ISACA Greater Washington, D.C. Chapter
Serving ISACA GWDC Members since 1974
Below are upcoming chapter conferences, seminars, review courses, and other events. Prior chapter events can also be viewed.
For information on our event policies, see https://isaca-gwdc.org/event-policies/.
The ISACA GWDC Chapter is proud to host our 2023 Women in Technology and Leadership Conference. This conference is our premier annual event centered around the experience of women in technology and leadership positions. Our technology enrichment topics will focus on awareness and strategies around Cybersecurity, Data Privacy, and Technology Leadership. Specific leadership focus areas include how to pursue IT and Cybersecurity roles in the organization, discuss if the glass ceiling is too low, and how women and advocates may support women’s career paths in technology. Our speakers are top leaders and experts in the technology field, ready to share their experiences, insights, and tips for succeeding in a rapidly evolving industry. Attendees will have the opportunity to learn about the latest trends and challenges, connect with like-minded professionals, and engage in thought-provoking discussions.
This is an in-person event that will be held at the Hilton McLean Tysons Corner. IT executives, management and operations staff, risk management leaders and professionals, IT auditors, cybersecurity professionals, students or anyone interested in learning more about this topic should attend this event.
There will be a free networking session after this event. A separate RSVP is required to attend the networking session.
Registration closes on March 28, 2023 @ 5 pm.
If your organization is interested in being a sponsor for this event, please contact Bonita Patillo, Special Events Director, for details on sponsorship opportunities. (Go to the Contact Us page select “Special Events” under “I have a question about”)
10:00 AM – 11:00 AM
Never Trust, Always Verify: The Zero Trust Approach to Cybersecurity
Presenter: Sushila Nair (Capgemini)
Zero Trust is a cybersecurity model that assumes that all resources and services, both internal and external, are not inherently trustworthy, and therefore require strict access control and continuous verification. It’s a departure from traditional perimeter-based security models, which assume that everything inside the network is safe by default.
This presentation will cover the key principles of Zero Trust, including the principle of never trusting, always verifying, the importance of strong identity and access management, and the need for continuous monitoring and analysis of all network activity. We will also discuss the various components of a Zero Trust architecture and how it differs from traditional security models.
Additionally, the presentation will provide an overview of the steps required to implement a Zero Trust architecture, the benefits of Zero Trust, and how Zero Trust can help organizations meet regulatory and compliance requirements. We will also discuss how auditors can assess the effectiveness of a Zero Trust architecture.
By the end of this presentation, attendees will understand the importance of implementing a Zero Trust architecture and how it can help improve their organization’s cybersecurity posture. They will have a solid understanding of the key principles, architecture, and benefits of Zero Trust, as well as how to implement it and how to assess its effectiveness. Overall, the goal is to provide attendees with the knowledge and tools they need to take the first steps toward a Zero Trust architecture.
11:00 AM – 12:00 PM
Taking an Identity-centric Approach to Zero Trust
Presenter: Christine Owen (Guidehouse)
“Identity is the new perimeter” is being repeated over and over again, because it’s true! A viable Zero Trust Architectures requires a mature, enterprise-wide IAM program so an organization can understand who is accessing its resources. Christine will discuss the different IAM tools necessary, and how they interact together to create the foundation of Zero Trust.
12:00 PM – 01:00 PM
01:00 PM – 02:00 PM
Presenter: Cortney Worthy (Zoom) and La-Nay Grant (Cisco)
During this session, Cortney will cover the following topics:
02:00 PM – 03:00 PM
Resilience in an Era of Disruption
Presenter: Terry Grafenstine (Citi)
We are living in a world where pandemics, social unrest, cyber-attacks, and geo-political tensions are becoming the norm. To survive in this era of disruption, organizations must shift from a traditional Business Continuity/Disaster Recovery (BCDR) model to Enterprise Resilience. In this session, attendees will learn about:
03:00 PM – 04:00 PM
Crack the Cybersecurity Career Code – CISO’s guide to different career paths in cybersecurity
Presenter: Ruchi Shewaramani (WA Health Benefit Exchange)
Do you aspire to join cybersecurity? Already in cybersecurity and aiming to be a CISO? Did you know you do “not” have to be highly technical to excel in cybersecurity?
In this session, Ruchi Shewaramani will present the various career paths to enter and excel in the highly sought after domain of cybersecurity. She will break some popular myths about cybersecurity. You will hear in depth on the various career opportunities across the fields of Application Security, Identity & Access Management, Cloud Security and Governance, Risk and Compliance.
04:00 PM – 05:00 PM
Panelists: Cortney Worthy (Zoom), Sarah Abedin (BreaktheTide), K. Casey Watkins (FTI Consulting, Inc.), and Whitney Singletary
During this session, panelists will discuss the following questions:
05:00 PM – 07:00 PM
Immediately following this event, the GWDC will host a networking event. A separate RSVP is required for the networking event.
