Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, August 8
 

8:00am

Registration and Breakfast
Monday August 8, 2016 8:00am - 9:00am
Ballroom E

9:00am

Welcome and Chapter Presentation
Monday August 8, 2016 9:00am - 9:30am
Ballroom E

9:30am

Opening Keynote - NextWar: The Future of Technology and Geopolitics
NextWar: The Future of Technology and GeopoliticsRobots, Artificial Intelligence, Cyberwar, 3D printing, bio-enhancements, and a new geopolitical competition; the 21st century is being shaped by a range of exciting and scary new technologies.  Best selling author and consultant to the U.S. Intelligence Community, Hollywood film industry, and Call of Duty video game series, Peter W. Singer explores emerging trends that will shape the world of technology and security tomorrow.

Speakers
avatar for Peter Singer

Peter Singer

Author and Geopolitical Strategist, New America Foundation | | Peter Warren Singer is Strategist and Senior Fellow at the New America Foundation, Founder of NeoLuddite, a technology advisory firm, the Author of multiple award-winning books, and a Contributing Editor at Popular Science. He has been named by the Smithsonian Institution’s National Portrait Gallery as one of the 100 “leading innovators in the nation,” by Defense... Read More →


Monday August 8, 2016 9:30am - 10:30am
Ballroom E

10:30am

BREAK
Monday August 8, 2016 10:30am - 11:00am
Break Area

11:00am

Awareness and Preparedness: Building a Strong Cyber Security Workforce
There is an extreme shortage in the cyber security workforce and it's going to get worse! It is more important than ever to have a skilled cyber workforce that can detect, discern, protect and defend your information and information systems. Large or small, your cyber workforce must have the proper (KSAs) knowledge, skills, and abilities + attitude to carry-out it's mission.  It's time for a new strategy - come explore a proven strategy and life-cycle for cyber workforce and program development , i.e: strategic planning, workforce design, recruitment & selection, employee development and retention and succession.

Speakers
avatar for Stanton S. Gatewood

Stanton S. Gatewood

CISO, State of Georgia
Mr. Gatewood is Chief Information Security Officer for the state of Georgia. He leads GTA’s Office of Information Security Program Management, which unifies information security responsibilities for the state’s IT enterprise, the Georgia Enterprise Technology Services program, and GTA. He has more than 33 years of experience in cyber security programs for the U.S. military, state and federal governments, higher education... Read More →



Monday August 8, 2016 11:00am - 11:50am
Ballroom E

12:00pm

LUNCH
Monday August 8, 2016 12:00pm - 1:00pm
Ballroom E

1:00pm

Compliance and Security: This is War!!!
Speakers
avatar for Paige Needling

Paige Needling

President and Chief Executive Officer, Global Security Management Solutions, LLC
As the President and CEO, Paige Needling is responsible for the company’s information security governance, policy and procedure initiatives as well as IT Risk Management, Audit, and Certifications. Over the past 25 years, Paige has provided information security and privacy protection solutions for large-enterprise environments, managing and implementing information security policies, standards, and practices globally. She is a Project... Read More →


Monday August 8, 2016 1:00pm - 1:50pm
Ballroom B

1:00pm

Team GRC vs. Scrum: Agile Outside the Software Development World

How does a Governance, Risk and Compliance (GRC) team use the Scrum approach to complete work assignments in a non-software development environment? Scrum emphasizes collaboration, team self-management, and the flexibility to adapt to emerging business realities. We want to share with you through lessons learned and discussion how we are executing this agile technique. This presentation is for new users that are interested in Scrum concepts.

Learning Objectives:  Understand Scrum terms and basic principles; Utilize Scrum in a non-development environment; Learn how Team GRC is executing Scrum in a “user friendly” environment; Participate in a discussion and leverage “lessons learned";  Obtain other Scrum resources to assist you with implementation.


