational organizations. Luis is a System Engineer with a master’s in business administration.
Icon
Vishal Kalro
Director, Technology Audit, Adobe

Vishal is a Director at Adobe and leads the Global Technology Assurance & Advisory function. Vishal has over 14 years of professional experience leading and delivering on Risk Management, Technology Audits and Cybersecurity related initiatives. Graduate of RMIT University, Melbourne with CISA, CISSP and CCSK certifications. He has been a contributor to frameworks and articles related to Security Assurance & Compliance, along with presenter at conferences like RSA
Icon
Leslie Larson
Director, Global Risk & Compliance, Cott Corporation

Leslie Larson joined Cott Corporation in Tampa, FL in 2008. Cott is a leading North American and European water, coffee and coffee extracts, tea and filtration solutions service company. She works in the Internal Audit group as Director, Global Risk and Compliance. Her primary responsibility is to ensure that the companies Cott owns or acquires fulfill internal and external requirements in the areas of risk management, including enterprise risk, fraud risk, and cybersecurity risk, and compliance activities, including ethics, compliance training, SOX, PCI, data privacy, and corporate policy compliance. In 2018 she was a key member of the preparedness taskforce for implementation of the General Data Protection Regulation (GDPR) for Cott’s European business units. Current areas of focus are the California Consumer Privacy Act, implementation of a global ethics and compliance training program, development of a fraud risk framework, and rollout of a global Anti-Bribery and Corruption and Anti-Money Laundering Policy. Leslie is a CIA, CISA, and CFE. She spends much of her time traveling the world to visit all of Cott’s business units.
Icon
Lena Licata
Director, All Alumni Events LLC

Lena Licata is a Director specializing in Process, Risk, and Technology Solutions (PRTS), with more than 15 years of experience that includes public accounting and private industry. She assists clients primarily in the financial services, pharmaceutical and energy industries, providing a host of IT audit and risk services. Lena helps ensure controls are working properly and business process documentation is current, through annual risk assessment and internal control testing. She identifies and evaluates control deficiencies and designs remediation efforts for the short and long term. In addition, she performs various services related to business process improvement and financial compliance projects. Prior to joining EisnerAmper, Lena was an information risk and security consultant. Her previous experience also includes serving in the pharmaceutical industry as an IT Internal Audit Senior Manager as well as a Manager in Information Technology Advisory Services at EY, where she was involved with identity and access management remediation, vendor risk management projects and internal audit co-sourcing engagements.
Icon
Clarissa Lucas
Audit Director, Nationwide Insurance

Clarissa Lucas is an IT Audit Director for Nationwide Insurance in Columbus, OH. She has been with Nationwide for seven years, holding roles in Internal Audit, Enterprise Risk Management, and Corporate Compliance. Prior to joining Nationwide, Clarissa worked in Audit and Compliance at Huntington Bancshares and the Bank of New York Mellon. She is a Certified Internal Auditor and a Certified Investments and Derivatives Auditor.
Icon
Carbon Lundgren
Data Center Infrastructure Administrator, Intermountain Healthcare

Carbon Lundgren, CISA, brings a unique perspective to securing IT assets that carry your data. With a background of 50 years in physical security, his career has now taken him to the position of lead security specialist for a world-renowned health care company with over 600 data areas to secure. Carbon has been heard to say, “I have a criminal mind”. Using the criminal mindset, Carbon has developed a best practices protocol that is becoming widely accepted by industry and governments. Some of the skills Carbon has learned is lock picking, and that of a professional safe-cracker. These skills directly relate to establishing physical barriers that will prevent hackers and terrorists from beginning their attacks inside the firewall. Carbon’s knowledge directly relates to several areas of COBIT: Appendix A: Mapping Pain Points to COBIT Processes and NIST: Table D-1: Mapping Access Control Requirements to Security Controls.
Icon
Mark Lundin
Partner, BDO

Mark Lundin is an audit and consulting partner with 20 years of audit, risk management and compliance experience focused on online, cloud and highly regulated businesses. He is currently cloud, security and privacy assurance partner at BDO. He previously built and led a cloud and security assurance practice for KPMG and he has worked with many top tier cloud and rapid growth technology companies to help them address security, privacy, risk management and compliance challenges. His certifications include CISSP, CIPP, CISA and CPA. He has led and served on various ISO, AICPA and industry standards committees focused on security.
Alain Marcuse
Alain Marcuse
Director, Security and Privacy, RSM US LLP

Alain provides security and privacy consulting to clients in a broad spectrum of domains, including privacy governance, security assessments, risk management, penetration testing, compliance frameworks and strategic advisory services. He serves as national lead for Data Privacy consulting services, supporting client teams with a wide range of compliance program matters for GDPR, CCPA, and other privacy regulations. He has also led large-scale engagements to design and develop the security programs for some of the country’s largest corporations, developing cost-effective security program road maps that demonstrably improve the organization’s maturity. He has also led major litigation support security engagements following some of the most visible data security breaches, supporting legal counsel with comprehensive assessments leading to dismissal of class and regulatory actions. He focuses primarily on retail, health care and financial organizations. Alain has 30 years of experience in a wide array of information systems, information security, and data privacy disciplines. Alain leads RSM’s security and privacy risk consulting practice in New England and RSM US’s data privacy service offerings nationally. He is a frequent presenter at a variety of industry organizations, panels and webcasts, as well as a frequent contributor to various publications.
Icon
Manish Mehndiratta
Director, Digital Modernization, Sage IT Inc

