The PwC Cybersecurity & Privacy practice will present a panel of industry and technology experts to speak on hot topics, challenges and issues our clients are facing, and how we are helping them implement sustainable solutions. Additionally, we will chat about what Internal Audit’s role should be, and how to build a strategic audit plan around the barrage of changing requirements, new laws and regulations, and an ever-growing threat landscape.
Ryan is a partner in PwC’s Cybersecurity practice with over 20 years of security leadership and consulting experience. As a Cybersecurity leader, Ryan helps clients protect their most critical assets, defend their brand, and build trust with their customers. Ryan has led dozens of maturity assessments using several industry frameworks (including NIST). Prior to PwC Ryan was Vice President of Security and Risk for Walmart’s eCommerce business. In this role, he led a team across 15 countries, and was responsible for the protection of Walmart’s critical assets.
Ryan also spent nearly 15 years in Government, most recently as a special agent with the U.S. Secret Service, where he protected the President, Vice President, and foreign Heads of State, as well as serving as a cyber agent in the U.S. Secret Service’s electronic crimes division.
Incident Response Pre-planning
Does your organization have a strong incident response capability in place? Do you know what to do and which external entities to engage before something happens? Let’s have a real discussion around how to build strategic incident response capabilities, test your IR plan through table top exercises, and develop external relationships with law enforcement and necessary authorities to come to your aid in times of crisis. Additionally, what is internal audits role in IR planning, and as IA professionals how can you support your companies IR plan.
Alison is as Director at PwC based out of the Austin, Texas office and recognized as a longtime privacy practitioner. Her multifaceted background as a privacy, risk management, and legal professional in both the private and public sectors allows her to solve complex business problems while increasing enterprise value and mitigating risk to highly valued data.
Previously Alison served as the Privacy Officer for a $24b retailer leading an enterprise privacy program responsible for bringing information governance practices across omnichannel operations that included grocery, healthcare, ecommerce, gas, and transportation. In this role, she also served as the designated HIPAA Privacy Official.
Alison is the relationship lead for the firm’s sponsorship of the Retail Industry Leaders Association (RILA) Privacy Leaders Council (PLC). In this role she is responsible for facilitating discussions of best practices among peers made up of Chief Privacy Officers and General Counsel executives.
CCPA, GDPR, HIPAA, GLBA, TCPA, CAN-SPAM. How Internal Audit can partner with the Privacy Office for operating and monitoring a sustainable internal audit program that drives accountability with global privacy and data protection laws and regulations.
Dale is a Senior Manager with PwC’s Cybersecurity and Privacy Practice. He has 10 years of experience working with Internal Audit functions across a range of industries as part of the PwC Cybersecurity Internal Audit service offering. Dale specializes in the development and execution of robust cybersecurity audit programs, and coaching executives and audit committees on the security risk profile of their organizations.
Cybersecurity for Internal Audit
As high-profile cyber-attacks become more common, cyber security risk continues to rise up the agenda of boards and executive management teams. 91% of top CEOs believe stakeholder trust will be negatively impacted by cyber security breaches at their organizations within the next 5 years. To exercise their fiduciary duty, boards need comfort that they have a “defensible” cybersecurity risk management program in place. More than ever, these executives are turning to their Internal Audit functions to provide them with independent and objective insights into the health of their cybersecurity programs, and to challenge their assumptions about how safe their data truly is.
Justin is a Cybersecurity Director and West Region Lead for TPRM based out of Los Angeles, CA with over 10 years of experience in Risk & Security consulting. Justin has an extensive background in assessing, designing, and implementing TPRM and Supply Chain Security programs for global clients across North America, EMEA, and APAC markets.
Do you have a little security in your Supply Chain?
Supply chains today are complex and global, and for many are seeing an increase in regulations, facing regular disruptions, and even trying to manage or recover from security breaches. Coupled with the megatrends of accelerating urbanization, resource scarcity and the breathtaking pace of technology proliferation, supply chains continue to rapidly evolve and transform. Yet, the majority of companies do not regularly assess the security posture of their supply chain nor the key functions which pose the highest risk. As a result, there is an opportunity to discuss IA’s role not only in security but risks that impact the broader supply chain ecosystem.
Cybersecurity Pioneer, Thought Leader,
A long-time ISACA-LA member, Stan is founder and President of SecureTheVillage, a nonprofit whose mission is a cybersecure Los Angeles. Stan is also the co-founder and President of Citadel Information Group, an information security management services firm delivering Information Peace of Mind ® to business and the nonprofit community.
During Stan’s career he has regularly given back to the community, serving 9 years as President of ISSA-LA and on several cybersecurity Advisory Boards. In addition to his community leadership through SecureTheVillage, he serves on the Advisory Boards of Los Angeles Cyber Lab and Pepperdine Graziadio Business School’s innovative Cyber Risk Certificate Program. An information security pioneer, Stan began his career securing teleconferencing at the White House, databases inside Cheyenne Mountain, and the communications network controlling our nuclear weapons arsenal. Stan received his Ph.D. degree in mathematics from The University of Michigan. A frequent speaker on cybersecurity, Stan is regularly quoted in the media on cybercrime, cyber privacy and information security.
3:00 PM – 5:00 PM: Pre-Meeting
5:30 PM – 6:00 PM: Registration and Networking
6:00 PM – 8:30 PM: Dinner and Program
Dinner Choices: Buffet
Attire: Business Casual
Time Details: 2 CPE Credits for the pre-meeting and 2 CPE Credits for the dinner meeting
Register by 1/10/20 to save!
Online registration opens through noon on day of the event.
For Online Reservations, click the “Register” button below:
ISACA, IIA, ISSA,
Pre-Paid online by midnight the Friday before the event
Walk-Ins or Pre-Paid online after midnight the Friday before event
Payment: Credit Card
Those who reserve but do not come may be assessed a charge up to $25 if they do not cancel by noon the day before the event.
ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.
*Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.
*Permission to be Photographed
By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.