Vice President – North American Cybersecurity Practice at Capgemini
CISSP, GIAC GSTRT, CISA, CISM, CRISC, CDPSE, CCSK, CCAK
Sushila Nair is Capgemini’s Vice President, North American Cybersecurity practice. Capgemini is a global leader in providing secure digital transformation for our clients. Sushila has most recently served as the Vice President for cybersecurity offers at NTT Data Services and has held the role of a CISO for 10 years. Sushila has over 30 years of experience in computing infrastructure, business and security risk analysis, preventing credit card fraud, and served as a legal expert witness. Sushila has been featured in global technical events including RSA, Segurinfo and ISACA’s global conferences, co-authored books and is regularly quoted in the press. She plays an active role in supporting best practices and skills development within the cybersecurity community through her work with ISACA and CSA.
Sushila is part of the ISACA global emerging trends working group and vice president of ISACA Greater Washington, D.C. Chapter. Sushila Nair was named by IT Security Guru as one of the Most Inspiring Women in Cyber 2022!
Director at Guidehouse
Christine C. Owen is a recovering attorney who found solace as the Zero Trust Lead at Guidehouse. She is interested in securing people, things, applications, devices, and the cloud taking an identity-centric approach. Christine oversees and manages client engagements to provide enterprise IAM and Zero Trust solutions.
Christine learned IAM principles while consulting for an IAM program that encompassed the entire Federal government. She then moved into a sandbox, teaching First Responders how to secure their systems; her work resulted in the ICAM Educational Series, published on the DHS S&T website. In her downtime, Christine enjoys bourbon, her grumpy Westie, and chatting about IAM with anyone who will listen.
Leader of Data Governance & Compliance at Zoom Video Communications
Cortney Worthy is a passionate Data Governance & Management executive with 14+ years experience. A Mississippi native, Cortney relocated to the DC Metro area after obtaining a degree in Finance from the University of Memphis and started a career in government consulting. She has successfully led the stand up of several Chief Data Offices across multiple government agencies to include the Department of Defense, Department of State, and United States Citizenship and Immigration Services. Cortney currently serves as the Leader of Data Governance & Compliance at Zoom Video Communications where she leads the maturation of data governance capabilities. Cortney’s self-proclaimed super power is her ability to “build relationships of influence to lead organizations to data driven insights with governance as a foundation”. When she’s not working tirelessly to ensure your data is safe and secure, she serves as a Girl Scout Leader mentoring the next female generation of developers, engineers, data scientists, and leaders. You can also find her making her way up the charts on the Peloton leader board!
Chief Information Security Officer at WA Health Benefit Exchange
Ruchi Shewaramani is a cyber security executive with 15+ years of experience in Information Technology Security, Identity and Access Management (IAM), Governance, Risk and Compliance (GRC) across Healthcare, Education and Financial institutions. She holds a Masters in Software Engineering from Seattle U. In the last decade, she has managed the security program for various Health and Human Services Agencies in the District of Columbia (DC) and Washington state and successfully cleared numerous federal audits. She specializes in leading HealthCare agencies to secure their data, be compliant with state/federal partners and provide digital trust to the citizens they serve. She is currently serving as the Chief Information Security Officer for WA Health Benefit Exchange and as a Board member for ISACA Greater Washington DC Chapter.
Chief Auditor, Technology and Business Services at Citi
CPA, CISSP, CISA, CIA, CRISC, CGEIT, CGAP
Terry Grafenstine was appointed as the Chief Auditor for Technology and Business Services in November 2020. She is responsible for leading the Internal Audit teams covering technology infrastructure, cyber, resilience, platforms and applications within businesses and functions, and global business services. Terry joined Citi in April 2019 as the Chief Auditor of Cyber, Third Party Risk Management, and Business Continuity.
Terry has over 25 years of experience in the internal auditing and information technology profession. Before joining Citi, Terry was a Managing Director in Deloitte’s Risk and Financial Advisory practice where she provided strategic advisory services to Chief Audit Executives across all commercial industries and IT audit, risk, and governance advisory services to first line executives in the defense and national security space. Prior to joining Deloitte, Terry served for eight years as the appointed Inspector General of the U.S. House of Representatives, where she designed, managed, and delivered audit and investigative services, including the annual financial statement audit and a comprehensive cyber assurance program.
Terry has held numerous leadership roles to support the auditing, accounting, and information technology profession, including as ISACA’s Global Chair (2017-2018) and as a member of the AICPA board of directors. She currently serves on both the IIA’s North American and Global Boards of Directors. Terry speaks globally on a wide range of subjects, including cyber security, internal auditing, accounting standards, resilience, leadership, and risk. In 2019, the Institute of Internal Auditors (IIA) recognized Terry as one of the “Top Ten Audit Thought Leaders of the Decade” and inducted Terry into their Hall of Distinguished Audit Practitioners, the highest honor given by the IIA’s North American board for the accomplishments and contributions made by individuals to advance the internal audit profession. She has received numerous awards and accolades, including FedScoop’s “Golden Gov Federal Executive of the Year,” the Greater Washington DC Society of CPAs “Government CPA Leader of the Year”, the NY Metropolitan ISACA Chapter’s “Joseph J Wasserman Cyber and Governance Leader of the Year,” and ISACAs “Common Body of Knowledge” and “Best International Conference Speaker of the Year” awards.
