Andrew W. Morrison

Principal - Deloitte & Touche LLP

Andrew is a Principal in Deloitte & Touche LLP’s Cyber Risk Services Practice and specializes in assisting clients with the risk associated with cyber threats. Andrew currently serves as the U.S. leader of Deloitte’s Cyber Strategy, Defense, and Response practice. In this capacity, he is responsible for Deloitte’s Cyber Strategy and Governance practice, Cyber Threat intelligence practice, and Cyber Defense and Incident Response teams. His focus is on the development and delivery of cross-industry services helping clients improve their preparedness for cyber-attacks, and accelerating enterprise business recovery in the wake of cyber incidents. Andrew also works closely with Boards of Directors and executive teams on the governance of Cyber Risk including serving as the chair of the Governance Center Cybersecurity Working Group Cyber Security working group for The Conference Board. Andrew has 20+ years of experience in information security and privacy and is a frequent speaker on Cyber Risk topics for boards, conferences and the media.

Jason Sechrist

Director of Compliance Advisory Services - Auditboard

Jason Sechrist is the Director of Audit Solutions at AuditBoard where he works with various internal audit and compliance teams to help automate the administrative tasks of audit, risk and compliance activities. He previously was the Global Head of Internal Audit at Rackspace Managed Cloud Company where his responsibilities included developing and executing on a risk-based audit plan for the company’s global footprint of data centers and office locations across the Americas, Europe and Asia. Jason started his auditing career with PwC in Silicon Valley, working primarily with software and cloud service providers where he advised CTOs, CISOs, compliance managers, and system engineers. Prior to becoming an auditor, he led user testing and development for global aviation weather visualization software as a service while serving on active duty for the United States Air Force. Jason has previously spoken at the IIA’s GAM and AllStars conferences, and continues to speak at various ISACA and IIA local chapter events.

Adam Keagle

Director, Risk Advisory Services - RSM US LLP

Adam is part of RSM’s security and privacy risk consulting practice. With over two decades of experience in the information systems field, he has led, managed, and executed in a variety of domains, including IT operations, penetration testing, regulatory compliance, and risk management. He has served in various roles within RSM including regional payment security leader, third party security assessments leader, and technical trainer to support the firm’s quality and methodology standards.

His technical skills, paired with a business-focused approach to solving problems, has been applied in a diverse set of industries, which include utilities, oil, manufacturing, higher education, financial services, health care, federal government, and national defense. Through a broad career in consulting and industry, Adam has a demonstrated ability in advising companies to identify, prioritize, and manage IT risk.

Charles Barley Jr.

Principal, Risk Consulting - RSM, US LLP

Charles is responsible for the delivery of cybersecurity governance, risk and compliance services and serves as cybersecurity government contractor industry champion, in addition to functioning as RSM’s East market growth leader of the security and privacy risk solution. He has over 20 years of consulting experience and has served several multinational government contracting organizations and public sector institutions.

Charles has advised several government contractors with the design and implementation of their information security posture and corresponding IT risk management program aligned to the expectations of DFARS 252.7012, Cybersecurity Maturity Model Certification (CMMC) security framework and the implementation of governance and technical controls based on NIST 800.171 as well as related information security standards. Specifically, he led the development of IT process/risk/control frameworks, designed the overall information security strategy and tactical execution plan, managed the implementation of technical solutions, established information security risk assessment programs, performed data quality and integrity assessments, worked with vendor risk management programs and developed operational improvements for enterprise IT risk and compliance functions.

Furthermore, Charles has led a number of CMMC readiness initiatives and security transformation agendas, in addition to data protection assessments and policy development engagements, which focused on security governance, data privacy, information classification and overall data protection programs for data rich organizations. Lastly, Charles recently served as the national leader of RSM’s African American employee network group, where he was responsible for defining and implementing the overall strategy in line with the firm’s culture, diversity and inclusion program.Prior to RSM, Charles served as the global director of IT audit with a global organization, where he was responsible for establishing and leading the global IT risk and audit function for the organization and supporting the initial public offering and Sarbanes-Oxley readiness and implementation activities.

Richard Marcus

Head of information security - Auditboard

Richard leads the Information Security Team at AuditBoard where he is focused on product, infrastructure, and corporate IT security. He is also responsible for leading the charge on AuditBoard's own internal compliance initiatives. In this capacity, he has become an AuditBoard product power user, leveraging the platform’s robust feature set to satisfy compliance, risk assessment, and audit use cases.


APRIL 22, 2021
9 AM - 12 PM PDT // 12 PM - 3 PM EDT

Join other InfoSec Compliance leaders to explore the hot topics, emerging trends, and progressive approaches advancing the function today.

Speakers & Sessions

Hear compliance and information security experts share cutting-edge resources and action-driven knowledge to help you stay current with the shifting compliance landscape.

Learn More
Logo image of Andrew W. Morrison - Principal at Deloitte & Touche LLP
Andrew W. Morrison
Deloitte & Touche LLP
9:00 AM - 9:55 AM PDT

The Evolution of Cyber Risk:
Entering the Era of Maturity and Ubiquity

Get up to speed on the current cyber threat landscape and take home practical steps to strengthen governance and compliance while maximizing resiliency to prepare for a next-gen cyberattack.

Logo image of Richard Marcus - Head of Information Security at AuditBoard
Richard Marcus
Head of Information Security
Logo image of Jason Sechrist - Director of Compliance Advisory Services at AuditBoard
Jason Sechrist
Director of Compliance Advisory Services
10:00 AM - 10:55 AM PDT

Harmonized Control Framework:
Easier than You Think

Whether you are aligning to NIST, ISO, PCI, or moving toward CMMC, learn how our clients are developing and implementing a “perform once, comply many” approach, and how a harmonized approach impacts the mapping of your IT risk assessment and ISMS policies.

Logo image of Charles Barley Jr. - Principal, Risk Consulting at RSM US LLP
Charles Barley Jr.
Director, Risk Consulting
Logo image of Adam Keagle - Director, Risk Advisory Services at RSM US LLP
Adam Keagle
Director, Risk Advisory Services
11:00 AM - 12:00 pM PDT

What You Need to Know About the CMMC Framework

Learn tactics to reach and maintain compliance with the U.S. Department of Defense’s new Cybersecurity Maturity Model Certification (CMMC) framework, which could well become the next industry standard — not unlike NIST frameworks or ISO standards.