Speakers
LA

Laura A. Jones, PMP, PMP-RMP, CMQ/OE, CGPM

Risk Manager, Kimberly-Clark Corporation
Laura A. Jones is a results-oriented strategist adept at providing solutions for complex programs using formal risk management quality assurance methodologies. She has helped small businesses as well as Fortune 500 companies build out their quality assurance processes and risk management programs. Laura is a retired U.S. Army senior non-commissioned officer with 21 years of active duty service. She currently resides in the Atlanta, Georgia... Read More →
KJ

Kevin J. Morgan, MIS, CISA, CISM, CSM

Cyber Assurance Coordinator, Kimberly-Clark Corporation
Kevin J. Morgan is an information security and risk management professional with more than fifteen years of experience. He is a husband, a father and a “geek” who continues to learn, share and expand on his skills. Kevin’s career expands from leading technology audits to executing Computer Assisted Audit Techniques (CAATs) to applying information security best practices at leading organizations. He is an avid motorcycle rider... Read More →



Monday August 8, 2016 1:00pm - 1:50pm
Ballroom C

1:00pm

The Social Menace Social Media and Its Impact on Securing Sensitive Data
Speakers
avatar for Kevin Carpenter

Kevin Carpenter

Manager, Risk Advisory Services
PMP, CISA and QSA with over 12 years of Information Security experience Former Big 4 consultant specializing in enterprise risk, SOX, IT risk assessments, and vulnerability management. Designed and implemented projects across numerous industries including healthcare/life sciences, manufacturing, higher education, financial services, consumer products, retail, public sector, automotive and gaming/hospitality.



Monday August 8, 2016 1:00pm - 1:50pm
Ballroom A

2:00pm

CISO's First 120 Days - Expert Advice and Lessons Learned
Speakers
avatar for James Baird

James Baird

Vice President, IT Security & Compliance, American Cancer Society
James serves as the Vice President of IT Security & Compliance at the American Cancer Society. His role oversees all of the programs and processes involved with Information Security and technology risk management across the Society. His team works diligently to ensure that sensitive information used for Society business is protected from accidental or intentional misuse. Since his first role in IT in 1993, James has worked in the Information... Read More →



Monday August 8, 2016 2:00pm - 2:50pm
Ballroom C

2:00pm

InfoSec - Were Is Your Weakest Link?
Speakers
CB

Chris Berberich

Chris Berberich is a Penetration Tester/Senior Information Security Consultant at AARC-360. Chris has an extremely deep and solid understanding of applications, server and network security. Chris’ focus as a network administrator and penetration tester is managing corporate Internet infrastructure, systems, and network security - specifically operating systems, web application server, databases, interfacing, and data privacy. Chris has... Read More →
avatar for Neil Gonsalves

Neil Gonsalves

Neil’s passion is helping his team members achieve their personal and professional goals and building long lasting relationships with his clients.  Neil began his career with Ernst & Young (E&Y), where he performed what is believed to be the first SAS70 examination completed in India. He helped start the IT Audit and SAS 70 practice for E&Y India. After moving to E&Y’s U.S. practice, he was responsible for... Read More →



Monday August 8, 2016 2:00pm - 2:50pm
Ballroom B

2:00pm

ISMS: The Compliance Highway to Security Road
Speakers
DC

Diana Candela

Manager of Information Security - Governance, Risk & Compliance, Children's Healthcare of Atlanta
Diana Candela is the Manager of Information Security GRC for Children's Healthcare of Atlanta (Children’s) — one of the largest pediatric systems in the country.  The Information Systems and Technology (IS&T) department at Children’s delivers information, communication and insights through the use of advanced technology.  We utilize a reliable and robust infrastructure, integrated systems and a team of top... Read More →



Monday August 8, 2016 2:00pm - 2:50pm
Ballroom A

2:50pm

BREAK
Monday August 8, 2016 2:50pm - 3:10pm
Break Area

3:10pm

Auditing Agile Development Projects
Speakers
avatar for Jason Lannen

Jason Lannen

Jason Lannen is the founder and Managing Director at TurnKey IT Solutions, named the #11th fastest growing business from the University of Georgia, 2015 and 34th fastest growing business for 2016. He has more than twelve years of experience in the IT audit and compliance field across many industries including energy and utilities, cloud service providers, financial services, manufacturing, aerospace and defense, automotive, real estate, retail... Read More →


Monday August 8, 2016 3:10pm - 4:00pm
Ballroom A

3:10pm

Cyber Threat Modeling
Speakers
avatar for Bruno Haring, CISSP, CISA, CRISC, CITP

Bruno Haring, CISSP, CISA, CRISC, CITP

Director, PwC
Bruno is a Director and Market Leader with PwC's Cybersecurity and Privacy Solutions practice based in Atlanta, GA. With over twenty years of experience, both nationally and internationally, in information security, IT risk management, and IT transformation, Bruno helps Fortune 500 organizations navigate and address cybersecurity, IT and governance risks resulting in improved business performanceand value. Bruno focuses in emerging technology... Read More →
avatar for Karthik Ramakrishnan