As the Principal Architect for the Digital Modernization GTM Practice, Manish is the leader for the organization covering digital and data technology. He is focused on solving business problems through appropriate application of technology. He has over 13 years of experience in designing and building implementations that allow for business agility and future scalability needs. Manish is well versed with Enterprise Integration Patterns, Microservices, Micropatterns, Cloud, DevOps Automation and CI/CD. As a TOGAF certified architect, Manish is recognized in industry as a thought leader and is a member of the Forbes Technology Council. He has published numerous articles on topics including Data Virtualization, Event-driven Microservices, and Digital Transformation.
Icon
James Meyer
Senior Security Consultant, Coordinated Response

Jim Meyer, CRISC, CISM Jim Meyer is an Information Security Consultant with over 4 decades experience in the information technology field. Jim has extensive experience with software engineering and product management working on everything from database applications to document management and business process management solutions. In the past 10 years Jim’s security focus has grown from application and database security to information security and cyber response. Jim Meyer earned a B.A. in Mathematics from Tufts University and an M.P.S in Cybersecurity from University of Maryland Baltimore County.
Steven Minsky
Steven Minsky
CEO, LogicManager

Steven Minsky is the CEO of LogicManager and the author of the popular RIMS Risk Maturity Model framework and assessment tool. Steven has presented both strategic and tactical sessions at a variety of conferences, including ISACA’s 2018 & 2019 North America CACS Conference, the IIA’s All Star Conference, the IIA & ISACA’s GRC Conference, American Bankers Association’s Risk Management Conference, the RIMS Annual and ERM Conferences, and the Risk Management Association (RMA)’s GCOR series. He has led educational webinars on a variety of risk-based topics for groups like OCEG, RIMS, PCIAA, and hosted board-level training sessions for many LogicManager customers. Steven is also a patent author of risk and process management technology and holds MBA and MA degrees from the University of Pennsylvania’s Wharton School of Business and The Joseph H. Lauder Institute of International Management.
Robert Morgan
Robert Morgan
Director, IT Audit, UT Health Science Center at San Antonio,CISSP, CISA, GSNA, OCP

Robert Morgan (CISSP, CISA, GSNA, OCP) is the Director of IT Audit at the University of Texas Health Science Center at San Antonio. Over the last 20 years, Robert has held a variety of senior operations, security architecture, and internal audit roles within both US state and federal organizations as well as private banking and cloud computing companies.
Icon
Steve Murdock
Audit Director, Nationwide Insurance

Steve has over 20 years of Audit and Risk Management experience. Currently a Director in Nationwide’s Internal Audit Department, Steve is responsible for leading teams and navigating through a variety of complex Audit engagements and working with various business units and other lines of defense. After starting his career at PwC, Steve has been at Nationwide for 17 years, progressing through a variety of Internal Audit and Compliance roles. Steve holds the CISA, CPA, and PMP certifications.
Michael Nathanson
Michael Nathanson
Sr Mgr, Internal Controls, Charles Schwab

Graduated from the University of Illinois with bachelor’s degrees in accounting and finance. Worked in the Advisory IT Audit practice at Ernst & Young for 3.5 years focusing on integrated financial audits and SOC reporting. Spent the past 4.5 years redeveloping Charles Schwab’s IT and business process audit strategies for the SOX and ICOC compliance audits. Is a CPA and CISA.
Andrew Neal
Andrew Neal, CISM, CRISC
President, Information Security and Compliance, TransPerfect

Andrew Neal is an executive and practitioner in the information security community. Advising on data privacy, security and litigation projects for internal and external clients around the globe, he serves as a trusted subject matter expert for business leaders and legal professionals. Andrew leverages 30 years of business, technical and risk management experience to build programs, lead teams and execute projects internally at TransPerfect and across a wide range of client organizations. An effective communicator and engaging speaker, Andrew presents at international conferences and seminars, and teaches at major universities. He is active in several professional organizations, focusing his efforts on the development of professional standards and the mentorship of other professionals. Living in Dallas, Texas, Andrew currently leads the Information Security and Compliance Services division at TransPerfect, a global business services company.
Icon
Brett Osborne
CISO, InfoSecurity Master Consulting

Brett has been in information security for over 20 years. Brett has been tasked to a number of roles from firewall engineering to ISSO, and beyond-including managing security program for several systems in development. Most of this experience is within US Government or Military, but also beyond. Brett has utilized a number of security framework including HIPAA, FISMA, PCI DSS and others. Brett has covered systems from small and low security up to highly complex and nationally essential.
Icon
Pam Nigro
Sr Director of Information Security, Health Care Service Corporation,CRMA, CISA, CGEIT, CRISC