Terry holds a bachelor’s degree in Accounting from Saint Joseph’s University and is a Certified Public Accountant (CPA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified In Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), and Certified Government Auditing Professional (CGAP). Terry has been with Citi IA for 4 years, has 29 years of auditor experience and 2 years of non-auditor experience.
Founder and CEO of BreaktheTide
CISA, CGEIT, CRISC, CDPSE
Sarah Ahmad Abedin is the Founder and CEO of BreaktheTide, a 501c(3) nonprofit organization in the United States. BreaktheTide (www.breakthetide.org) provides a fundraising platform for nonprofit organizations to help raise funds for empowering women, children and underprivileged communities. She is a Board member of Sambhali U.S., a nonprofit organization in the United States. Sambhali U.S. is a volunteer organization for Girls and Women Empowerment in Jodhpur, India. Sarah is also a Board member of Gultaz Memorial School and College in Doulatpur, Chattogram, Bangladesh.
Sarah is an Information Technology and Cybersecurity expert by profession with extensive management and leadership experience on a broad range of complex, fast-paced environments in public and private sectors. She started her career as an IT Auditor for the State of Michigan Office of the Auditor General and over the next 30 years she has worked in various capacities for global companies like KPMG, Financial Industry Regulatory Authority (FINRA), NASDAQ Stock Market, IBM and others. Sarah specialized in IT Security, Cybersecurity, Enterprise Governance, Risk, Compliance and Privacy in addition to her audit experience (internal and external). Her expertise is in the US Federal Law (NIST, FISMA, FedRAMP, US Data Privacy law, SOX, HIPAA), COBIT with an emphasis on Strategy, Governance, Risk, Compliance, Security and Privacy.
Sarah has always been passionate to work in the developmental areas for empowering girls and women. She has been a mentor and a founding Advisory Council Member of ISACA’s SheLeadsTech (2017-1018). She was also the first Bangladeshi American President (2013-2016) of the Greater Washington DC (GWDC) Chapter of ISACA, the largest chapter in the world. She was a Member of Privacy Advisory Group of ISACA (2020-2021) and Governance Committee of ISACA (2019-2020). She was an Expert Reviewer of COBIT 2019 Framework (Introduction & Methodology; Governance & Management Objectives). She started the annual Women in Leadership & Technology conference for GWDC in 2016 and hosed this event every year since 2016 to present.
Sarah was an Adjunct professor at the University of Maryland Global Campus (Fall 2012) and an Advisory Board Member of University of Maryland Global Campus, Graduate School of Management and Technology (Financial Management & Accounting).
Sarah obtained her BBA in Accounting Information Systems from Eastern Michigan University and MBA in Electronic Business from Carey Business School of Johns Hopkins University.
Data Governance Leader, CISCO
La-Nay is a leader within Data Governance and has 15+ years of experience. She began her career as a Congressional Intern then led advanced Data Analytics efforts as a Federal Government employee. She is an Ex-Big Senior Manager that now works for Cisco. In her current role she creates policy and initiatives that ensures her organization is compliant with local and international rules and regulations. As well as moving data operations forward by creating robust and innovative solutions that increase business value. She is a big believer in understanding how users see, process, and execute on data from various angles to best effect change.
La-Nay is a lifelong East of the River Washingtonian. She is a proud HBCU graduate and an active alumni member. She has created and launched mentoring programs focusing on HBCU students and STEM based extracurricular programs for middle school students. She holds a BS in Information Science and Systems from Morgan State University and a MA in Forensic Psychology from Marymount University.
K. Casey Watkins
Head of Global Cybersecurity & Privacy, FTI Consulting, Inc.
For more than 15 years Casey Watkins has served as FTI Consulting’s Head of the Global Cybersecurity & Privacy (GCP) Division based in the Mclean, VA office.
Mr. Watkins is an information security, privacy and risk management professional, executive, researcher and cybersecurity change agent with many years of information technology and business leadership experience. He is responsible for maintaining FTI’s security and privacy standards and keeping the firm’s security and privacy program up to date. He has over 30 years professional experience in Information Technology and Management with experiences in IT Management, Project/Program Management, Network Engineering, Systems development design, analysis and implementation; Information Security and IT Audit for complex multi-national organizations and the Department of Defense having spent a combined total of 24 years active and reserve as an Officer in the United States Army.
Hilton McLean Tysons Corner
7920 Jones Branch Drive
McLean, Virginia 22102
Hotel Website | Phone Number: (703) 847-5000
The hotel offers complimentary parking (Ballroom Entrance / South Parking location).
The hotel offers free shuttle pick up service from Tysons Corner Metro Station. To arrange a pickup, call the hotel at 703-847-5000.
Event Questions and Policies
If you have any registration questions about this event, please contact the chapter using the Registration Contact Form.
If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.
Cancellation and Refund Policy
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.
If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.
Earn up to 6 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.