Karthik Ramakrishnan

Manager, Cybersecurity and Privacy, PwC, LLC
Karthik Ramakrishnan is a risk consulting professional with over 8 years’ experience in different areas of risk consulting including IT risk, third party risk, operational risk, business continuity risk, etc. Karthik has extensive experience in helping global Financial Services, Oil and Gas, and Health Care clients develop and implement strategic IT programs and IT risk programs. Karthik effectively leverages his background in management... Read More →



Monday August 8, 2016 3:10pm - 4:00pm
Ballroom B

3:10pm

IAM Trends: The Need for a Programmatic Approach to IAM, Security, and EGRC
Speakers
PK

Paul Kohler

Paul Kohler is an IT professional with over 20 years experience in variety of disciplines.  He has spent the last 15+ years providing Identity, Security, and GRC Professional Services to various companies across multiple industries.  He joined S3 almost 10 years ago to deliver solutions that drive value and business advantage.  He has completed implementations in a dozen countries and his understanding of business process... Read More →
avatar for Johanna Thomas

Johanna Thomas

Johanna Thomas is a CPA with nearly 20 years of Professional Services experience.   She has vast experience in Identity, Security, and GRC and for over a decade has been the founder and guiding force behind Strategic Security Solutions (S3).  S3 provides targeted professional services expertise for various Fortune 500 companies.  Prior to S3, Johanna served in various roles including External... Read More →



Monday August 8, 2016 3:10pm - 4:00pm
Ballroom C

4:10pm

Building a Digital Governance Program
An approach to build a digital governance program within a large organization will be shared.  Discussion topics will include Digital Governance definition, benefits, group structure options, contents of a Digital Governance Policy, Digital Standard examples, Monitoring and Oversight, Social Media aspects, critical aspects, and tips for a successful program.

Speakers
avatar for Stacy Wiedman

Stacy Wiedman

A proven leader with excellent execution skills and progressive experience in operational risk management, information technology, and internal control compliance.  | | Driven to improve business processes and provide strategic value to the organization.



Monday August 8, 2016 4:10pm - 5:00pm
Ballroom C

4:10pm

Cybersecurity
Speakers
avatar for Johnny Lee

Johnny Lee

Johnny Lee is a forensic investigator, management consultant, and attorney, specializing in data analytics, computer forensics, and electronic discovery in support of investigations and litigation.  He also provides advisory services to companies working to address complex CyberSecurity and data privacy issues. Johnny is a frequent speaker, panelist, and contributor on issues involving CyberSecurity, eDiscovery, Data Analysis, Business... Read More →


Monday August 8, 2016 4:10pm - 5:00pm
Ballroom A

4:10pm

SDN Security
Speakers
avatar for Rebecca Finnin

Rebecca Finnin

AT&T
IT Security professional with extensive experience assisting organizations in mitigating data privacy and security risks. | | Specialties:Compliance Programs including Information Technology and Business Process Controls | System Implementation including Application and Architecture Security  | Internal and External Auditing



Monday August 8, 2016 4:10pm - 5:00pm
Ballroom B
 
Tuesday, August 9
 

8:00am

Registration & Breakfast sponsored by Simeo Solutions
Speakers
JB

Joe Breen

Simeo Solutions


Tuesday August 9, 2016 8:00am - 9:00am
Ballroom E

9:00am

TAG Cyber LLC presentaiton
Speakers
avatar for Ed Amoroso

Ed Amoroso

Chief Executive Officer, Tag Cyber, LC
Dr. Edward G. Amoroso is currently Chief Executive Officer of TAG Cyber LLC, a global cyber security advisory, training, consulting, and media services company supporting hundreds of companies across the world. Ed recently retired from AT&T after 31 years of service, beginning in Unix security R&D at Bell Labs and culminating as Senior Vice President and Chief Security Officer of AT&T from 2004 to 2016. Ed has been Adjunct... Read More →


Tuesday August 9, 2016 9:00am - 10:00am
Ballroom E

10:00am

BREAK
Tuesday August 9, 2016 10:00am - 10:30am
Break Area

10:30am

Lessons Learned from Bangladesh Bank Heist
Speakers
DA

David Allen King II

Dave King is a Senior Manager within UHY’s Internal Audit, Risk & Compliance group, where he is responsible for advising business and technology executives on cybersecurity, IT compliance, and operational risk management activities. Dave has over 15 years of experience in governance, risk, and compliance management with a strong focus on PCI-DSS, NIST, and COBIT 5 frameworks.   PROFESSIONAL EXPERIENCE • Tailored PCI... Read More →