ISACA Board Director Pam Nigro, CRMA, CISA, CGEIT, CRISC, is the Sr Director of Information Security focusing on the GRC practice at Heath Care Service Corporation (HCSC), the fourth largest health insurance company, where she is responsible for information technology/information security risk and compliance testing. Successively, she inaugurated automated IT and cybersecurity controls/testing/analytics program for Agile/DevSecOps, and designed compliance checks in a digital chain of custody for transparency of code movement through the release pipeline to enable compliant code release velocity for the five Blue Cross Blue Shield Plans Illinois, Texas, New Mexico Oklahoma, and Montana, which comprise HCSC. Prior to HCSC, Nigro joined the Systems and Process Assurance (SPA) practice at PwC where she served both audit and non-audit clients. She is a recognized subject matter expert in HIPAA, HITRUST, SOC 1, SOC 2, Sarbanes-Oxley (NAIC-MAR), and IT/cybersecurity controls and risk assessments. Nigro is also an adjunct professor at Lewis University in Illinois, USA, where she teaches graduate-level courses on information security, ethics, risk, IT governance and compliance, and management of information systems in the MSIS and MBA programs. At ISACA, Nigro held various board positions for the Chicago Chapter, including chapter president, and is chair of the ISACA Chicago Women’s Forum (SheLeadsTech). She is a frequent trainer for ISACA at both the chapter and international levels. She also served on the ISACA International Chapter Services Working Group. Nigro received her MBA from Stuart School of Business at Illinois Institute of Technology in Chicago, Illinois. She has more than 25 years of experience in the information technology industry and holds numerous IT certifications. Nigro is also a member of Toastmasters International and has held numerous Toastmasters leadership positions, culminating in her achievement of her “Distinguished Toastmaster” award. She is a frequent speaker at industry conferences such as ISACA’s CACS and CSX events, ISACA and The IIA’s Governance, Risk and Control (GRC) Conference, IIA’s All-Stars Conference, and local ISACA and IIA chapter meetings.
Ali Pabrai
Uday Ali Pabrai
CEO, ecfirst

Ali Pabrai is a renowned, globally recognized, cybersecurity expert and member of Infragard (FBI). He is a top-rated dynamic speaker. Mr. Pabrai is the chief executive of ecfirst, a compliance and cybersecurity company. ecfirst is an Authorized HITRUST CSF Assessor. Ali served on the HITRUST Assessor Council. Mr. Pabrai is the author of several published works. He is a member of the FBI InfraGard and has served numerous U.S. government agencies in several engagements.
Fabrizio Papi
Fabrizio Papi
OVSGT Audit & Compliance SR Specialist, Inter-American Development

Fabrizio Papi has more than ten years of experience in providing assurance and advisory services across international multilateral organizations. Fabrizio’s expertise includes IT and process auditing, cybersecurity, and data analytics. He’s passionate about emerging business technologies and promoting awareness on the topic. Fabrizio is a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Internal Auditor (CIA), Project Management Professional (PMP), Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), and holds an MBA from the University of the Potomac.
Ben Phillips
Ben Phillips
Senior Manager – IT Assurance, Crowe LLP

Ben is a Senior Manager within the IT Audit Practice at Crowe LLP. He resides in Indianapolis, IN and is an active CPA and holds his CISA certification. With over 9 years of public accounting experience, his team specializes in SOC Examinations, Financial Statement Audits, HITRUST, PCI and Cybersecurity Assessment services. Outside of work, Ben enjoys travelling with his wife Brittany, staying active, and serving as a director and finance committee member of the Central Indiana ISACA Chapter.
Paul Phillips, CISA, CISM, MBA
Technical Research Manager, ISACA

Paul Phillips holds a bachelor’s degree in Accounting and an MBA with concentration in both Management and MIS. He also holds a Doctorate in Divinity from the Hope Seminary and Bible Institute. He is a Certified Information Systems Auditor and a Certified Information Security Manager. He has worked in corporate America in various capacities for 33 years. He has also worked as a part-time professor for several universities and other various institutions of higher learning for 17 years.
Icon
Ely Pinto
Dir IT Risk and Information Security, Third Party Security, American Express

Ely Pinto has over 20 years of experience in technology leadership and cybersecurity management in the financial industry. He currently serves as Dir of IT Risk and Information Security, Third Party Security for American Express. Prior to American Express, he served as the CISO for Bank Leumi USA and has held various positions in Information Security, software development, and Unix engineering. Additionally, Ely is a contributing author of technical security guidelines published by the Center for Internet Security.
Icon
Michael Podemski
Senior Manager, Advisory Services, EY

Michael is a Senior Manager in the Advisory Services practice of Ernst & Young LLP (EY). He has considerable experience in leading and managing cross-functional cybersecurity, risk transformation, and technology risk teams that deliverable exceptional client service. While at EY, Michael has focused on managing and delivering high-quality IT audit, attestation, and advisory services, while also recognizing that EY’s commitment to service quality extends to bringing relevant insights and industry experiences. Additionally, he has been recognized by his peers and teams as an outstanding mentor, coach, and instructor. Prior to EY, he has 15 years of experience that spans across various organizations and roles in Internal Audit and Information Technology. In addition to his role as a senior manager, he is the immediate past president of the Chicago chapter of ISACA where he serves as an advisor to the current president and other board members as well as assist in organizing events, chairing special committees, or researching responses to questions from the board. Besides his role as the immediate past president, he is an instructor for the CISA, CISM, and CRISC certification review courses. In addition to ISACA, he is a former Chicago KnowledgeNet co-chair for the International Association of Privacy Professionals.
Sajay Rai
Sajay Rai
CEO, Securely Yours LLC

