InfoSec Compliance Now - A Free Virtual Event by AuditBoard

A Free Virtual Event

Discover the future of security compliance during this special half-day event.

February 23, 2023 9 AM - 12 PM PT 3 CPE Credits

Speakers

Drawing from experience in a variety of industries, leaders in the security compliance field will share their unique strategies for addressing today’s biggest InfoSec challenges.

Steve Hindle Chief Information Security Officer Mad Mobile

Tamara Lauterbach Director, IT Security & Compliance Capital Rx

Mamadou Niang Principal EY

John Bates Sr. Manager, Consulting, Cybersecurity EY

John Wheeler Sr. Advisor, Risk and Technology AuditBoard

Richard Marcus Vice President, Information Security AuditBoard

Steve Hindle

Chief Information Security Officer Mad Mobile

Steve Hindle is the CISO at Mad Mobile, where he leads their cybersecurity, IT, and GRC programs and develops people to provide a passionate security organization that delivers consistent, measurable, and secure growth as a business enabler and market/industry differentiator.

With more than 30 years of experience, Steve is a seasoned security strategist providing leading insight and delivering proactive solutions that reduce risk and increase brand confidence — inspiring trust for global organizations across industries and delivering a better experience for clients worldwide.

His career has encompassed complex security operations, threat management, and crisis management in public and private sectors in the UK, Europe, Africa, Latin America, Philippines, China, and the U.S.

Tamara Lauterbach

Director, IT Security & Compliance Capital Rx

Tamara is the Director of IT Security & Compliance at Capital Rx, where she focuses on staying ahead of security standards and educating department and control owners to ensure the organization maintains the best security practices while having complete clarity. She has overseen a variety of SOC, HIPAA, and ISO compliance audits and consults on business continuity and disaster recovery, risk management, and internal audit requirements.

Tamara and another security professional developed the "Cyber Line of Defense" (CLoD) in 2021, which allows departments to have the power to “own” their department, thereby allowing internal audit to have a level of independence to monitor and audit the cybersecurity department. With CLoD, the IT department can complete what is needed for day-to-day activities, and cybersecurity can "watch the watchers," providing necessary feedback to keep IT running smoothly.

She has 15 years of combined experience in military/government organizations and cybersecurity, including at AIRES, PNC Bank, and Highmark Health. She holds MPH, MSIT, and MBA degrees and a Bachelor's in Psychology and Criminal Justice. She is also a member of InfraGard, ACFE, ISACA, WiCyS, CyberEdBoard, and OCEG and has multiple certifications to stay up to date with security best practices and trends.

Mamadou Niang

Principal EY

Mamadou Niang is a Principal in the Technology Consulting practice of Ernst & Young LLP. He has over 17 years of experience in information technology and cybersecurity strategy and policy development, risk management and quantification, and business intelligence analytics and operations across various sectors including state government, technology, media, telecommunications, advanced manufacturing, aerospace and defense, and financial services. Mamadou has extensive experience leveraging industry frameworks such as NIST to help clients build, mature, and benchmark their cybersecurity practices against peers and leading practices. Mamadou holds a Masters degree in Industrial Technology (specialization: Biometrics) and a Bachelor’s in Computer Technology. He holds CISSP, CRISC, and PCI-QSA (inactive) certifications.

John Bates

Sr. Manager, Consulting, Cybersecurity EY

John Bates is a Senior Manager within the Cybersecurity Consulting practice at Ernst & Young. He is aligned with the Cyber Program Transformation competency. He has counseled clients on cybersecurity matters for over 15 years and focuses on highly regulated industries, including healthcare, pharmaceuticals, and financial services. As in-house counsel within tech companies from start-ups to the Fortune 500, he has direct experience with numerous regulatory bodies (DOJ, U.S. Attorney’s Office, Secret Service, FBI, FTC, OCR and FINRA). As a CISO, he initiated ISO 27001 and HITRUST programs through recurring audits. He has significant experience within Big Data, including cloud security, cloud infrastructure, and software development across multiple cloud platforms. He has supported sales, product, go-to-market, partner, OEM/ISV, and procurement teams with cyber governance, development, Open-Source Software (OSS) development, data protection, licensing, and third-party risk. He received a BA in Philosophy from University of Illinois at Urbana-Champaign and JD from Illinois Institute of Technology, Chicago-Kent College of Law. He currently holds the following professional certifications: CISSP (Provisional), CCSP, CIPP/US, and CIPP/E.

