ISACA Greater Washington, D.C. Chapter
Serving ISACA GWDC Members since 1974
Upcoming Chapter Events
Below are upcoming chapter conferences, seminars, review courses, and other events. Prior chapter events can also be viewed.
For information on our event policies, see https://isaca-gwdc.org/event-policies/.
- This event has passed.
Summer Seminar – Cybersecurity
July 27, 2023 @ 8:30 am - 12:30 pm EDT
Organizations face complex cybersecurity challenges and need to prepare in addressing current and future cybersecurity risks, protection of operations and sensitive data, and compliance with regulatory requirements. Join ISACA Greater Washington DC and Guidehouse for this summer seminar and don’t miss this opportunity to stay ahead of the curve and empower your organization to mitigate cybersecurity risks effectively.
Information security program managers, cybersecurity managers and professionals, IT audit professionals, business executives, students or professionals interested in learning about enhancing cybersecurity posture of organizations should attend this event.
Registration closes on July 26, 2023 @ 8pm. This is a free virtual event.
Event Sponsor
The GWDC is once again pleased to partner with our Platinum Sponsor Guidehouse on another series of summer seminars.
Agenda
8:30 AM – 9:30 AM
Asset Intelligence and Understanding Cyber Risk
Presenter: Amanda Kane (Guidehouse)
The proliferation of technology in today’s digital climate has led to an increase in digital assets, creating more complexity and risks for organizations in securing networks and protecting data. Many organizations struggle with fragmented asset management and outdated legacy systems as the link between asset intelligence and cyber resilience is often underestimated due to the rapid pace of technological advancements.
In this presentation, Amanda Kane will emphasize the need for an entity-wide shift in thinking, sophisticated tools for identity and access management, proactive asset management, and the right combination of technology and processes to improve asset intelligence and increase resilience against cyber threats.
9:30 AM – 10:30 AM
NIST SP 800-216 – Federal Vulnerability Disclosure Guidelines
Presenter: Dr. Kim Schaffer (NIST)
By establishing a vetted reporting structure, federal agencies can focus on mitigating and remediating vulnerabilities in their systems. NIST SP 800-216, Recommendations for Federal Vulnerability Disclosure Guidelines, describes the policies and procedures for receiving vulnerability reports, assessing them, communicating with stakeholders, and releasing advisories. The guidelines build upon ISO/IEC 30111 and ISO/IEC 29147 to cover the multitude of systems used by the Federal Government. In this presentation, Kim Schaffer will highlight the requirements of the IOT Cybersecurity Improvement Act of 2020, the process of adopting ISO/IEC standards for the Federal Government, and the steps to take for implementation.
10:30 AM – 11:30 AM
Cybersecurity: Challenges and Regulatory Trends in the Financial Services Industry
Presenters: Prasun Howli (Guidehouse) and Tracy Angulo (Guidehouse)
The compliance requirements for the ever-changing cybersecurity landscape are increasing and becoming a focal point of interest in the cybersecurity world. As a counter measure to the rising cybersecurity regulations, the adoption of best practices becomes crucial in developing a robust cybersecurity program, and strategies for safeguarding your organizations’ critical assets.
In this presentation, Prasun Howli and Alma Angotti will explore the latest trends and challenges in cybersecurity, with a special focus on two crucial regulatory frameworks: the NYDFS (New York Department of Financial Services) cybersecurity regulations and the SEC (Securities and Exchange Commission) proposed rule.
11:30 AM – 12:30 PM
Privileged Identity and Digital Risk Assessment Playbooks
Presenter: Dr. Kenneth Myers (GSA)
Privileged users are unique user types that perform various security-related duties. As such, privileged accounts are most likely to be targeted by cybercriminals or abused by malicious insiders. Unwanted behavior or compromised privileged accounts are responsible for the most high-profile federal and private security breaches. It is a critical Identity, Credential, and Access Management (ICAM) capability to secure privileged access.