Sajay Rai has more than 30 years of experience in information technology, specializing in cyber security, privacy, network architecture, business continuity, disaster recovery, IT audit and information risk. Mr. Rai is the Founder and CEO of Securely Yours LLC. Prior to starting Securely Yours LLC, Mr. Rai was a Cyber Security and Risk Partner with Ernst & Young LLP for 10 years. Mr. Rai also worked with IBM for 13 years, most recently serving as an executive of the national Business Continuity and Contingency consulting practice. He was instrumental in starting the company’s Information Security consulting practice. Mr. Rai co-authored three books titled “Security and Auditing of Smart Devices”, “Sawyer’s Internal Audit Handbook 6th Edition” and “Defending the Digital Frontier – A Security Agenda”. Mr. Rai serves on the board of ISACA’s Detroit Chapter and is the current President of IIA’s Detroit Chapter. He is also on the board of Society of Information Management’s Detroit Chapter. Mr. Rai is an adjunct professor at Oakland University and Walsh College. He is on the advisory board of Walsh College’s Accountancy Department.
Gideon Rasmussen
Gideon T. Rasmussen
Consulting Principal, Virtual CSO, LLC

Gideon Rasmussen is an Information Security Consultant with 20 years of experience in corporate and military organizations. Gideon has designed and led programs including Information Security (as a CISO), PCI – Payment Card Security, Supplier Assessment, Application Security and Information Risk Management. Gideon has authored over 30 information security articles. He is a veteran of the United States Air Force, a graduate of the FBI Citizens Academy and a recipient of the Microsoft Most Valuable Professional award. Gideon has also completed the Bataan Memorial Death March (4 occurrences).
Robert LaMagna-Reiter
Robert LaMagna-Reiter
CISO, FNTS

Robert LaMagna-Reiter is a leading, trusted Information Security expert. As the CISO for FNTS, Robert leads the information security program through risk management; strategy; architecture and engineering; regulatory compliance and IT governance; and adherence to policies. Leveraging 14+ years of expertise, Robert is also a strategic advisor, helping others to understand the value and return-on-risk to their enterprise through proper security strategy. He holds a number of industry certifications including: CISSP, CISM, CHP, PCIP & Security+. Robert’s past experience includes leadership roles in information security for transportation, government communications, retail, e-commerce and managed services industries. He holds a MBA and a Bachelor of Science degree in Management Information Systems from the University of Nebraska at Omaha.
Paul Ristvedt
Paul Ristvedt
Principle, Medtronic

Paul Ristvedt, CPA, CISA, Macc, has worked in compliance and audit for 15 years. Currently, I lead our IT SOX compliance among other responsibilities at Medtronic. My career began in PwC when SOX was being implemented and legislated. I have also worked at Patterson Dental (dental equipment wholesale), Nash Finch (food distributor) and more recently General Mills (food manufacturer). Outside of work, I enjoy participating or volunteering for Junior Achievement, Big Brother Big Sister, Habitat for Humanity, Toastmasters, Minnesota Data Analytics, and Feed My Starving Children.
Icon
Sudhakar Sathiyamurthy
Managing Director, Grant Thornton LLP

Sudhakar is an experienced leader with wide-ranging global experience in helping organizations and risk leaders plan and execute on their digital and cyber risk goals and strategies. His experience has been shaped by helping clients’ stand-up defensible, resilient and trustworthy cybersecurity and IT risk management solutions and articulating the value of cyber investments. Sudhakar’s leadership in cyber risk advisory spans more than 14 years, with a track record for excellence serving clients with nimble and practical cybersecurity and IT risk management solutions and growing business through standing-up new service capabilities and scaling-up existing capabilities.
Scott Shinners
Scott Shinners
Partner, RSM US LLP

Scott has over 28 years of professional experience in internal and external auditing, consulting, information technology management, business process improvement, and internal controls across a wide variety of clients in industries including manufacturing, consumer products, financial services, nonprofits, and other commercial entities. He also has experience providing leadership in the areas of internal audit, SAP and other ERP systems risks and controls, information technology controls, continuous audit, data analytics, information technology security, enterprise risk management, and corporate governance. Prior to joining RSM, Scott worked for a major consumer packaged goods food manufacturer, where he was a finance director in internal audit and most recently the finance director of global marketing. Before that, he was a senior manager for a Big Four accounting firm specializing in enterprise risk services including external audit, internal audit, SOX advisory and information technology internal controls. Scott has led teams across a wide variety of industries and for organizations of various sizes and served as the primary account executive for three large internal audit clients and two large public SEC manufacturing clients, running SOX, financial, operational and IT audits.
Icon
Sandy Silk
Director, Information Security Education & Consulting, Harvard University

Sandy Silk is the Director of Information Security Education and Consulting at Harvard University, Founder of Cyber Risk and Resilience Consulting, and a member of the Board of Advisors for the MS in Information Security Leadership at Brandeis University. She excels at bringing together executive leaders, business teams, and IT professionals to align cyber risk management with strategic priorities and culture, risk tolerance levels, and positive customer experience. Sandy is also involved in several WIT organizations and programs. Her prior information security career included positions with Fidelity Investments, Bose Corporation, and Wellington Management Company.
Icon
Glenn Tan
IT Audit Manager, McDonald’s Corporation