Tuesday August 9, 2016 10:30am - 11:20am
Ballroom A

10:30am

Project Management 2.0 - An Introduction and Getting Ahead
Speakers
avatar for John Bowen

John Bowen

JOHN BOWEN is Senior Director of Global Partnerships for Computer Aid, Inc., responsible for expanding CAI’s international business presence.  In this role, he has led CAI’s international growth in Asia, Latin America, Europe, the Middle East and North Africa. Mr. Bowen has more than 35 years of IT management experience including executive leadership, technology management, IT integration, IT due diligence, strategic planning and... Read More →



Tuesday August 9, 2016 10:30am - 11:20am
Ballroom C

10:30am

Securing Your AWS Systems
Speakers
avatar for Nihat Guven

Nihat Guven

IT and Security executive focused on leveraging technology in a secure way to solve business problems. Areas of interest and focus: | Cloud Computing Security: Amazon AWS and MS Azure Application security architecture / Security in DevOps IT Strategy and Governance Vulnerability Management and Web Application Security Security Monitoring  Security Risk Management IT Audit and Compliance | Certifications: AWS Certified Solutions... Read More →



Tuesday August 9, 2016 10:30am - 11:20am
Ballroom B

11:30am

An Audit Perspective on Relationship Management
Speakers
EL

Esther Lee

SunTrust Bank
Esther Lee is an IT Audit Manager at SunTrust Bank in Atlanta, Georgia. She is a graduate of UNC-Wilmington with 15 years of work experience. She is a licensed CPA, CISA, Series 7, 63, and 65.
TL

Thomas Lim

Tom Lim is an IT Audit Manager at SunTrust Bank in Richmond, Virginia. He is a graduate from University of Waterloo, in Canada where he obtained his Bachelor of Math in Business Administration – Information Systems. Tom has been in the IT audit field for 12 years and has both external (Big 4) and internal audit experiences across a number of industries. Thomas has been CISA certified since 2009.
SW

Shanga White

SunTrust Bank
Shanga White is an IT Audit Manager in Atlanta at SunTrust Banks, Inc. where he has devoted his time executing enterprise IT Infrastructure audits. He is a graduate of Louisiana State University where he obtained his Bachelor’s degree in Information System and Design Sciences. Since college and throughout his career he has truly understood the value of making and building relationships. Shanga is a certified Project Management Professional... Read More →



Tuesday August 9, 2016 11:30am - 12:20pm
Ballroom C

11:30am

Retention Polices - Are You Up-To-Date
Speakers
avatar for James Baird

James Baird

Vice President, IT Security & Compliance, American Cancer Society
James serves as the Vice President of IT Security & Compliance at the American Cancer Society. His role oversees all of the programs and processes involved with Information Security and technology risk management across the Society. His team works diligently to ensure that sensitive information used for Society business is protected from accidental or intentional misuse. Since his first role in IT in 1993, James has worked in the Information... Read More →



Tuesday August 9, 2016 11:30am - 12:20pm
Ballroom A

11:30am

Vulnerability Scanning with Nessus
Speakers
avatar for Eric Palmer

Eric Palmer

Eric Palmer, CISA, CIA, CFE, CGAP, is the Internal Audit Director for a hospital in the New Orleans area. He has served on both the Atlanta and New Orleans ISACA Boards and is a member of the CISA Exam Development workgroup. His previous experience includes managing IT audits at First Data and with the City of Atlanta.



Tuesday August 9, 2016 11:30am - 12:20pm
Ballroom B

12:30pm

Lunch and Rendition InfoSec, LLC Presentation
Tuesday August 9, 2016 12:30pm - 1:30pm
Ballroom E

1:30pm

Driving Innovative IT Project Metrics by Embracing Human Nature
Speakers
avatar for John Bowen

John Bowen

JOHN BOWEN is Senior Director of Global Partnerships for Computer Aid, Inc., responsible for expanding CAI’s international business presence.  In this role, he has led CAI’s international growth in Asia, Latin America, Europe, the Middle East and North Africa. Mr. Bowen has more than 35 years of IT management experience including executive leadership, technology management, IT integration, IT due diligence, strategic planning and... Read More →



Tuesday August 9, 2016 1:30pm - 2:20pm
Ballroom C

1:30pm

ERP Implementation Risk-Are You Covered
Speakers
avatar for Kari Sklenka-Gordon

Kari Sklenka-Gordon

Kari has the ability to direct and lead multiple IT Audits & IT Risk assessments simultaneously to support SOX, Financial Audits, Operational Audits, and SDLC audits. SAP Risk Assurance expert with over 15 years in working with SAP at mutliple clients/companies. | | She has experience in various roles on several SAP implementations including testing, data migration, controls design and effectiveness testing. | | Specialties: SAP Controls... Read More →