In addition, digital identity represents each individual engaged in an online transaction. However, an individual’s real-life identity may not be known when used to access a digital service. Identity proofing helps establish that the individual is who they claim to be. Digital authentication provides reasonable risk based assurances that the individual accessing the application is the same individual who previously accessed the service.
In this presentation, Dr. Kenneth Myers of the GSA will discuss the Privileged Identity Playbook and Digital Risk Assessment Playbook.
Presenters
Amanda Kane Partner, Guidehouse
Amanda Kane leads the Identity and Access Management (IAM) offering within the Advanced Solutions Cybersecurity Solutions Team at Guidehouse. Amanda works with clients so that the right people, have the right access, to the right resources, for the right reasons. By taking an identity-centric approach, Amanda works supports clients in establishing IAM strategies, creating IAM solution roadmaps, and implementing IAM technical solutions in the areas of: identity governance, credentialing solutions, privileged access management, logical access control systems, and physical access control systems.
Dr. Kim Schaffer
National Institute of Standards and Technology
Dr. Schaffer is a cybersecurity specialist in the Information Technology Laboratory at the National Institute of Standards and Technology. Formerly a Laboratory Director of a cryptographic security test lab, Dr. Schaffer joined NIST in 2009 where he has been developing and integrating NIST and ISO/IEC cybersecurity standards. He has over 30 years of experience in cybersecurity, is a Certified Information Systems Security Professional, and holds a Doctor of Science in Information Assurance.
Prasun K. Howli
Director, Guidehouse
Prasun K Howli is a Director within Banking, Insurance & Capital Markets practice at Guidehouse. He has over 15 years of experience in advising and working with leading financial institutions. His experience has allowed him to manage some of the large and complex digital transformation, data privacy, cybersecurity, credit reporting and third-party risk management engagements delivering strategic operational improvements. He is experienced in leading alliances with technology vendors and system integrators delivering complex strategic digital transformation engagements with cross functional teams.
He led several cybersecurity and technology risk engagements using various frameworks, standards and regulatory requirements. He also led several data privacy engagements, digital transformation, payments and technology enablement engagements delivering strategic operational improvements.
Tracy Angulo
Director, Guidehouse
Tracy Angulo is a Director in the Financial Crime, Fraud, & Investigative Services (“FFI”) practice at Guidehouse. She is an accomplished attorney, Certified Fraud Examiner (“CFE”), and Certified Anti-Money Laundering Specialist (“CAMS”) with over 20+ years expertise in administrative law and investigations, the last 15 in securities law and regulation, financial crime compliance, anti-money laundering (“AML”) compliance and financial fraud investigations. At Guidehouse, Ms. Angulo has provided a wide compilation of financial crimes compliance and financial compliance services including projects for domestic and global financial institutions.
Prior to joining the private sector, Ms. Angulo served as a Principal Attorney Investigator in FINRA’s Enforcement Department for over six years and served as an Institutional Integrity Officer at the World Bank Group as a lead investigator in a variety of complex, high-profile fraud and corruption investigations.
Dr. Kenneth Myers
General Services Administration
Kenneth Myers is the Director of the Identity Assurance and Trusted Access Division with the General Services Administration Office of Government-wide Policy. He advises and coordinates government-wide cybersecurity policies and collaborates with federal executive branch agencies on implementation guidance. As an identity professional, he has experience working with various public and private organizations on digital identity, PKI, security management, and governance challenges. He is a former active duty Marine and received his Doctorate of Science in Cybersecurity from Marymount University.
Event Questions and Policies
Registration Questions
If you have any registration questions about this event, please contact the chapter using the Registration Contact Form.
If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.
Cancellation and Refund Policy
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.
If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.
Complaint Policy
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.
CPE Information
Earn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
Learning Objective
After attending this event, attendees will learn about recent topics in the cybersecurity space.
CPE-Related Details
- Prerequisites: None
- Advance Preparation: None
- Program Knowledge Level: Basic
- Delivery Method: Group Internet Based
- Field of Study: Information Technology – Technical