Events

Skating to the Puck to Improve Cybersecurity Jan 15

Click HERE to register.

Description:

In this presentation, Gregory Touhill will discuss today’s cybersecurity landscape. In a provocative and sometimes irreverent presentation, he’ll critically analyze substantive weaknesses in current cybersecurity tactics, techniques, and procedures and share thoughts on how national prosperity and security can and should be improved by taking a different approach to improving cybersecurity (i.e. “skating to where the puck is going to be rather than where it is”).

Speaker:

Gregory J. Touhill, CISM, CISSP, Brigadier General (ret) – President, Cyxtera Federal Group and ISACA International Board Director – LinkedIn

Gregory is president of Cyxtera Federal Group, Cyxtera Technologies, a secure infrastructure company which offers data center services and cybersecurity capabilities to federal agencies and departments (USA). In addition, he serves as adjunct professor of Cybersecurity at Carnegie Mellon University’s Heinz College. He serves on the boards of Bay Dynamic, Inc. and Cybersponse, Inc. as well as the Symantec Federal Advisory Board and Cyber Security Forum Initiative Advisory Boards. Prior to joining Cyxtera Technologies, he was selected by President Obama as the US government’s first Chief Information Security Officer. His other civilian government service includes duties as the Deputy Assistant Secretary, Cybersecurity and Communications at the United States Department of Homeland Security; and as Director of the National Cybersecurity and Communications Integration Center, where he led national programs to protect the United States and its critical infrastructure. He is a retired Air Force general officer, a highly-decorated combat leader, an accomplished author and public speaker, and a former American diplomat. He has received numerous awards and recognition, including most recently, the 2017 F. Lynn McNulty Tribute Award in recognition of his contributions to securing the nation from cyber threats and the 2016 Federal 100 Award for accomplishments as Deputy Assistant Secretary to improve public- and private-sector partnership to better manage risk.

CPE – 1 hour of CPE Available

 

 

 

News

Global Leadership Summit Notes

Every two years, ISACA chapters from around the world gather for the Global Leadership Summit to learn from each other and help set the direction of our international organization. Rebecca Harness, Administrative Vice President, represented ISACA St. Louis. Over 400 people representing over 80 chapters attended the three day convention, some traveling for 10-20+ hours!

Peter Weill, co-author of “What’s Your Digital Business Model” provided the opening keynote, and really opened our eyes to how successful businesses are transforming for the digital economy while others are struggling with traditional business models. This ended up generating quite a bit of conversation, as many of us discussed how the demand for new audit and compliance skillsets will continue to grow and further stress the shortage of talent within our industry.

After a brief lesson on Chicago history, the national representatives jumped right in to engage all of us on the digital transformation ISACA must make to remain relevant in an ever changing world. They then took this opportunity to showcase “engage.isaca.org,” the all new web site designed to engage, inform, and bring together our membership. If you haven’t checked it out yet, I highly encourage you to. There are volunteer opportunities, and forums where you can brainstorm with other members and ask questions to a really broad audience. There are some pretty active discussions out there. Very much worth a look.

ISACA is also launching a dedicated web presence to support our 50th anniversary. Check out ISACA50.org to learn more about our compelling history.

Speaking of web sites, there was a LOT of feedback about the national web site, and how difficult it was to navigate and engage with… especially for newcomers that may just be starting to learn about ISACA and GRC. There is a considerable effort going on to revamp that site, and we spent the next two days in brainstorming sessions to develop ideas for the national leaders.

Unfortunately, the feedback we received was that many of the changes would need to wait until a new CEO was named and able weigh in on the future direction of ISACA. In any event, major changes to our web presence and how ISACA engages with members new and old is likely to be a multi-year journey.

There are lots of exciting things on the way in the near-term though to help the local chapters, especially the smaller ones. A national committee was formed to create a number of initiatives to make running a local chapter easier and setting up new leaders for success. Most of it is expected to be delivered in 2019, but we have some training guides and other documents available to us now.

All in all, it was a fantastic event and provided an opportunity to learn from and engage with other chapters around the world!