Audit leader with 19 years of technology and audit experience. Currently, technology and digital audit manager focused on addressing operational, compliance, security, and technology risks by conducting audits, utilizing data, and partnering with management. Audit focus areas include cybersecurity, privacy, cloud, data analytics, and fraud.
Mark Thomas
Mark Thomas
President, Escoute, LLC

As an internationally known governance, risk, and compliance expert in the areas of Cybersecurity, IT Service Management, Assurance and Audit, and IT Controls, Mark’s background spans leadership roles from CIO to Management and IT Consulting in several Federal and State Agencies, Private Firms, and Fortune 500 Companies. With over 25 years of professional experience, Mark has led large IT teams, conducted Service Management and information governance/risk activities for major initiatives, managed enterprise applications implementations, and implemented cybersecurity and governance processes across multiple industries using multiple frameworks including COBIT, ITIL and others. Mark is also a two-time recipient of ISACA’s John Kuyers award for outstanding speaker achievements.
Icon
Jen-Hao (Mark) Tu
Sr. IT Auditor, Thermo Fisher Scientific

Jen-Hao is a Sr. IT auditor in Waltham, MA, USA and has over 10 years of experience in Internal Audit and IT assurance services. Jen-Hao has participated numerous engagements in internal audit, ISO27001, and SOX compliance. He has served clients in the Oil & Gas, Semiconductor, and Real Estate sectors. He has also assisted private sector clients with control assessment at the enterprise and specific risk levels within various industry including Oil & Gas, Chemistry, Semiconductor, and Bio-tech.
Patricia Voight
Patricia Voight
Operational Risk Management, Wells Fargo

Patty Voight is an Operational Risk Management executive at Wells Fargo. She is based out of New York City and has been working in the information technology and security field since 1992. Patty has held various technical and managerial positions in the financial services, insurance, telecommunications, and technology sectors. Patty graduated from the Florida Institute of Technology and earned her MBA from the University of South Florida. Patty holds certifications and licenses including CIA, CISA, CISSP, CISM, CCSP, CAMS, CFE, CRISC, CRA, CGEIT, CIMP Ex, CDS Ex, CSX Fundamentals, Cybersecurity Audit and FINRA Series 7.
Icon
Brian Waage
Enterprise Architect, NYS Office of Information Technology Services

Brian Waage is an enterprise architect with over fifteen (15) years’ experience in public sector IT. He specializes in IT/Business alignment, enterprise IT transformation, and information security. His major career accomplishments include leading a major SOA transformation program, architecting various enterprise application implementations and authoring multiple agency policies, standards and guidelines. His current focus is on Enterprise Architecture modernization, Event Driven Architecture, DevOps and distributed identity management.
Talaya Waller
Talaya Waller
Waller & Company

Talaya Waller, B.B.A., M.B.A., D.B.A. is an international personal branding consultant and professor. In 2014, she founded Waller & Company to provide research-based, data-driven personal brand strategies for CEOs and industry leaders. Her forthcoming textbook entitled Personal Brand Management: Marketing Human Value will be the first of its kind on the subject in the academic market. Notably, in 2018, Dr. Waller was invited to present a TEDx titled “The Future of Branding is Personal”. She is also a visiting professor and has delivered personal branding lectures in the United States, Poland, Australia, Switzerland, Chile, South Korea, Brazil, and South Africa.
Icon
Jason Winters
Audit Director, Nationwide Insurance

Jason Winters is an Internal Audit Director at Nationwide Mutual Insurance Company, where he leads integrated audits focused on the Property & Casualty Insurance Operations and has been a key contributor in the development of Nationwide’s Audit Approach for coordinating assurance work across the three lines of defense. Working at a large corporation, such as Nationwide, Jason has learned that strong technical audit skills are only part of the equation; emotional intelligence is equally critical for sustained success as an auditor. Jason is a Certified Public Accountant (CPA), with 10+ years of audit experience (both internal and external), and began his career in public accounting, working within the external audit function at Deloitte. While at Deloitte, Jason also served as a facilitator for new hire training sessions. Jason is a graduate of Ohio University, with a bachelor’s degree in Accounting.
Icon
Petrina Youhan
Deloitte & Touche LLP

Petrina is a CPA and CISSP, with 19 years of experience in finance, technology and risk & compliance. Petrina is a strategic leader, that advises clients across the second and third lines of defense. She brings a unique perspective, having held positions in industry, professional services and regulatory organizations. Petrina leads engagements to assess IT controls and advise clients on strengthening their control environments.
Act Quickly to Save US$400! Use Promo Code: NAC20FAL
Register now
FOR SPONSORSHIP AND EXHIBITOR OPPORTUNITIES
Contact ISACA’s Sponsorship Department:

Please address Sponsorship questions to: sponsorship@isaca.org
QUESTIONS
Contact ISACA’s Customer Experience Center:

Tel: +1.847.660.5505

https://support.isaca.org/
MEDIA INQUIRIES
Contact ISACA’s Communications Department:

Tel: +1.847.660.5512 or
+1.847.660.5564

The Future of Reality: AR versus VR

The following podcast publication compares augmented reality and virtual reality. The authors, Brendon Hales and Hayden White, provide an analysis of the strengths and weaknesses of reality-based technologies. A main takeaway from this podcast is the versatility of augmented reality within a work and educational environment. Virtual reality can also provide additional functionality within a gaming environment.

Please find the podcast below:

Download it here

Upcoming Event

ISACA 2018 North America CACS
Computer Audit, Control, and Security

CONFERENCE SCHEDULE AT-A-GLANCE

Saturday, 28 April
Time
8:00AM – 5:00PM
Registration Desk Open

8:00AM – 9:00AM
Workshop Breakfast

9:00AM – 5:00PM
WS1–COBIT 5 Foundation, Day 1
WS2–Cybersecurity Fundamentals, Day 1
WS3–CISA Cram Course, Day 1
WS4–Develop and Implement a Risk Management Process, Day 1

12:30PM – 1:30PM
Workshop Lunch

Sunday, 29 April
Time
8:00AM – 6:30PM
Registration Desk Open

8:00AM – 9:00AM
Workshop Breakfast

9:00AM – 5:00PM
WS1–COBIT 5 Foundation, Day 2
WS2–Cybersecurity Fundamentals, Day 2
WS3–CISA Cram Course, Day 2
WS4–Develop and Implement a Risk Management Process, Day 2

12:30PM – 1:30PM
Workshop Lunch

5:30PM – 6:30PM
Welcome Reception

Monday, 30 April
Time
7:00AM – 7:15PM
Registration Desk and Innovation Exchange Open

7:00AM – 8:30AM
Continental Breakfast

8:30AM – 10:00AM
General Session
Leadership Brief | Theresa Grafenstine
Keynote Address | Erik Wahl | The Spark and the Grind: The Discipline of Creativity

10:00AM – 10:30AM
Refreshment Break in the Innovation Exchange

10:30AM –11:45AM
111–Prepare for the Future of Internal Audit
112–Encryption: Lower Risk, Increase Compliance
113–Risk Assessments and Risk Management
114–Cryptocurrency Economic Attacks & Defenses
115–SSH Guidance – What Does it Mean to You?
116–Cloud Security Strategy & Considerations
117–The Art of Verbally Communicating
118–Practical Application of Qualitative Risk 1

11:45AM – 1:00PM
Lunch

1:00PM – 2:15PM
121–Additional Information Coming Soon!
122–Understanding & Preparing for Emerging Risk
123–Art of Performing Risk Assessments
124–Additional Information Coming Soon!
125–Sound IT Audit Based on FFIEC IT Booklets
126–Automated Compliance
127–Security KPI/Metrics for Senior Executives
128–Practical Application of Qualitative Risk 2

2:15PM – 2:30PM
Session Movement Break

2:30PM – 3:45PM
131–Machine Learning for Auditors – An Overview
132–Cloud Security Controls Revealed
133–Hidden Traps in Third-Party Risk Management
134–Cyber Resilience for the Changing World
135–Auditing in the Cloud: The Business Case
136–Securing and Auditing a Crisis Response
137–Board Director Concerns about Cyber & Technology Risk
138–Connecting the Dots: GLBA Risk Assessment

3:45PM – 4:15PM
Refreshment Break in the Innovation Exchange

4:15PM – 5:15PM
141–Contemporary Data Analytics Approaches
142–Active Directory for Auditors
143–Overview of Blockchain Technology
144–Why is Database Security so $^%# Difficult?
145–Rise of the Drones: Prepare Your Enterprise
146–Security Automation in Cloud Environments
147–Tips for Effective Presenting
148–Untangling the Spaghetti Diagram

5:30PM – 6:00PM
Spotlight Educational Sessions

6:15PM – 6:45PM
Spotlight Educational Sessions

5:15PM – 7:15PM
Networking Reception in the Innovation Exchange

Tuesday, 1 May
Time
7:30AM – 4:00PM
Innovation Exchange Open

7:30AM – 5:00PM
Registration Desk Open

7:30AM – 8:30AM
Continental Breakfast

8:30AM – 9:45AM
211–Innovating Audits with Data Analytics
212–Build and Understand Tabletop Exercise
213–Prepare for Blockchain Disruption
214–Determining Your Cyber Score Using NIST
215–Cyber Assurance Plan
216–Software Assurance Audit Program
217–How to Build & Grow Your IT Security Team
218–IT Risk Management for Everyone

9:45AM – 10:15AM
Refreshment Break in the Innovation Exchange

10:15AM – 11:30AM
221–Building Skynet for Audit & Risk Management
222–AWS Security Controls, Hardening the Cloud
223–BIA: The Root of Security & Recovery Plans
224–How COBIT Supports the Security Expert
225–The Next Generation in Data Mapping
226–Auditing Network Devices
227–The Hidden in Sight: Addressing the Cybersecurity Skills Gap
228–Managing Security with COBIT 5: Practical Guidance on Using the Framework

