DATE: December 5, 2018
EVENT: Information Technology All Star
Speaker Event
LOCATION: Terminal City Club, 837 W Hastings
St, Vancouver, BC V6C 1B6
Event Background:
Internal audit has a critical role in helping organizations in the
ongoing battle of managing various IT risks and threats, both by
providing an independent assessment of existing and needed controls
and helping the audit committee and board understand and address the
diverse risks of the digital world.
This full-day session will look at possible approaches and techniques
that can be used by organizations to effectively manage IT risks,
including discussions on current and emerging risks associated with
cyber security and how Internal Auditors can work with the business
units to manage these risks.
This session also includes an interactive panel
discussion with IT subject matter experts on areas relating
to Internal Audit’s role in managing cyber security risks.
Our presenters for this all-day event have a wealth of experience
when it comes to both IT operations and IT audit. This event is a must
for all Internal Auditors regardless of experience.
SESSION INFORMATION AND SPEAKER BIO'S
Topic #1: Effective Management of Cyber Security Risks
What is involved in building a cyber security program within a tech
company? What are the frameworks that organizations leverage and what
influences their choice of framework? Learn about security from
someone who has built security programs in leading tech companies.
Find out the role of audit organizations in cybersecurity, what’s next
with new privacy regulations being adopted around the world, and
possible future opportunities where security professionals and
auditors can work together to improve cybersecurity.
Presenter:
Heidi Martin, Director of Information Security at Clio
Heidi Martin is the Director of Information Security at Clio. She
leads a team of software developers and engineers who work to keep
ahead of the risks to Clio and match the pace of a fast growing,
industry leading legal tech company. Heidi spent many years in the San
Francisco area guiding such companies as Sephora and Airbnb in
developing and maturing their security programs. Prior to that, Heidi
worked at Apple and built critical security services for platforms
including the iPhone and iPad, the App Store, and the Apple Push
Notification Service. In Heidi’s 14 years in the security field she
has helped navigate a number of regulatory requirements including
PCI-DSS, Webtrust for CA, HIPAA, and recently led Clio through GDPR requirements.
Topic #2: "Internal Audit - My New Best Friend. An
Information Security Practitioner's Perspective."
Why Internal Audit can and should play an essential role in managing
cyber security risks of an organization, and how Information Security
and Internal audit can work in tandem.
Presenter
: Rishabh Bali
Rishabh Bali is an information security professional with more than a
decade of experience in setting up and leading diverse governance,
risk, and compliance programs focusing on Information Security and
Cybersecurity in various organizations throughout North America. He
has a Bachelor of Engineer degree in Computer Technology and is a
Certified Information Security Manager.
Topic #3:
How to Develop and Implement an Efficient and Effective Cyber
Security Program
This presentation describes what are the components of a
comprehensive cyber security program and how they integrate. It also
describes what the benefits of this approach are and the success
factors of implementing an efficient and effective cyber security program.
Presenter: Cinthia Diaz, CISSP, CISA, CISM, MBA
During her more than 20 years of experience in information and
operational technology, Cinthia has played numerous roles in the areas
of Cyber security, Governance, Risk Management, Compliance and Audit.
Cinthia has worked for consulting firms such as PwC and KPMG in
management, audit and advisory roles. She has successfully provided
consulting services for major oil and gas, pipeline and utility
companies. Currently, she works for BBA, a consulting engineering
firm, as a Lead of Industrial Control Systems Cybersecurity practice.
Topic #4: Vendor Risk Management - Striking a Balance Through
Cybersecurity Best Practices
Vendor risk management is receiving top billing within the industry
due to the increasing threats and risk associated within the supply
chain. This talk approaches the topic by discussing how threat begins,
where they ends and what you can do to lower the risk to your
organizations. As threats increase in frequency and sophistication,
it becomes more difficult to strike a balance while applying
cybersecurity best practices to lower the overall risk to your organization..
Presenter: Lisa Kearney, Director of Security
Lisa Kearney has enjoyed a diverse career working across domains in
security, risk and compliance for two decades. For over 10 years she
operated a cybersecurity consultancy working with hundreds of clients
around the globe and thereby building on knowledge and adding value
with each role. She’s obtained numerous security certifications and
clearances throughout her career and insists the key to success is be
curious and continue learning.
In her current role as Director of Security she is focused on the
creation of a product cybersecurity program which includes assessing
risks associated with vendor management and mitigation of these supply
chain threats.
Throughout her career, Lisa has been passionate about mentoring young
women interested in computer science and recently launched the Women
Cyber Security Society to address gaps women of all ages face within
this industry. The society’s mission is to bring women sharing an
interest in cybersecurity together, as a part of one global community.
Her aim is to empower, expand opportunities, provide support and
assist them in removing roadblocks and obstacles they may encounter
along the way.
Topic #5 Panel Discussion - IT/security risks/trends (such as
artificial intelligence, blockchain etc.)
Wrapping up the day will be a panel discussion that features all our
speakers and moderator Dominic Vogel. The panel will discuss their
predications for 2019 and beyond with respect to IT risks and the
ever-changing risk environment.
Moderator: Dominic Vogel
Dominic has an established track record as a cyber security leader.
He has a wide-range of experience overseeing numerous projects
including security strategy development, policy development, endpoint
security, and threat management in a multitude of industries
(financial services, logistics, transportation, government,
telecommunications, and critical infrastructure). Dominic actively
participates in the local Vancouver security community and is a
regular cyber security expert for Global BC (TV), CKNW (radio),
News1130 (radio), and the Vancouver Sun (newspaper).
Dominic is a firm believer in delivering sustainable security
that supports and protects business goals. Having worked within large
and globally diverse organizations he has extensive security
experience that has been forged over the past decade as an information
security professional.
Dominic is well regarded as a skilled communicator having been a
security blogger for the renowned IT website TechRepublic. He has
performed as a keynote speaker for BrightTALK Security Summits, Cyber
Security Summit West, Blancco Security Days, NYIT Cyber Security
Symposium, Calgary Cyber Security Congress, Youth Achieving Success,
Delta Chamber of Commerce, Vancouver Enterprise Forum, Vancouver
SecSIG, Vancouver ISACA, BC Aware Day, Launch Academy, Startup Canada
(Startup Chats), World Mining Summit, ISACA CSX North America 2016,
Business-in-Vancouver Digital Privacy & Security Series, Calgary
Cyber Security Congress 2017, RSA Conference 2017, and InfoSec World 2017.
Currently, in his role as Chief Security Strategist at Cyber.SC,
Dominic focuses much of his energy on helping start-ups and
small/midsize businesses solve their cyber security challenges. He
strives to provide practical cyber security advisory services to his clients.
REGISTRATION INFORMATION: To register, click link
Event Schedule: 9:00am – 5:00pm (Registration begins
at 8:30am)
Registration Fees
(Breakfast, lunch and light snacks will be provided):
- IIA members: $225
- Non-members: $240
CPEs: Total of 8 CPE credits
|