Events

When Privacy and Cybersecurity Intersect Nov 14

2018 is shaping up to be a critical year for cybersecurity and privacy in the United States. In this session we will analyze four major forces that are disrupting the cybersecurity and privacy landscape. While these forces are impactful on a standalone basis, the combined impact when these forces converge will be even greater. The European Union’s (EU’s) General Data Protection Regulation (GDPR) that went into effect in May 2018 creating a stir by forcing US companies to comply and adopt privacy leading practices. Is Facebook’s Cambridge Analytica scandal accelerating the arrival of privacy regulations here in the US? Don’t miss this thought provoking and insightful session to better understand these forces and how they should influence your thinking in 2019 and beyond.

$25 registration includes breakfast and one hour of CPE. Click HERE to register.

Schedule:

  • Breakfast 7:30a-8:00a
  • Presentation 8:00a-9:00a

Presenter:

David Hartley (Principal, UHY LLP – St. Louis, MO)

Dave Hartley joined UHY in 2015 following six years serving as the VP/Chief Information Officer for Arch Coal, the 2nd largest publicly traded coal company in the US, and 20 years of Big 4 consulting and auditing experience. Dave serves as a ‘Virtual CIO’ and ‘Virtual CISO’ for clients helping with technology strategy and projects including strategic roadmap development, third party risk management including SOC reports, cyber risk assessments and cybersecurity programs, and digital transformation including cloud, mobile, etc.

Dave’s experience as a public company CIO combined with a background as a CPA and CISA enables him to bring unique insights into today’s technology, cybersecurity and business challenges. He is a frequent speaker at technology and cybersecurity conferences and seminars.

David was very active in the St. Louis ISACA Chapter back in the 1990s and served as Chapter President for the 1999-2000 program year. David is a repeat speaker having presented a highly rated session in January 2018.

 

ISACA STL Intersection Cybersecurity Privacy GDPR Dave Hartley UHY Advisors November 14 2018

Events

Roundtable & Breakfast Oct 17

Join us for a roundtable discussion about IT auditing and IT security. Our panelists will talk about how they started in the industry, typical internal audit or information security activities, and the differences between corporate internal audit and consulting. Whether you are thinking about entering the field, new to the profession, or have been around a while, come join us to learn about ISACA and the role we play.

Free to attend, but seating is limited. Click HERE to register.

Schedule:

  • Breakfast 7:30a-8:00a
  • Panel 8:00a-9:00a
  • Networking 9:00a-9:30a

Panelists:

Melissa Arter (Senior Manager, IT Security Governance – Enterprise Holdings)

Melissa Arter is a Governance, Risk and Compliance Senior Manager in the Information Security Office at Enterprise Holdings. Melissa holds a master’s degree in information technology management with emphasis in security and has 15+ years of experience ranging from IT operations and engineering to assurance, compliance, and risk management.

Tim Grace (Director, Information Security and Compliance – Clearent LLC.)

Mr. Grace brings more than 30 years of business experience delivering solutions that drive business innovation and change within world class organizations.  As a leader in the fields of information technology, cybersecurity, internal audit, compliance, and governance, Tim has brought best practices to global organizations and helped drive solutions that strengthen and enhance current practices.  Through innovation and process improvement, Tim has been able to drive change to ensure organizations remain focused on key business issues.  Tim’s deep information technology background and deep understanding of business processes allowed him to bring technology and business processes together.

Matthew Modica (CISO – BJC Healthcare)

As vice president and chief information security officer for BJC HealthCare, Matthew Modica is responsible for the strategic direction, planning and implementation of enterprise IT systems, business operation and facility defenses against security breaches and vulnerability issues. He has the responsibility for establishing, meeting and continuously monitoring the information security goals and objectives, while maintaining alignment with the strategic goals and priorities for BJC.

Jordan Read (Director of Internal Audit – Enterprise Bank & Trust)

Jordan Read is the Director of Internal Audit at Enterprise Bank & Trust. Jordan joined the company in 2014 to help in-source the internal audit function. Prior to joining Enterprise Bank & Trust, Jordan was a consultant at Ernst and Young in the advisory risk services group. His primary focus was internal controls over financial reporting. Jordan received his master’s degree in accountancy from the University of Missouri – Columbia.

Bill Sawyer (Director, Cybersecurity and Privacy – PwC)
Bill is a Director in PwC’s Cybersecurity and Privacy practice, where he assists clients across industries implement and operate the security controls necessary to protect their critical data and assets. Bill is a solution owner for several of PwC’s global solution offerings, including the Enterprise Security Architecture and Microsoft Identity and Access Management offerings.
%d bloggers like this: