BEGIN:VCALENDAR VERSION:2.0 PRODID:-//ISACA Greater Washington, D.C. Chapter - ECPv6.16.4.1//NONSGML v1.0//EN CALSCALE:GREGORIAN METHOD:PUBLISH X-ORIGINAL-URL:https://isaca-gwdc.org X-WR-CALDESC:Events for ISACA Greater Washington, D.C. Chapter REFRESH-INTERVAL;VALUE=DURATION:PT1H X-Robots-Tag:noindex X-PUBLISHED-TTL:PT1H BEGIN:VTIMEZONE TZID:America/New_York BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20220313T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20221106T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20230312T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20231105T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20240310T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20241103T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20250309T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20251102T060000 END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTART;TZID=America/New_York:20240815T083000 DTEND;TZID=America/New_York:20240815T123000 DTSTAMP:20240911T155507Z CREATED:20240805T221256Z LAST-MODIFIED:20240911T155507Z UID:32563-1723710600-1723725000@isaca-gwdc.org SUMMARY:Summer Seminar on Cryptocurrency\, Blockchain\, and Security DESCRIPTION:Join us for an exciting virtual summer seminar event hosted by Guidehouse and the ISACA GWDC chapter. This year’s topic focuses on one of the most relevant topics of the time\, Blockchain\, Cryptocurrency\, and Security. This event brings together a lawyer\, industry experts\, and academic researchers to deliver insightful presentations on various aspects of distributed ledgers\, including its benefits\, challenges\, risks\, and legal issues. \nAll are welcome to join this free information session and bring questions for the expert speakers. If you are interested in exploring the latest trends\, strategies\, and best practices in the fundamentals of Cryptocurrency and Blockchain\, this event is for you. \nRegistration closes on August 14 @ 5 pm.  Please note\, CPE credits will not be issued for this event. \nRegister Today! \n  \nEvent Sponsor \nThe GWDC is once again pleased to partner with our Gold Sponsor Guidehouse on this summer seminar. \n \n  \n  \nAgenda \n\n\n08:30 AM – 09:30 AM \n\n\nShifts in the Concept of Trustworthy Information Systems Induced by Permissionless Blockchain \nPresenter: Shin’ichiro Matsuo (Georgetown University\, CS Department) \nBlockchain technology\, invented by Satoshi Nakamoto in 2008 through a paper without peer review\, was designed with the aim of eliminating single points of failure in ledger systems based on cryptographic timestamping technology. The objective of removing single points of failure is a critically important concept in the context of information system security. However\, even after sixteen years\, numerous security incidents\, including private key leaks and vulnerabilities in smart contracts\, have occurred\, suggesting that the original technical goals have not yet been fully achieved. This presentation will revisit the fundamental technical objectives of blockchain technology and discuss how contemporary blockchain systems have altered the structure of trust points within systems. Additionally\, it will address the new requirements needed to ensure the security and auditing of systems utilizing blockchain in the future. \n\n\n\n09:30 AM – 10:30 AM \n\n\nDigital Assets: Central Bank Digital Currency and AML Risks \nPresenter: Alma Angotti (Guidehouse) \nIn the modern financial landscape\, understanding the Central Bank issued Digital Currency and the inherent and residual Anti-Money Laundering risks and control environment is a challenge all practitioners face. In this presentation\, learn how these standards are changing globally and why Digital Assets\, and the associated risks are of great importance to the United States. \n\n\n\n10:30 AM – 11:30 AM \n\n\nThe Changing Regulatory Environment for Blockchain\, Crypto and NFTs \nPresenter: James Gatto (Sheppard Mullin) \nThis presentation will address the recent changes in the regulatory environment for Blockchain\, Crypto and NFTs and why these changes may drive greater activity in this space. Specific topics to be covered: \n\n An overview of the Blockchain\, Crypto and NFT industry and technology\n An overview of the historical regulatory environment\n The power struggle between the CFTC and SEC and how that is likely to be resolved\n How the market has turned the tables on the SEC and overview of some of the significant legal battles\n The potential impact of the upcoming election on the regulatory environment\n\n\n\n\n11:30 AM – 12:30 PM \n\n\nA Collision Course: Classical Finance and Cryptocurrency \nPresenter: Jonathan Shiery (Guidehouse) \nAs financial technology continues to evolve the traditional banking and payment domains\, cryptocurrency and blockchains come to the forefront to replace classical financial methods. Cryptocurrency and blockchain continue to gain prominence with investors and financial institutions as a device for financial activities; cryptocurrencies promote anonymity and blockchains provide transparency. This presentation will dive into the benefits of crypto and blockchain in building faster payment systems and securing legitimate banking activities while analyzing the associated regulatory\, volatility\, and cyber risks. \n\n  \nPresenters \n\n\n \n\n\nShin’Ichiro Matsuo\nResearch Professor @ Georgetown \nDr. Shin’ichiro Matsuo is a research professor specializing in cryptography and information security at Virginia Tech and Georgetown University. At Georgetown University\, he co-directs CyberSMART research center\, a National Science Foundation (NSF) Industry-University Collaborative Research Center (IUCRC)\, and leads blockchain technology and ecosystem design. He is an acting co-chair of Blockchain Governance Initiative Network (BGIN). He also co-founded the BSafe.network\, a global and neutral research test network for Blockchain technology. Previously\, he served as the head of the Japanese national body of ISO/IEC JTC1 SC27/WG2. He’s led the security standardization project of Blockchain (ISO TC307). He was a member of OECD Blockchain Expert Policy Advisory Board (BEPAB). \n \n\n\n\n \n\n\nAlma Angotti\nPartner @ Guidehouse \nAlma Angotti is a Partner\, Financial Crime\, Fraud and Investigation Services practice at Guidehouse. Ms. Angotti is a recognized expert in financial crime and economic sanctions compliance. With over 25 years of experience in regulation and enforcement\, Ms. Angotti has held senior enforcement positions at the U.S. Securities and Exchange Commission (SEC)\, U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) and FINRA (Financial Industry Regulatory Authority). In these positions\, she was responsible for investigations and enforcement of the Bank Secrecy Act\, the federal securities laws\, and FINRA rules. \nShe leads the firm’s FinTech and digital assets compliance projects\, which includes risk assessments\, compliance program builds\, independent tests\, stable coin reviews\, and oversight of BAU compliance implementation\, and fiat and on-chain look-backs. Her clients include some of the largest cryptocurrency exchanges of all types and she is on the advisory board of the Global Digital Assets and Crypto Currency Association and the Digital Dollar Project. \n \n\n\n\n \n\n\nJames Gatto\nLawyer @ Sheppard Mullin \nJames Gatto has been a leading lawyer for 35 years providing business-focused\, legal advice on all aspects of intellectual property strategy\, technology transactions\, technology-related regulatory issues\, and litigation\, especially ones driven by new business models and/or disruptive technology. For over 20 years he has focused on Artificial intelligence legal issues (e.g.\, training\, policies\, IP\, regulatory issues). He is an Adjunct Professor at Ole Miss Law School where he teaches “Legal Issues with AI.” He is a frequent author and speaker on AI. Some of his recent talks include: \n\n Invited Speaker\, Korean Copyright Office “AI and Open Source” \n Speaker\, US Copyright Office Listening Session on AI Authorship \n Speaker\, USPTO Listening Session on AI Inventorship Issues \n\nHe is an industry leader\, with prominent roles in a number of top tier legal organizations\, including:  \n\n Appointed member\, ABA-IPL AI/Machine Learning Task Force \n Co-Chair\, AI Subcommittee\, AIPLA \n Member\, Artificial Intelligence Committee\, International Technology Law Association\n\n \n\n\n \n\n\nJonathan