Tuesday August 9, 2016 1:30pm - 2:20pm
Ballroom A

1:30pm

Privacy By Design and The New GDPR Requirements
Speakers
avatar for Phillip Mahan

Phillip Mahan

Director, Office of the CPO, Ionic Security Inc.
Phillip is a long-time participant in Information Technology, and holds certifications in Security, Privacy, Audit, Cloud Security, and several Application-specific areas.  He has presented at conferences ranging from local to International audiences.



Tuesday August 9, 2016 1:30pm - 2:20pm
Ballroom B

2:30pm

IT Vendor Management
Speakers
AF

Adam Fowler

Adam is an experienced IT advisor with experience in IT auditing, compliance, security and risk management. He has experience in auditing various aspects of information technologies including performing general computer controls reviews, SOX assessments, segregation of duties and application controls reviews as they relate to both internal and external auditing, SAS 70 & SSAE 16 attestations, security review, project management, compliance... Read More →
DS

David Schroth

David is an experienced IT advisor with experience in IT auditing, compliance, security and risk management. David has experience in auditing various aspects of information technologies including performing general computer controls reviews, SOX 404 assessments, segregation of duties and application controls reviews as they relate to both internal and external auditing, SSAE 16 attestations, security review, project management, IT... Read More →



Tuesday August 9, 2016 2:30pm - 3:20pm
Ballroom C

2:30pm

Software Asset Management (SAM) Internal Audits
Speakers
avatar for Jack Fulford

Jack Fulford

Mr. Fulford has over 30 years of IT experience. His experience includes software development, systems engineering, and Program Management. His most recent 8 years has been focused specifically in the IT Asset Management (ITAM) and Software Asset Management (SAM) fields.   Key highlights from this time include: Led, leading, or supporting 8 SAM internal audit engagements for companies ranging from large technology to global property... Read More →



Tuesday August 9, 2016 2:30pm - 3:20pm
Ballroom A

2:30pm

The Horse Has Left The Barn and We Have The Saddle - Our Journey Into the Cloud
Speakers
avatar for Joe DiBiase

Joe DiBiase

Joe is currently the Director of Global Information Security at Interface, the world’s largest designer and maker of carpet tile. Joe began his security career in 1992 with AT&T where he was part of a team that developed AT&T’s first security policy document. Joe was also CISO of the General Electric Energy divisions and security leadership positions First Data and ACI Worldwide.



Tuesday August 9, 2016 2:30pm - 3:20pm
Ballroom B

3:20pm

BREAK
Tuesday August 9, 2016 3:20pm - 3:40pm
Break Area

3:40pm

Emerging/Alternative Third Party Assurance Reporting
Speakers
avatar for Regina Davis, PMP, CISA, CRISC

Regina Davis, PMP, CISA, CRISC

Technology Risk Manager, Crowe Horwath, LLP
Regina is a Technology Risk Manager at Crowe Horwath LLP. Prior to joining Crowe, Regina was responsible for the implementation and oversight of the IT Audit function for two major manufacturing companies in the Atlanta area. She has eighteen years of experience serving in a variety of capacities to include IT Project Management and Information Systems, Audit and Controls. | As a Technology Risk Manager with Crowe Horwath, Regina provides... Read More →
avatar for Eve Rogers

Eve Rogers

Crowe Horwath, LLP
Eve has more than 18 years of experience at Crowe serving clients in the banking industry, ranging in size from $500 million to $13 billion in assets. | | The experience she gained working with failed bank acquisitions early in this most recent cycle of bank failures made her a stand out choice to relocate to Crowe’s Atlanta office in 2010 to help lead the start-up of the audit and accounting consulting practice. Her expertise includes... Read More →



Tuesday August 9, 2016 3:40pm - 4:30pm
Ballroom B

3:40pm

PCI - It's an Open Book Test
Speakers
avatar for Mark Gelhardt

Mark Gelhardt

Over 35 years of experience in providing Executive Level management in the Information Technology field as a CIO, CSO, and CISO. Mark started his working career in the Army and retired as a Colonel (select). During his military service Mark held many different command and staff positions in many different fields to include Human Resources, Intelligence, Communications, Incident Response, Information Technology, and Information Security. The... Read More →



