Actions and Detail Panel
April 2017 | ISACA San Diego IIA | Emerging Technologies Seminar @Qualcomm
Thu, April 20, 2017, 8:00 AM – 4:45 PM PDT
April 2017 IIA ISACA Seminar
- Build your awareness of “The Cloud” and why it’s important to you. Increased understanding of what brought about the shift to the Cloud and how to safely use Cloud Technologies.
- Practical guidance on how organizations can operationalize privacy and security practices to establish sustainable (repeatable) and legally defensible programs that strengthen brand trust.
- Digital technologies are transforming the way we live and work. How well do you understand the growing landscape of digital, the associated risks, and how they may affect your organization?
- Would you know if your organization has been hacked? If you don't have internal personnel or a third party "hunting" for attackers within your network, you might not learn of a breach until a government agency tells you six months or more after the event. Learn what types of activities are involved in hunting for hackers, and how you can adopt those techniques in your organization.
- As organizations enter and operate in new markets, they are likely to rely on third parties, many of whom operate in locations far from the organization’s headquarters, and conduct business in a foreign language and with different local customs. As a result, regulators are making it a high priority for organizations to police such third-party relationships. This presentation will cover risks relevant to third parties, as well as an overview of leading practices and key considerations for auditing third parties.
- The DevOps movement is reshaping IT teams and IT development in many organizations. Understand the reason behind the movement and the necessary adjustments that need to be made to effectively audit within a DevOps environment.
- Gain an understanding of what brought about the shift to the Cloud and how to safely use Cloud Technologies.
- Understand how your organization can operationalize privacy and security practices to establish sustainable (repeatable) and legally defensible programs that strengthen brand trust.
- Become more aware digital technology is growing, the associated risks, and how they may affect you and your organization.
- Discover what types of activities are involved in hunting for hackers and how you can adopt those techniques in your organization.
- Be able to identify risks relevant to third parties, and understand leading practices and key considerations for auditing third parties.
- Understand how to audit within a DevOps environment.
Instructional delivery methods: Group-Live
Field of Study: Information Technology
CPE credit: 8 CPE
Advanced preparation: None
Program level: Basic
Anna currently serves as the Cloud Advisor for Stratiform, a service provider in the Cloud space, providing clients with “best-of-breed cloud strategy, advisory, onboarding and migration services, as well as on-going cloud management services.” Anna works with customers to help them develop their cloud strategy to optimize their investments in their core business and their cloud technologies. She has over 15 years of experience in Internet / Web technologies and IT Business Relationship Management.
Michael is the president and founder of SoCal Privacy Consultants, a San Diego-based boutique privacy and security consulting firm founded in 2008. SoCal Privacy conducts gap assessments that include data mapping, controls evaluations and risk assessments. Michael also provides Privacy-by-Design technology consulting, such as for mobile apps and wearables. Clients includes technology and Internet-based services, health care, and financial services. For an FTC consent order client, he established multi-state information security programs and provides ongoing consulting - resulting in four consecutive satisfactory audits certifying compliance to the order. Previously, Michael was the Chief Privacy Officer for Pathway Genomics Corporation for seven years. He is a frequent speaker on privacy and security subjects and co-authored the security chapter for the HIMSS Good Informatics Practices (GIP) book.
Amanthi Pendegraft is a Director in KPMG’s IT Advisory practice with over ten years of experience in performing various IT audits and advisory services including: Sarbanes Oxley, internal audit services, government audits, business process analysis, application controls reviews, SAP system implementation reviews and IT policy and procedure development. She has developed and presented trainings on IT Audit and Emerging Technology Risks.
Adam Brand is a Director in Protiviti's Privacy and Security practice. He has over 16 years of experience in information security and technology, including penetration testing, compliance, incident response, and threat hunting. He is a frequent speaker on a variety of information security topics, and is currently focused on helping healthcare organizations protect against, quickly detect, and effectively respond to the increasing amount of cyberattacks they face.
Valerie Riley is a Manager in KPMG’s Advisory Services practice with more than 5 years of IT Advisory and IT Audit and Assurance experience. She has a strong background in multiple facets of IT Advisory services, including Sarbanes-Oxley 404, systems implementation and IT operations assessments, external audit support, SOC1, and single audit projects.
Eric Nichter is a DevOps and cybersecurity professional working with Ice Cybersecurity. His 15+ year domain experience spans across several disciplines including DevOps, Cybersecurity, Automation, Cloud, DataCenter, IT, Enterprise Architecture, Engineering, Acquisitions, Leadership and Culture. His people-centric focus, creativity and intuition differentiate him from traditional tech leaders. He has successfully orchestrated several companies through major cultural change.