Shiery\nPartner @ Guidehouse \nJonathan Shiery is a Partner within the Financial Services segment at Guidehouse and leads Guidehouse’s Payment Services where he advises complex financial institutions on how to accelerate their payment modernization investment returns\, reduce costs through payment operations outsourcing\, and control and mitigate operational risk throughout the payments value chain. Jonathan is currently on the Board Advisory Group of the U.S. Faster Payments Council and held a leadership role in the Federal Reserve’s Faster Payments Taskforce and as the first Regulatory Workstream Chair for the U.S. Faster Payments Council. \nMr. Shiery has two decades of experience managing transformational engagements for some of the largest global financial institutions and corporations as well mid-market and regional institutions in response to shareholder\, board\, and C-level objectives. He has advised and led engagements on over $25 billion of M&A\, Operations and Technology Modernization\, Data Management and Analytics\, Payments\, and Governance\, Risk\, and Compliance investments. \n \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Zoom.  \n The zoom link will be emailed to you when you register. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nNo CPEs will be awarded for this event. \n  URL:https://isaca-gwdc.org/event/summer-seminar-on-crypto-blockchain-security/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/08/summer-seminar-crypto-2024.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240718T083000 DTEND;TZID=America/New_York:20240718T123000 DTSTAMP:20240911T155507Z CREATED:20240630T151003Z LAST-MODIFIED:20240911T155507Z UID:32429-1721291400-1721305800@isaca-gwdc.org SUMMARY:Summer Seminar on Artificial Intelligence (AI) and Generative AI DESCRIPTION:Join us for an exciting virtual summer seminar event hosted by Guidehouse and the ISACA GWDC chapter. This year’s topic focuses on one of the most relevant topics of the time\, Artificial Intelligence (AI) and Generative AI. This event brings together a lawyer\, industry experts\, and government speakers to deliver insightful presentations on various aspects of AI\, including its benefits\, challenges\, risks\, and legal issues. \nAll are welcome to join this free information session and bring questions for the expert speakers. If you are interested in exploring the latest trends\, strategies\, and best practices in implementing and managing AI this is the event to attend. \nIT professionals\, managers\, auditors\, consultants\, or anyone else interested in learning more about artificial intelligence and machine learning should attend this event. \nRegistration closes on July 17 @ 5 pm.  Note\, CPE credits will not be issued for this event. \nRegister Today! \n  \nEvent Sponsor \nThe GWDC is once again pleased to partner with our Gold Sponsor Guidehouse on this summer seminar. \n \n  \n  \nAgenda \n\n\n08:30 AM – 09:30 AM \n\n\nUnderstanding and Managing Legal Risks with AI \nPresenter: James Gatto (Sheppard Mullin) \nThe benefits of AI are clear\, but the legal risks are a bit murky and rapidly evolving. Employees are using AI without understanding the potential legal ramifications of certain uses. Join us for a timely discussion on the key legal issues with AI and what companies need to do to manage the legal risks while leveraging AI. \nIn this presentation\, Jim Gatto (who has 20+ years of legal experience with AI) will clarify the key legal issues with AI\, explain business risks if not properly managed\, provide insights on likely future legal developments and provide specific recommendations on what companies must do now to manage the legal risks with company use of AI. \n\n\n\n09:30 AM – 10:30 AM \n\n\nHarnessing the Power of Generative AI in Financial Auditing \nPresenter: Bob Dunmyer (Guidehouse) \nIn the rapidly evolving financial landscape\, organizations face increasing complexity in regulatory compliance\, financial reporting\, IT risk management\, predictive analytics\, and fraud detection. Join us to learn how Generative AI can significantly streamline these organizational audit processes. \nIn this presentation\, Bob Dunmyer\, the leader of Guidehouse’s Data and AI Division\, will break down the use case of GenAI in financial auditing processes\, describe the process of implementing this robust technology\, and provide insights on how GenAI can cause a paradigm shift for financial institutions. \n\n\n\n10:30 AM – 11:30 AM \n\n\nAI’s Impact on Cybersecurity – Today\, Tomorrow\, and Beyond \nPresenter: Geoff Grogan (Guidehouse) \nAI technology is quickly evolving and becoming more and more ubiquitous in our daily lives. With it comes many benefits\, but also many risks. Learn how AI is affecting today’s cybersecurity landscape and how organizations can tackle this challenge today\, while laying a robust foundation of cyber resilience in the future. \n\n\n\n11:30 AM – 12:30 AM \n\n\nAI\, Deep Fakes\, Natural Hazard Modeling \nPresenters: Brian Bothwell (GAO) and Kevin Walsh (GAO) \nI and associated technologies are changing how we interact with the world. In this seminar\, Brian and Kevin will discuss how AI is changing forecasting\, deep fakes\, and interactions between the government and citizens. Join us as we explore the peril and the potential of AI. \n\n  \nPresenters \n\n\n \n\n\nJames Gatto\nLawyer @ Sheppard Mullin \nJames Gatto has been a leading lawyer for 35 years providing business-focused\, legal advice on all aspects of intellectual property strategy\, technology transactions\, technology-related regulatory issues\, and litigation\, especially ones driven by new business models and/or disruptive technology. For over 20 years he has focused on Artificial intelligence legal issues (e.g.\, training\, policies\, IP\, regulatory issues). He is an Adjunct Professor at Ole Miss Law School where he teaches “Legal Issues with AI.” He is a frequent author and speaker on AI. Some of his recent talks include: \n\n Invited Speaker\, Korean Copyright Office “AI and Open Source” \n Speaker\, US Copyright Office Listening Session on AI Authorship \n Speaker\, USPTO Listening Session on AI Inventorship Issues \n\nHe is an industry leader\, with prominent roles in a number of top tier legal organizations\, including:  \n\n Appointed member\, ABA-IPL AI/Machine Learning Task Force \n Co-Chair\, AI Subcommittee\, AIPLA \n Member\, Artificial Intelligence Committee\, International Technology Law Association\n\n \n\n\n\n \n\n\nBob Dunmyer\nPartner @ Guidehouse \nBob Dunmyer serves as a Partner in the Digital Solutions sector at Guidehouse\, where he spearheads the Data & AI division. His leadership is pivotal in guiding clients through their Digital Transformation journey\, leveraging GenAI and Intelligent Automation. Bob’s rapidly expanding team\, comprising data management pros\, data scientists\, and bot developers\, is dedicated to harnessing artificial intelligence and automation to tackle intricate challenges. He navigates clients through the dynamic landscape of artificial intelligence\, making certain they stay at the forefront of digital innovation. Bob’s leadership ethos is centered around creating synergies between technology and strategy\, delivering tailored solutions that catalyze significant transformations in both the Commercial and Public Sectors. \n \n\n\n\n \n\n\nGeoff Grogan\nDirector @ Guidehouse \nExperienced cybersecurity business leader with more than 15 years of professional experience providing consulting\, program management\, and risk management expertise to Department of Defense and Federal Government clients. Extensive experience in cybersecurity strategy\, governance\, and policy development\, including expertise in supply chain risk management (SCRM)\, and non-traditional IT (i.e. weapons systems\, industrial control systems). Possesses a proven track record successfully leading large\, diverse teams that deliver at a high level to senior clients in a variety of high-paced\, dynamic environments. \n \n\n\n\n \n\n\nBrian Bothwell\nDirector of Science\, Technology Assessment\, and Analytics @ U.S. Government Accountability Office (GAO) \nBrian Bothwell is a Director in GAO’s Science\, Technology Assessment\, and Analytics (STAA) team. He oversees a team of engineers and scientists who analyze engineering and technology issues. He also directs a team whose work includes assessing federal efforts to acquire and operate weapons\, satellites\, and other major technological systems on time and on budget. \nBrian joined GAO in December 2013 as a member of the Applied Research and Methods team\, where he assessed cost estimates\, schedules\, cost management systems\, and technology readiness of several federal programs. Additionally\, Brian contributed to the development of several GAO best practice guides and led the update to the “Cost Estimating and Assessment Guide.” In 2021\, he became a Director in GAO’s STAA team. Prior to joining GAO\, Brian enjoyed a 20-year career in the United States Navy and worked as a cost estimator in the private sector. \nBrian earned a master’s degree in operations research from the Naval Postgraduate School and a bachelor’s degree in chemical engineering from the University of Notre Dame. \n \n\n\n\n \n\n\nKevin Walsh\nDirector of Information Technology and Cybersecurity @ U.S. Government Accountability Office (GAO) \nKevin Walsh is a Director in GAO’s Information Technology and Cybersecurity team. He oversees work related to AI\, Census\, CIO authorities\, legacy modernizations\, and satellite and space systems. He has led reviews covering topics related to the authorities of federal Chief Information Officers\, management of legacy IT systems\, coordination of IT contracts\, and assessments of IT-related risk. \nKevin joined GAO in June 2006\, and led projects related to FITARA and GAO’s High-Risk area on Improving the Management of IT Acquisitions and Operations. \nKevin earned a master’s degree in business administration from Virginia Tech. Kevin earned a bachelor’s degree in economics from the University of Maryland\, College Park. \n \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Zoom.  \n The zoom link will be emailed to you when you register. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nNo CPEs will be awarded for this event. \n  URL:https://isaca-gwdc.org/event/summer-seminar-ai-generative-ai/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/06/summer-seminar-ai-2024_v2.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240627T090000 DTEND;TZID=America/New_York:20240628T160000 DTSTAMP:20240519T131218Z CREATED:20240519T131218Z LAST-MODIFIED:20240519T131218Z UID:32263-1719478800-1719590400@isaca-gwdc.org SUMMARY:Artificial Intelligence and Machine Learning Seminar DESCRIPTION:This will be a two-day virtual classroom seminar designed for those who want to understand the core concepts of Artificial Intelligence\, Machine Learning\, and Generative AI\, and become familiar with popular Generative AI platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney.  In addition\, attendees will gain practical experience in leveraging these platforms for solving organizational challenges and the ethical considerations\, and potential misuse of Generative AI. \nIT professionals\, managers\, auditors\, consultants\, or anyone else interested in learning more about artificial intelligence and machine learning should attend this seminar. \nRegistration closes on June 26 @ 3 pm. \nRegister Today! \n  \nCourse Materials\, Format\, and Schedule \nCourse Format \nThis course blends expert lectures\, interactive discussions\, and practical sessions. It fosters a collaborative learning environment and provides access to online resources for self-paced study. \n  \nCourse Schedule  \nThe course spans two days\, 7 hours each day\, inclusive of breaks. Specific scheduling will be provided closer to the course date. \n  \nCourse Materials \nParticipants will gain access to a range of course materials including online resources\, a comprehensive slide deck\, and popular AI platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney. Additional recommended readings and supplementary materials will be provided during the course. \n  \nAgenda \nDay 1 \n\n Introduction and Course Overview (30 minutes)\n\n\n Presenter Introduction\n Course Objectives and Outcomes\n Course Materials and Format\n\n\n History of Artificial Intelligence and Generative AI (1 hour)\n\n\n Evolution of Artificial Intelligence\n Development of Machine Learning and Deep Learning\n The Emergence of Generative AI: A Historical Perspective\n\n\n Overview of Common Generative AI Platforms (2 hours)\n\n\n Introduction to ChatGPT\, Bard\, DALLE-2\, and