11:30AM – 12:45PM
Lunch in the Innovation Exchange

12:45PM – 2:00PM
231–21st Century Compliance: Continuous Audit
232–Auditor’s Guide to a Penetration Test
233–Container Security: Fake News or Opportunity
234–Insider Threat Investigation
235–Compliance in the Cloud
236–Zero Trust Networks for Audit & Compliance
237–Cybersecurity for Leadership
238–Building an Insider Threat Program

2:00PM – 2:15PM
Session Movement Break

2:15PM – 3:30PM
241–Data Visualization: Telling the Right Story
242–Assessing for Physical Security
243–Managing IT Risk Beyond Core IT
244–Defending Against the Insider Threat
245–Auditing Internet of Things (IoT) Processes
246–Innovation & Analytics in Audit
247–Insuring Your Cyber Assets
248–When HIPAA and Cybersecurity Intersect

3:30PM – 4:00PM
Refreshment Break in the Innovation Exchange

4:00PM – 5:00PM
251–IA Analytics PwC & Microsoft
252–Security Monitoring & Incident Response
253–Got Risk? Risk Management in M&A
254–SSH Keys—Lowest Cost, Highest Risk Tool
255–Control & Monitor Remote Access Pathways
256–Auditing Service Oriented Architecture
257–Cyber Across the Organization
258–Privacy by Design – Think Beyond GDPR

5:15PM – 5:45PM
Spotlight Educational Sessions

6:30PM – 9:00PM
Networking Evening: Additional Information Coming Soon!

Wednesday, 2 May
Time
7:30AM – 5:00PM
Registration Desk Open

7:30AM – 8:30AM
Continental Breakfast

8:30AM – 9:45AM
311–Additional Information Coming Soon!
312–Avoid Incident Response Pitfalls
313–Additional Information Coming Soon!
314–Beyond the Audit: NIST in Action
315–Cyber Security – Audit Smarter Not Harder
316–Understanding the Role of a Bank ISO
317–Cybersecurity: Getting the Business Engaged
318–IT Governance Effectiveness

9:45PM – 10:15AM
Refreshment Break

10:15AM – 12:00PM
Closing General Session
Leadership Brief | Robert Clyde
Keynote Address | To Be Announced Soon!

12:00PM – 1:00PM
Workshop Lunch

1:00PM – 5:00PM
WS5–Cybersecurity for Auditors, Part 1
WS6–Leverage Data Analytics in Internal Audit, Part 1
WS7–PCI Data Security Standard, Part 1

Thursday, 3 May
Time
8:00AM – 1:00PM
Registration Desk Open

9:00AM – 12:00PM
WS5–Cybersecurity for Auditors, Part 2
WS6–Leverage Data Analytics in Internal Audit, Part 2
WS7–PCI Data Security Standard, Part 2

7 Best Podcasts for Tech Enthusiasts

Most IT workers these days face some type of commute. Even if you work from home, there are times during the day when you listen to music or talk radio. With all the great offerings available today, why not listen to something that can not only entertain but can also increase your tech knowledge?

The resurgence of podcasts has added another option for listening choices. You can stream them, listen to them live or download them and listen to them at the time of your choosing. For technology workers and enthusiasts there are more choices than you have the time to evaluate, so CIO.com searched for the most informative and entertaining tech podcasts on the Web. So turn up the volume and check out these podcasts designed for techies who want to be entertained, informed and enlightened.

TED Radio Hour

TED’s acronym is what this podcast is all about: technology, entertainment and design. Based on NPR’s TED Talks, the TED Radio Hour is a weekly podcast that has been entertaining listeners since 2013. The shows presenter Guy Raz, brings together the best TED Talks on new innovation, inventions and human nature. The show format centers on a given topic that several presenters from around the globe then speak about from different perspectives. Raz will often have exchanges with the speakers to try and get to the heart of the matter.

Re/code Decode

In July Re/Code launched Re/code Decode hosted by its executive editor Kara Swisher. The podcast has featured interviews with Slack CEO, Stewart Butterfield, LinkedIn CEO Jeff Weiner and other prominent tech figures covering all topics trending in tech.

TWiT – This Week in Tech

Tech veteran Leo LaPorte leads the charge on what may be one of the most well-known and oldest podcasts having run for almost 10 years. Fans of the former TechTV star can join Leo and an assortment of industry leaders and journalists as they discuss trends in technology and current events.

The TWiT network also offers a host of other tech-related podcasts.

MacBreak Weekly

A spin-off of MacBreak, the MBW is for Mac and Apple lovers everywhere. Another TWiT show hosted by Leo LaPorte with, Rene Ritchie, Alex Lindsay, Andy Ihnatko and a bevy of industry journalists, covering all things Apple.

The TWiT network also offers a host of other tech-related podcasts.

Tech Stuff

HowStuffWorks.org offers the Tech Stuff podcast hosted by Jonathan Strickland and Lauren Vogelbaum. Their credo: “To demystify technology and discuss its impact on society.” Covering a wide array of tech topics like what is an EMP to the decline of Google+ to car hacking, these hosts keep it light and entertaining. This podcast is produced twice a week on Mondays and Wednesdays.

Note to self

Join host Manoush Zomorodi as he discusses how to use technology more purposefully. Produced by WNYC Studios, creator of other popular tech podcasts like RadioLab, the Note to self podcast focuses on the complications we face in the digital age. In each episode, Zomorodi tries to tackle a new problem indicative of the tech filled world we live in.

