2024 ISACA Los Angeles January Seminar Thursday, January 25, 2024

ISACA Los Angeles January Seminar ``IT Hot Topics``

Thursday, January 25, 2024

Earn 4 CPEs while learning about the following hot topics at ISACA Los Angeles Chapter’s virtual seminar

TOPIC 1

Establishing Data Trust Program within your Organization – From Data Governance to Privacy

In the face of escalating cyber threats, organizations must adopt a comprehensive cybersecurity-centric approach to fortify their data assets. This presentation explores the nuanced steps involved in establishing a Cybersecurity-Centric Data Trust Program, emphasizing key elements such as data governance, data classification, and data discovery. Participants will gain actionable insights into safeguarding sensitive information, mitigating cyber threats, and ensuring the resilience of their organizational data infrastructure.

Learning Objectives:

Foundations of Cybersecurity-Driven Data Governance:
– Explore the fundamentals of a cybersecurity-centric data governance framework.
– Understand the role of risk assessment and mitigation in the context of data security.
– Learn to integrate cybersecurity considerations into data governance policies, aligning them with industry standards.

Navigating Regulatory Landscape for Privacy Compliance:
– Acquire knowledge of the global regulatory landscape governing data privacy, including GDPR, CCPA, and other relevant frameworks.
– Learn practical strategies for aligning your data practices with regulatory requirements to mitigate legal risks.

Cultivating a Cybersecurity-Aware Culture and responsible data use:
– Explore methodologies for instilling a cybersecurity-aware culture within your organization.
– Understand the role of human factors in cybersecurity and techniques for building a resilient human firewall.

Data Classification and Discovery for Enhanced Security:
– Delve into the importance of data classification in identifying and protecting sensitive information.
– Learn strategies for implementing robust data discovery processes to identify and track sensitive data across the organization.
– Understand how data classification and discovery contribute to effective data access controls and incident response.

Implementing Advanced Cybersecurity Measures:
– Explore encryption, threat detection, and incident response strategies to counter evolving cyber threats.
– Gain insights into the integration of cybersecurity measures into the entire data lifecycle, from collection to disposal.

SPEAKER

Peter Morin

Principal, National Cyber Security Leader
Grant Thornton LLP

Peter leverages over 25 years of experience to help clients develop robust Cybersecurity program strategies. This includes advising organizations in areas ranging from industrial and control system (ICS) security, network security architecture, threat hunting and red-teaming to cloud security, incident response, computer forensics, and beyond. Throughout Peter’s career, he has held senior positions with numerous organizations, including major consulting businesses, a global Cybersecurity consulting firm, a national telecommunications and media company, a Fortune 500 cloud-computing company, a recognized Cybersecurity software company and a major US defense contractor. This has given me the opportunity to work across industries, including the energy, utilities, mining, and industrial sectors.

As a public speaker, Peter has presented at numerous events held by the FBI, US Department of Homeland Security, Conference Board of Canada, FIRST, BSides, SecTor, SANS, Blackhat, Public Safety Canada, IIA and ISACA. Peter is also a frequent guest lecturer at colleges and universities across North America and has been featured in such publications as SC Magazine, USA Today, National Post and Penetration Testing Magazine. Peter currently serves on the board of directors for the ISACA Atlantic Provinces Chapter. Peter received the ISACA Global Outstanding Leader Award in 2020 for his contributions to the association and his chapter.

TOPIC 2

CCPA/CPRA Update and New Cybersecurity/Risk Assessment Requirements

The California Privacy Protection Agency (CPPA) recently discussed the draft of Cybersecurity Audits and Risk Assessments Regulations under CPRA during its September 8th board meeting. CPRA, which grants enforcement authority to the CPPA, expands on CCPA privacy laws and introduces new rights. Initially set for enforcement by January 1, 2023, CPRA’s enforcement was delayed until March 29, 2024, due to a lawsuit by the California Chamber of Commerce. This session will cover CCPA, CPRA, the recent CPPA Board Meeting, and the new annual cybersecurity audit requirements, providing insights into the changes and readiness for CCPA/CPRA.

SPEAKER

Miguel (Mike) O. Villegas

Founder
iSecurePrivacy LLC
CISA, CDPSE, CEH, CISSP, ISO/IEC 27001 Lead Implementer

Miguel “Mike” Villegas is the founder of ISECUREPRIVACY LLC, a cybersecurity consulting firm in Southern California. He has over 35 years of experience in Information Systems security and IT audit. Previously, Mike served as the Director of Information Security at Newegg, Inc. and was a Contributing Writer for SearchSecurity.com with over 150 articles. He has held significant roles in IT Regulatory Compliance at Wells Fargo Services and worked as a partner at Arthur Andersen and Ernst & Young in information systems security and IS audit. Mike has also been actively involved with ISACA, serving as President of the LA and SF chapters, and has various certifications including CISA, CDSE, CEH, CISSP, and more. He is currently CISO for Tristar Insurance Group and CTO for Xahive. He is also currently the Certification Chair for the ISACA LA Chapter and has been teaching CISA review courses for over 25 years.