Tuesday August 9, 2016 3:40pm - 4:30pm
Ballroom C

3:40pm

Real World Supply Chain Risk - Gray Market Products to Managed Service Providers
Speakers
JR

Jeff Roth

Jeff Roth is a global information assurance specialist providing organizations with expert security consulting services. Jeff has over 30 years’ highly technical experience within information system security engineering and Cybersecurity assessments and audits services worldwide. Specifically, Jeff leads high profile Federal, State, Municipal and private sector critical infrastructure system security engineering and compliance... Read More →



Tuesday August 9, 2016 3:40pm - 4:30pm
Ballroom A

4:30pm

Networking Session
Tuesday August 9, 2016 4:30pm - 7:30pm
Break Area
 
Wednesday, August 10
 

8:15am

Breakfast
Wednesday August 10, 2016 8:15am - 9:00am
Ballroom E

9:00am

General Session - Cyber Breach: What if your defenses fail? Designing an exercise to map a ready strategy

Every month we read about the latest, the greatest, or “the most significant cyber breach

ever.” Companies are jostling to figure out how to manage these challenging cyber security

issues – and it’s not just IT that’s scrambling. Cyber incidents affect every aspect of the

business, and cyber security has become one of the most pressing issues in business

continuity management today.

In many recent surveys, “C-ˇsuite” executives say that their number one concern is a cyber

breach or major malware incident. But how do you go about creating this type of exercise

that is, frankly, fraught with peril? Very carefully, obviously! The goal of this session is to

demonstrate the value of conducting such an exercise to improve your company’s overall

readiness. The session will describe how you can go about designing this type of exercise,

why it is different from other exercises, and how you can avoid pitfalls and career-ˇlimiting

moves this topic can lead to.

Topics Covered

• Discover how a cyber exercise is different from other exercises.

• Learn about the positive benefits of cyber exercise.

• Design an exercise that delivers on the stated goal.

• Determine the eight critical elements that make a cyber exercise work


Speakers
avatar for Regina Phelps

Regina Phelps

Regina Phelps, CEM, RN, BSN, MPA | President, Emergency Management & Safety Solutions | Ms. Phelps is an internationally recognized thought leader in the field of emergency | management, pandemic, and contingency planning. Since 1982, she has provided | consultation, training, and speaking services to clients on four continents. She is founder of | Emergency Management & Safety Solutions, a consulting and training firm. Ms... Read More →



Wednesday August 10, 2016 9:00am - 10:00am
Ballroom E

10:00am

BREAK
Wednesday August 10, 2016 10:00am - 10:30am
Break Area

10:30am

Because Math: Putting The Intelligence Back in Threat Intel
Speakers
avatar for Ed McCabe

Ed McCabe

Edward McCabe is an active information security professional and practitioner with over 25 years’ experience with Fortune 100 companies, various domestic state & federal agencies, in addition to various foreign government agencies. Industries span the Financial Services, Defense, Retail, Electric Power Transmission & Distribution, Hospitality, Health Care, Construction, Insurance, Technology, and Media. Edward is often invited to... Read More →


Wednesday August 10, 2016 10:30am - 11:20am
Ballroom B

10:30am

Managing a PCI Compliance Program
Speakers
avatar for Katie Friebus

Katie Friebus

Sr. Compliance Analyst, Macy' Systems and Technology
Katie is a Senior Compliance Analyst for Macy’s Systems and Technology division. Katie helps to manage the annual PCI Assessment for Macy’s as well as ongoing PCI compliance activities. Katie has over 6 years of information security experience both in the banking and credit card processing industries.
avatar for Lisa Gable

Lisa Gable

PCI Compliance Manager, Macys
Lisa is the PCI Compliance Manager for Macy’s Systems and Technology. Over the past 7years at Macy’s, Lisa has led efforts for various PCI related efforts including Assessment Management, Vulnerability Scanning and Risk Management.
avatar for Dan Lobb

Dan Lobb

Macy's Inc.
Dan is currently managing the Information Security Compliance Program for Macy’s Inc. He has been focused on Information Security Compliance for the past 10 years at several leading companies; Visa, Coca-Cola, Blue Cross Blue Shield, and AT&T.