John Wheeler

Sr. Advisor, Risk and Technology AuditBoard

John A. Wheeler is the Senior Advisor, Risk and Technology for AuditBoard, and the founder and CEO of Wheelhouse Advisors, a global risk management strategy and technology advisory firm. Mr. Wheeler is a recognized expert, frequent speaker, and author on the effective use of risk management practices and technology in large and midsize businesses. His major areas of specialty include enterprise/operational risk management, integrated risk management (IRM) technology, executive leadership, and corporate governance. He has 30+ years of professional experience in a variety of roles spanning executive management, finance, risk management, audit, and IT.

Richard Marcus

Vice President, Information Security AuditBoard

Richard leads the Information Security Team at AuditBoard where he is focused on product, infrastructure, and corporate IT security. He is also responsible for leading the charge on AuditBoard's own internal compliance initiatives. In this capacity, he has become an AuditBoard product power user, leveraging the platform’s robust feature set to satisfy compliance, risk assessment, and audit use cases.

Sessions

Session 1 9 - 9:50 AM PT 1 CPE CREDIT

Artificial Intelligence, Friend or Foe?

Researchers recently debuted ChatGPT, a prototype conversational AI chatbot that can sometimes appear to be human. This means added complexity for security professionals, since many security tools use attackers' poor command of English to detect and block phishing attacks. Can we expect criminals to soon use tools such as ChatGPT to write lures that seem to have been crafted by a native speaker? Is AI a friend or foe to security? During this panel discussion, a group of security professionals will share their viewpoints on AI and how they see it impacting the future.

Steve Hindle Mad Mobile
Tamara Lauterbach Capital Rx
Richard Marcus AuditBoard

9 - 9:50 AM PT 1 CPE CREDIT

Steve Hindle Mad Mobile
Tamara Lauterbach Capital Rx
Richard Marcus AuditBoard

Session 2 10 - 10:50 AM PT 1 CPE CREDIT

Cybersecurity Disclosures: What’s Coming in 2023

Cyber breaches and resulting costs reached all-time highs in 2022, with an over 42% global increase in attacks. Organizations want to better prepare for and defend against cyber attacks, but they’re not getting the information they need to do it. Despite the lack of a federal mandate for open disclosure of data breaches and other cyber attacks, the U.S. government is working on solutions. The Cybersecurity & Infrastructure Security Agency (CISA), Cyber Safety Review Board (CSRB), Securities and Exchange Commission (SEC), and Senate are each working to establish guidance and disclosure protocols for preventing and responding to cybersecurity incidents. The Senate’s proposed Securing Open-Source Software Act of 2022 (SOSSA) is a step in the right direction, but the legislation doesn’t go far enough. During this session, John Wheeler will offer context, break down the legislation and its limitations, and share insights on what’s coming in 2023.

John Wheeler AuditBoard

10 - 10:50 AM PT 1 CPE CREDIT

John Wheeler AuditBoard

Session 3 11 - 11:50 AM PT 1 CPE CREDIT

Leveraging NIST to Its Fullest Potential

There’s no question that frameworks need to stay relevant with current and emerging threats so organizations can conduct assessments as efficiently as possible and provide practical, yet meaningful, assurances to stakeholders. NIST CSF is a strong base because it’s so practical — so how can companies leverage it to its fullest potential? This session will explore how organizations can get the most value from NIST, including best practices for reporting to the board and investors.

Mamadou Niang EY
John Bates EY

11 - 11:50 AM PT 1 CPE CREDIT

Mamadou Niang EY
John Bates EY

The Next Wave of Security Compliance Is Here

Stay ahead of the latest trends and regulatory updates at InfoSec Compliance Now, a free three-hour virtual event.

Get actionable knowledge and useful resources from leading practitioners, all designed to help you protect your organization in 2023.

Space Is Limited — Sign Up Today!

Gain Risk Insights
Learn From Compliance and Security Experts
Earn Up to 3 CPE Credits