Risk Management and Governance Conference 2024

Where Is AI Taking Us? Cyber influence Operations and Synthetic Media

Presenter: David Branscome (Microsoft)

Tools like ChatGPT, OpenAI and DALL-E have burst onto the scene with a usability and simplicity that makes the use of AI seem to be easy enough for a child to use.

But is that good or bad? The answer may depend on who you ask.

In this discussion, we’ll look at how nation-states are using AI tools to shape public opinion to achieve their political and strategic goals. We’ll look at the cyberinfluence campaigns surrounding COVID-19 and the ongoing war in Ukraine, as well as the use of AI to digitally manipulate media for political gain. We’ll also investigate the tools being developed to counter these trends and help ensure the information we consume can be trusted.

AI Risk Assessment: Where to Start, What to Ask, and Things to do About the Risk

Presenter: Joe Veroneau (Conveyor)

As AI advancements revolutionize business decision-making, understanding how to evaluate and mitigate AI-associated risk is top of mind for all companies. In this session, participants will learn practical ways to scope and prioritize where to start when including AI risk in their wider risk assessment methodology. Participants will learn to evaluate if AI risk is present critically, assess the potential impact and navigate the potential risks of AI-powered companies and processes.

Bleeding Edge of Cybersecurity Risk

Presenters: Ramona Ratiu (Zurich Insurance and DePaul University) and Alex Islamov (MorganFranklin Consulting)

The presentation on the bleeding edge of cybersecurity risks offers a comprehensive exploration of the ever-evolving landscape of digital threats and vulnerabilities. We will delve into the intricacies of emerging technologies like artificial intelligence, quantum computing, the Internet of Things (IoT), and Information and Communication Technologies (ICT), which are being harnessed by sophisticated threat actors to launch unprecedented cyberattacks. You will gain insights into the growing menace of ransomware, supply chain attacks, and state-sponsored cyber espionage, along with the escalating challenges these pose to organizations worldwide. By highlighting the need for proactive adaptation, robust threat intelligence, and innovative cybersecurity strategies, this presentation will equip you with the knowledge and tools to navigate the cutting-edge risks in today’s digital world effectively.

Information Risk Management

Presenter: Jay Ranade (Risk Management Professionals)

Information is the life blood of the organization, because information risk is primarily to the business processes. Without information (data), there is no business. Protecting data from confidentiality, integrity, availability, and privacy perspective is of paramount importance. Even from the enterprise risk management perspective, all OTHER enterprise risks depend upon information. Information risk management revolves around identifying risks, measuring risk, treating risk, and monitoring risk. One of the most complex tasks in information risks is designing KRIs and KCIs, where most of the organizations make mistakes.

David Branscome
Global Partner Solutions Architect for Security, Compliance and Identity @ Microsoft
CISSP, GCWN, GCED, GCDA, GMOB, GCIH, GISP, GSEC, GSOC, GCFA, GDAT, GCPN, GCFR

David is a Global Partner Solutions Architect for Security, Compliance and Identity at Microsoft. In this role, David is responsible for training and supporting Microsoft partners on the latest security compliance and identity solutions, including Microsoft 365, Azure and Windows.

Joe Veroneau
Director, Trust & Security @ Conveyor Inc.

Risk management professional with wide experience across GRC domains in an operational and advisory capacity. Currently specializing in cloud security compliance.

Ramona Ratiu
Global Head of Cyber Tabletop Exercises- Cybersecurity – Zurich Insurance
Adjunct Professor – IT Risk Management – DePaul University
Board Strategic Advisor/Past President – ISACA Chicago Chapter
SheLeadsTech Ambassador
MS, CISA, CISM, GSTRT

Ramona Ratiu’s current role at Zurich Insurance Group focuses on effective risk planning strategies as the core for strengthening, improving, and maturing the cybersecurity program. She successfully leads transformational cybersecurity projects through her strong planning and organizational skills. Ms. Ratiu’s experience in information security, governance, audit, risk management, and compliance helped her develop and implement technical and procedural solutions, enabling stakeholders to achieve and sustain compliance efficiently across multiple standards.

Ms. Ratiu holds a bachelor’s degree in finance and earned the Master of Science in Information Security and Compliance from DePaul University. In addition, she holds these certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM), COBIT5 Foundations, ITIL Foundations Certificate and GIAC Strategic Planning, Policy and Leadership (GSTRT).

Alex Islamov
Director, Cybersecurity Strategy and GRC @ MorganFranklin Consulting
Credentials

Alex Islamov is the Director of Cybersecurity Strategy and Risk, and a leader of the MorganFranklin Consulting Cyber Financial Services pillar with over 18 years of experience helping companies navigate complex compliance and regulatory environments while providing comprehensive operational, information technology, and information security risk management solutions. Alex offers extensive experience in software and technology, healthcare, manufacturing and distribution, and financial services industries with significant subject matter expertise in IT Audit, IT SOX, IT/IS Governance, Regulatory Compliance, Data Privacy and Protection, Information Security and Cybersecurity, Enterprise Risk Management, Third-Party Risk Management, and Finance & Accounting. In addition, Alex possesses deep knowledge and understanding of the regulatory standards and frameworks such as COSO, SOX, NIST (800-53 and CSF), HIPAA, CSA CCM, FISMA, FedRAMP, CIS CSC, PCI-DSS, HITRUST, ISO, and SOC 1/2/3. Prior to joining MorganFranklin Cyber, Alex spent over 15 years in management/leadership positions at leading accounting firms, financial institutions, and software companies.

Jay Ranade
Senior Trainer @ Risk Management Professionals
CIA, CISA, CISM, CISSP, ISSAP, CGEIT, CRISC, HCISPP, CRMA, and CBCP

Jay Ranade, a certified CIA, CISA, CISM, CISSP, ISSAP, CGEIT, CRISC, HCISPP, CRMA, and CBCP is an internationally renowned expert on computers, IT Risk management, disaster recovery, IT Security, cyber security and IT controls. He has written and published more than 37 IT-related books on various subjects ranging from networks, security, mainframe/distributed operating systems, and computer programming languages. He also has an imprint with McGraw-Hill with more than 300 books called the “Jay Ranade Series” with more than 7 million copies in print. His books have been translated in German, Portuguese, Spanish, Japanese, Chinese, and Korean. The New York Times critically acclaimed his book called the “Best of Byte” with endorsements from Bill Gates and Steve Wozniak.

Jay has consulted and worked for Global and Fortune 500 companies in the US and abroad including AIG, Merrill Lynch, Dreyfus/Mellon Bank, Johnson and Johnson, Unisys, McGraw-Hill, Mobiltel Bulgaria, Central Bank of Armenia, and Credit Suisse. His classes and lectures have been attended by employees of almost every Fortune 500 company globally.

He teaches graduate-level classes on Information Security Management and Ethical Risk Management at New York University. Jay is also an adjunct professor at St John’s University and teaches graduate-level classes on Accounting Information Systems, IT Auditing, Internal Auditing, Security/Forensics, and Operational Risk Management. Jay is senior faculty member for Wharton Executive Education program for U of Penn.

Jay teaches ISACA credentialing courses (CISA, CISM, CRISC, CGEIT, CSX-F) and non-credentialing classes for ISACA NY Metropolitan chapter, London, Singapore, Armenia, Bangkok, Bermuda, Cayman Islands, US Navy, and US Army.

Jay was awarded President’s “Outstanding Educator Award” by ISACA NY Metropolitan Chapter in June 2013.