Midjourney\n Features and Unique Capabilities of Each Platform\n Break (15 minutes)\n Comparative Analysis: Strengths\, Weaknesses\, and Appropriate Use Cases for Each Platform\n\n\n Gaining Access to Platforms (1 hour)\n\n\n Procedures for Accessing AI Platforms\n Subscriptions\, Costs\, and Managing Organizational Access\n Break (30 minutes – Lunch)\n\n\n Introduction to Prompting (1 hour)\n\n\n Understanding Prompts and Their Role in Generative AI\n Constructing Effective Prompts: Best Practices\n\n\n Prompt Engineering (1.5 hours)\n\n\n Techniques for Advanced Prompt Engineering\n Hands-on Exercise: Crafting and Testing Prompts on Different Platforms\n Break (15 minutes)\n Review and Feedback on Prompt Engineering Exercise\n\n  \nDay 2 \n\n Recap of Day 1 and Overview of Day 2 (30 minutes)\n Practical Applications of Generative AI (2 hours)\n\n\n The Impact and Potential of Generative AI across Various Domains\n Real-world Use Cases and Success Stories\n Break (15 minutes)\n Exercise: Brainstorming Possible Applications in Participants’ Context\n\n\n Ethical Considerations and Risks in Generative AI (1 hour)\n\n\n Understanding the Ethical Landscape of AI\n Identifying and Mitigating Risks in Using Generative AI\n Break (30 minutes – Lunch)\n\n\n Hands-on Session: Operationalizing Generative AI (2.5 hours)\n\n\n Accessing Platforms and Setting Up for a Task\n Crafting Prompts for a Given Task\n Review and Feedback on Hands-on Exercise\n Break (15 minutes)\n\n\n Future Trends in Generative AI and Closing Remarks (1 hour)\n\n\n The Road Ahead: What to Expect from the Future of Generative AI\n Opportunities for Further Learning and Specialization\n Course Review\, Q&A\, and Feedback Session\n\n  \nInstructor \n\n \n\n\nJim Wiggins\nFounder and Principal @ Securible\, LLC\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security\, FITSP-M \nJim has over 26 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 21 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS ). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Microsoft Teams.  \n The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 14 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nLearning Objectives \nBy the end of this course\, participants will: \n\n Understand the core concepts of Artificial Intelligence\, Machine Learning\, and Generative AI.\n Familiarize themselves with popular Generative AI platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney.\n Gain practical experience in leveraging these platforms for solving organizational challenges.\n Understand the potential challenges\, ethical considerations\, and potential misuse of Generative AI.\n Explore practical applications and future trends of Generative AI within an operational framework.\n\n  \nCourse Outcomes \nUpon completion of the course\, participants will be able to: \n\n Articulate the foundational principles of AI\, Machine Learning\, and Generative AI.\n Employ popular AI platforms to drive innovative problem-solving and operational excellence in their organizations.\n Navigate potential challenges and ethical considerations associated with the use of Generative AI.\n Apply their knowledge of Generative AI to foster innovation and future readiness in their organizational landscape.\n Stay updated on the latest advancements and future trends in Generative AI\, leveraging these for ongoing improvements and innovation.\n\n  \nCPE-Related Details \n\n Prerequisites and Advance Preparation:  None. A basic understanding of computers and technology is recommended.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/artificial-intelligence-and-macine-learning-seminar/ LOCATION:Virtual Event CATEGORIES:Special Seminars ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/05/ai_ml_seminar.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240622T183000 DTEND;TZID=America/New_York:20240622T233000 DTSTAMP:20240621T134054Z CREATED:20240521T010951Z LAST-MODIFIED:20240621T134054Z UID:32271-1719081000-1719099000@isaca-gwdc.org SUMMARY:50th Anniversary Celebration DESCRIPTION:  \nThe ISACA National Capital Area Chapter was founded as the 5th ISACA chapter on June 12\, 1974.  