Wednesday August 10, 2016 10:30am - 11:20am
Ballroom C

10:30am

Myths & Realities of Data Security & Compliance
Speakers
avatar for Ulf Mattson

Ulf Mattson

Ulf Mattsson is the Chief Technology Officer of Compliance Engineering that provides Information Security Management and Compliance Solutions and Services. Ulf was the Chief Technology Officer and a founder of Protegrity, where he created the initial architecture of Protegrity's database security technology. He invented Vaultless Tokenization, Data Type Preservation (DTP2), and more than 25 additional patents in the areas of Encryption, Data... Read More →



Wednesday August 10, 2016 10:30am - 11:20am
Ballroom A

11:30am

Cyber Risks During Mergers & Acquisitions
Speakers
avatar for Robert Baldi

Robert Baldi

Seasoned IT audit leader with seventeen years of audit and information security management experience supporting industry leaders (ACI Worldwide, Booz Allen Hamilton, Raytheon) and government agencies (NSA, CIA, DHS, Army, Air Force, CYBERCOM, STRATCOM). Adjunct professor for Bellevue University's cyber security graduate degree program. Member of FBI Omaha InfraGuard, NEbraskaCERT, Omaha (ISC)2 Chapter and the IIA Aksarben Chapter. Published... Read More →


Wednesday August 10, 2016 11:30am - 12:20pm
Ballroom A

11:30am

Cybersecurity: Considerations for Internal Audit
Speakers
avatar for Gina Gondron

Gina Gondron

Senior Manager, PRG Practice, Frazier & Deeter
Gina Gondron is a Senior Manager in Frazier & Deeter’s Process, Risk and Governance (PRG)  practice. Gina leads the delivery of IT audit and advisory services to clients across a variety of industries with emphasis in healthcare and technology. Gina is highly skilled at applying her deep knowledge of IT processes and controls in the context of addressing important financial, operational and compliance risks. She works closely... Read More →



Wednesday August 10, 2016 11:30am - 12:20pm
Ballroom B

11:30am

Internet of Things and IA
Speakers
avatar for Anthony Chalker

Anthony Chalker

Anthony has over 20 years of experience, including 12 years in ‘Big Five’ public accounting. Anthony’s career combines external audit, litigation consulting, and information technology to provide a broad and comprehensive view of the risk management landscape. Anthony delivers results through an inclusive approach to creatively maximize business risk management while optimizing strategic business objectives.  | | Anthony... Read More →


Wednesday August 10, 2016 11:30am - 12:20pm
Ballroom C

12:30pm

LUNCH - Presentation by NSFOCUS
Wednesday August 10, 2016 12:30pm - 1:30pm
Ballroom E

1:30pm

Attribute-Based Access Control (ABAC) and Dynamic Authorization
Speakers
avatar for Steve Brown, CISA, CISSP, GSLC, GCED

Steve Brown, CISA, CISSP, GSLC, GCED

Security Solution Architect, Inc. CISA, CISSP, GSLC, GCED Previous - Enterprise Solution Architect, Verizon - Sr. IT Auditor, Levi Strauss & Co. - US Army Signal Officer (Ret)



Wednesday August 10, 2016 1:30pm - 2:20pm
Ballroom C

1:30pm

Cybersecurity: A New Paradigm
Speakers
avatar for David Barton

David Barton

Managing Director, UHY Advisors
David Barton is a Managing Director with UHY Advisors and practice leader of the Internal Audit, Risk, and Compliance practice, which provides consulting and audit services around information technology controls, information risk management, and compliance. He has over 25 years of practical experience in information systems and technology risk and controls. David is frequently asked to speak at national and regional events, such as SecureWorld... Read More →


Wednesday August 10, 2016 1:30pm - 2:20pm
Ballroom B

1:30pm

Quantifying the Financial Risk Exposure of Segregation of Duties (SoD) Violations
Speakers
avatar for Jay Gohil

Jay Gohil

Associate Director, Protiviti
Jay is an Associate Director in the IT Consulting practice, focusing on security, controls, and governance of SAP. I have over 9 years of experience assessing system security and controls with a focus on SAP and SAP GRC solutions. I've led numerous GRC (Access Control and Process Control) implementations to support compliance, audit, and system implementation initiatives. Specific project experience includes leading SAP security design... Read More →



Wednesday August 10, 2016 1:30pm - 2:20pm
Ballroom A

2:30pm

Deciphering Cryptography and Its Business Impact to You
Speakers
JS

Javed Samuel

Technical Director, NCC Group
Lead Resource for Training Services and Cryptography Services Technical Account Manager for various clients Deliver security assessments (eg. Architecture Reviews, Cloud, Cryptography)