Accidental Tech

Listen in as these three, self-proclaimed nerds (Marco Arment, Casey Liss, and John Siracusa) discuss tech issues large and small, including more than a little Apple talk. The three hosts of Accidental Tech have a great repertoire, having all come from developer background, allowing them to really dig into highly technical issues while keeping it relatable to the listeners.

Previous Event

Gain the Knowledge to Move Ahead
Register for North America CACS 2017 Today!
Mark your calendar for 1 – 3 May 2017 and join us in Las Vegas, Nevada! Don’t miss the opportunity to earn up to 39 CPE hours and be a part of the top conference for IS audit and security professionals!

North America CACS 2016 was ISACA’s best rated conference ever and attracted record-breaking attendance. In 2017, we will continue to grow, improve and exceed expectations. The 2017 program will offer you more sessions to choose from, options for more advanced learning and enhanced networking opportunities. We’re bringing you more of what you want out of your conference experience. Our goal is to hear you say “that was INCREDIBLE!”

There has never been a more exciting time to be a part of this industry and it is crucial now more than ever for you to stay current in your field.  You can get all you need for that and more at the North America CACS 2017 Conference.

GROW YOUR NETWORK
You will have direct access to the leaders in the industry with our expert speakers in the breakout sessions and the leading suppliers in the Expo Hall.

ENHANCE YOUR KNOWLEDGE
This year’s program will offer topics that are current and timely, subject matter that is cutting edge, a thought-leadership perspective to today’s industry challenges as well as new ideas.

Previous Event

(ISC)2 Security Congress
Austin, TX, USA
September 25 – 27, 2017

(ISC)² Congress Agenda

First Session
8:00am – 5:00pm: (ISC)² Two-Day Training
8:00am – 5:00pm: (ISC)² Two-Day Training
8:00am – 5:00pm: (ISC)² Two-Day Training
8:00am – 5:00pm: (ISC)² Two-Day Training
8:00am – 5:00pm: (ISC)² Two-Day Training
8:00am – 4:00pm: ASIS Foundation Benefit Ride (offsite)
8:00am – 5:00pm: ASIS Pre-Seminar Programs
8:00am – 5:30pm: ASIS Certifications Reviews

Second Session
8:00am – 2:00pm: ASIS Foundation Golf Tournament (offsite)

Free Half-day (ISC)² CBK Training Seminar Previews:
8:30am – 12:30pm: CISSP-ISSMP
1:00pm – 5:00pm: CISSP-ISSAP
5:00pm – 7:00pm: (ISC)² Town Hall [(ISC)² members only]
5:00pm – 6:00pm: Young Professionals Reception
7:00pm – 9:00pm: ASIS Welcome Reception

For all Saturday and Sunday Educational Programs and Clinics before Security Congress, you do not need to purchase a full conference pass.

Third Session
7:45am – 9:00am: ASIS Opening Ceremony
9:00am – 4:30pm: 1st Day Exhibit Opens
9:00am – 4:30pm: (ISC)²/ASIS Career Pavilion
11:00am – 12:00pm: Conference Sessions
12:00pm – 1:30pm: Networking Luncheon (Included in Full Registration and Single Day registration. Additional tickets available for purchase)
1:45pm – 3:00pm: Conference Sessions
4:30pm – 5:30pm: Conference Sessions
7:00pm – 9:00pm: ASIS President’s Reception

Fourth Session
8:00am – 9:00am: ASIS Keynote Speaker – Ted Koppel, Journalist, Author
9:00am – 4:30pm: Exhibit Opens
9:00am – 4:30pm: (ISC)²/ASIS Career Pavilion
11:00am – 12:00pm: Conference Sessions
12:00pm – 1:30pm: Networking Luncheon (Included in Full Registration and Single Day registration. Additional tickets available for purchase)
1:45pm – 3:00pm: Conference Sessions
4:30pm – 5:30pm: Conference Sessions
6:00pm – 9:00 pm: (ISC)² Member Attendee Party – Kings Bowling

Fifth Session
8:00am – 9:00am: Keynote Speaker – Elliott Abrams, Senior Fellow for Middle Eastern Studies, Council on Foreign Relations
9:00am – 3:30pm: Last Day of Exhibit
9:00am – 3:30pm: (ISC)²/ASIS Career Pavilion
11:00am – 12:00pm: Conference Sessions
12:00pm – 1:30pm: Law Enforcement/Military Appreciation Luncheon (Included in Full & Single-day registration. Additional tickets available for purchase.)
1:45pm – 2:45pm: Conference Sessions
3:30pm – 4:30pm: Conference Sessions
6:00pm – 10:30pm: (ISC)² Americas ISLA Awards Dinner (by invitation)
7:00pm – 10:00pm: ASIS Foundation Event -(offsite)

Sixth Session
8:00am- 9:00 am: (ISC)² General Session – TBA
9:30am- 10:30 am: ASIS General Session
11:00am – 12:00 pm: ASIS General Session
12:00pm – 2:00pm: Closing Luncheon, Keynote Speaker – Dr. Beck Weathers, Survivor of the 1996 Mount Everest Tragedy and Inspiration for the Major Motion Picture, Everest