TOPIC 3

Cybersecurity Maturity Model Certification (CMMC)

The Department of Defense (DoD) has been talking about making the Cybersecurity Maturity Model Certification (CMMC) a contractual requirement in the Defense Industrial Base (DIB) for years. The Defense Federal Acquisition Regulation Supplement (DFARS) has already been a requirement in the DIB for more than five years. Learn what the latest is on CMMC requirements: When is the earliest it might be a requirement, when is the earliest you can plan of getting certified, what does the certification process look like, and what should you budget for it.

After attending, the participants will better understand the following about CMMC:

1. Learn about CMMC 2.0 including the difference between CMMC and other frameworks (NIST 800-171, NIST CSF, CIS Controls, ISO 27001)

2. Learn about CMMC Certification Requirements

3. Learn about CMMC Certification Budgeting and Planning: When is the earliest it might be a requirement, when is the earliest you can plan of getting certified, what does the certification process look like, and what should you budget for it.

SPEAKERS

Eric Rockwell

Lead Cybersecurity Advisor
SingerLewak LLP
CISSP

Eric Rockwell leads Cybersecurity reviews, risk assessments, information security programs, and the monitoring/oversight of these functions. Eric has been a both former in-house CEO and CISO. Eric was an author of the American Bar Association Security Policy handbook, a contributor to v8.0 of the Center for Internet Security (CIS) controls, and a frequent speaker regarding cybersecurity risk management topics.

Carl Grifka

Managing Director
SingerLewak LLP
CISSP, CISA, CISM, PMP, CDPSE

Carl Grifka has a unique background encompassing a valuable set of IT risk, SOX, and finance experience. Prior to joining SingerLewak, Carl was the CFO for a leading global technology solutions provider, a Director for a top-10 international public accounting firm, a board director for multiple organizations, and a lead auditor for a Fortune 100 automotive manufacturer. Currently, Carl delivers advice and consultation regarding internal audit, cybersecurity, SOX compliance, and process automation. He is primarily focused on technology, manufacturing, life science, and consumer products companies.

Event Details

Date: Thursday, January 25, 2024

Time: 1:00 PM – 5:00 PM PDT

Location: Webinar

CPE: 4 CPEs

Rate Details

Early Bird (Before 12/31)

Member: $40

Full-Time Faculty/Student: $30

Non-Member: $60

Regular Price (After 12/31)

Member: $60

Full-Time Faculty/Student: $30

Non-Member: $80

CPE CREDIT & DISCLAIMER

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation. All applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording, in any form, of presentations and workshops is prohibited

ISACA Los Angeles January Seminar ``IT Hot Topics`` Thursday, January 25, 2024

Earn 4 CPEs while learning about the following hot topics at ISACA Los Angeles Chapter’s virtual seminar

TOPIC 1

Establishing Data Trust Program within your Organization – From Data Governance to Privacy

SPEAKER

Peter Morin

Principal, National Cyber Security Leader Grant Thornton LLP

TOPIC 2

CCPA/CPRA Update and New Cybersecurity/Risk Assessment Requirements

SPEAKER

Miguel (Mike) O. Villegas

Founder iSecurePrivacy LLC CISA, CDPSE, CEH, CISSP, ISO/IEC 27001 Lead Implementer

TOPIC 3

Cybersecurity Maturity Model Certification (CMMC)

SPEAKERS

Eric Rockwell

Lead Cybersecurity Advisor SingerLewak LLP CISSP

Carl Grifka

Managing Director SingerLewak LLP CISSP, CISA, CISM, PMP, CDPSE

CPE CREDIT & DISCLAIMER

Related Posts

ISACA Los Angeles January Seminar ``IT Hot Topics``

Thursday, January 25, 2024

Principal, National Cyber Security Leader
Grant Thornton LLP

Founder
iSecurePrivacy LLC
CISA, CDPSE, CEH, CISSP, ISO/IEC 27001 Lead Implementer

Lead Cybersecurity Advisor
SingerLewak LLP
CISSP

Managing Director
SingerLewak LLP
CISSP, CISA, CISM, PMP, CDPSE