Wednesday August 10, 2016 2:30pm - 3:20pm
Ballroom A

2:30pm

IT Governance A Roadmap Out of Wilderness
Speakers
avatar for Kevin Lyday

Kevin Lyday

Kevin Lyday is the Senior Advisor for IT governance and capital planning within the Office of Financial Resources at CDC. He was formally the Director of Information Resources in the Procurements and Grants Office and the Director of IT in the Office of Public Health Preparedness and Response. He is a multi-certified Federal Government professional with over 20 years of experience managing enterprise implementations of public health... Read More →



Wednesday August 10, 2016 2:30pm - 3:20pm
Ballroom C

2:30pm

Why You Should Pay Attention to the OWASP Top 10
Speakers
avatar for Stuart Smith

Stuart Smith

Group Vice President, SunTrust Banks, Inc.
Stuart has over 17 years of professional work experience in Information Security, Network Administration, Risk Management, and Information Technology Training in various positions with the private industry and the Department of Defense. He is a skilled Information Security Professional and dynamic speaker and presenter, who is experienced in a wide range of areas including development and implementation of Information security policies and... Read More →



Wednesday August 10, 2016 2:30pm - 3:20pm
Ballroom B

3:30pm

Closing Keynote - The BlindSpot Zone
Do your IT and IS professionals ever feel like they are not being heard or taken seriously? Do they deal with negativity and skepticism from management?  What we are dealing with is a perception and influence problem.  There are over 200 cognitive biases and thinking errors that affect our behaviours, beliefs and daily decision-making abilities.  Yet, more than 85% of us believe we are less biased than the average person.  The cognitive disconnect places a lid on our influence, creates conficts in our relationships and skews our decision-making abilities.  Welcome to the BlindSpot Zone.  Learn how to quickly recognize blindspots and intentionally change behaviors; discover the recurring patterns that are holding you back from peak performance; gain a new appreciation for how to better work together and serve your clients; and learn how to unmask the hidden biases that creep into every decision-making process.

Speakers
avatar for Kevin McCarthy

Kevin McCarthy

Kevin McCarthy is CEO of the 360 Narrative Group, a brand development and digital design agency.   | Kevin began his professional speaking career in 1994 while he owned the 13th largest Century 21 office in the USA, and held a position on the Board of Directors for the Phoenix area Century 21 franchisees. Thriving as a speaker, he sold his real estate company and began traveling the country helping industry leaders position themselves... Read More →


Wednesday August 10, 2016 3:30pm - 4:20pm
Ballroom E

4:20pm

Closing Remarks from ISACA Atlanta Board
Wednesday August 10, 2016 4:20pm - 4:30pm
Ballroom E
 
Thursday, August 11
 

9:00am

CSX Fundamentals
Thursday August 11, 2016 9:00am - 11:50am
Room 117

9:00am

CISA Review
Thursday August 11, 2016 9:00am - 12:10pm
Room 113

9:00am

CISM Review
Thursday August 11, 2016 9:00am - 12:10pm
Room 114

9:00am

CRISC Review
Thursday August 11, 2016 9:00am - 12:10pm
Room 115

12:10pm

Lunch
Thursday August 11, 2016 12:10pm - 1:00pm
Room 106

1:00pm

CISA Review
Thursday August 11, 2016 1:00pm - 4:30pm
Room 113

1:00pm

CISM Review
Thursday August 11, 2016 1:00pm - 4:30pm
Room 114

1:00pm

CRISC Review
Thursday August 11, 2016 1:00pm - 4:30pm
Room 115

1:00pm

CSX Fundamentals
Thursday August 11, 2016 1:00pm - 4:50pm
Room 117
 
Friday, August 12
 

9:00am

CISA Review
Friday August 12, 2016 9:00am - 11:50am
Room 113

9:00am

CISM Review
Friday August 12, 2016 9:00am - 11:50am
Room 114

9:00am

CRISC Review
Friday August 12, 2016 9:00am - 11:50am
Room 115

9:00am

CSX Fundamentals
Friday August 12, 2016 9:00am - 11:50am
Room 117

12:00pm

Lunch
Friday August 12, 2016 12:00pm - 1:00pm
Room 106

1:00pm

CISA Review
Friday August 12, 2016 1:00pm - 4:50pm
Room 113

1:00pm

CISM Review
Friday August 12, 2016 1:00pm - 4:50pm
Room 114

1:00pm

CRISC Review
Friday August 12, 2016 1:00pm - 4:50pm
Room 115

1:00pm

CSX Fundamentals
Friday August 12, 2016 1:00pm - 4:50pm
Room 117