For 50 years\, the chapter\, its Board of Directors\, and volunteers have served the ISACA Members in the DC region\, hosting events and providing services of interest to our members and the DC IT community.  Renamed the Greater Washington\, D.C. Chapter in 2017\, the chapter currently has over 4\,500 members. \nTo celebrate this milestone anniversary\, the GWDC is hosting a social event\, with a 50-year twist. \n\nCelebrate the GWDC 50th Anniversary! \nEmbark on a journey from yesteryear to today and celebrate the fashion of the ages. Adorn yourself in the iconic styles of your most-loved decade! Enjoy a sumptuous buffet and variety of exquisite drinks as part of the experience. \nSway to the rhythm of timeless tunes from the last 50 years. \nExperience the evolution of high tech\, video gaming technology and old school games\, a true blast from the past! \nGet ready for an adventure packed with excitement at our event! Immerse yourself in fun as you snap vibrant memories in our decade-themed photo booth\, overflowing with funky props that’ll transport you through time. But that’s not all – test your skills and relive the thrill of classic games at our interactive gaming stations. Get ready to make memories\, challenge yourself\, and revel in the joy of nostalgia all in one unforgettable celebration! \nJoin us in a time-traveling adventure as we commemorate ISACA GWDC’s 50th anniversary with a vibrant celebration that spans the decades! \n\n  \nThe GWDC Board of Directors has made registration for this event complimentary for each registrant and a guest.  Please register only if you plan to attend.  Attendees must be 21 years or older. \nThis event has sold out and registration has closed.  We thank our members for their support. \n  \nItinerary \n6:30pm – Registration check-in begins. Cocktail Hour until 7:30 with passed hors d’oeuvres. \n7:30pm – Doors open to 50th Anniversary Celebration. Dinner is served buffet-style. All games and activities are open. \n8:00pm – Opening remarks from the Chapter President and Anniversary activities \n8:30pm – Dance floor opens \n10:00pm – Closing remarks \n11:00pm – Celebration ends \n  \nVenue Information \nFalls Church Marriott Fairview Park\n3111 Fairview Park Drive\nFalls Church\, VA 22042 \nDress Code\nDress to your favorite decade! Whether you are a child of the 70s\, 80s\, 90s\, 2000s\, 2010s\, or beyond! \nParking Information\nComplimentary hotel parking is available. \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. URL:https://isaca-gwdc.org/event/50th-anniversary-celebration/ LOCATION:Falls Church Marriott Fairview Park\, 3111 Fairview Park Drive\, Falls Church\, 22042\, United States CATEGORIES:Social Events ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/05/50th-Anniversary-Celebration-Graphic-DRAFT.png ORGANIZER;CN="Jermaine Stanley - ISACA GWDC":MAILTO:outreach@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240612T160000 DTEND;TZID=America/New_York:20240612T170000 DTSTAMP:20240523T102758Z CREATED:20240522T103252Z LAST-MODIFIED:20240523T102758Z UID:32339-1718208000-1718211600@isaca-gwdc.org SUMMARY:2024 Annual General Meeting of the Chapter Membership DESCRIPTION:The ISACA® GWDC Annual General Meeting (AGM) is the Board of Directors’ annual meeting with the GWDC membership. During this year’s AGM\, the Board will provide a year in review for the chapter\, install newly elected Officers for the next two-year term\, and present the annual Chapter Awards. \nThis virtual meeting will occur after the Annual Meeting Conference on a separate Zoom.  All current GWDC members are invited to attend.  Registration is required. \nRegistration closes on June 12\, 2024 @ 3pm.  \nRegister Today! \n  \nVirtual Meeting Information \n\nThis event will be presented through Zoom.\nPrior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. URL:https://isaca-gwdc.org/event/agm2024/ LOCATION:Virtual Event CATEGORIES:Annual Meeting ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/05/agm_2024_2.png ORGANIZER;CN="Yehuda Schmidt (Annual Meeting Questions)":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240612T090000 DTEND;TZID=America/New_York:20240612T160000 DTSTAMP:20240610T005948Z CREATED:20240519T134331Z LAST-MODIFIED:20240610T005948Z UID:32220-1718182800-1718208000@isaca-gwdc.org SUMMARY:2024 Annual Meeting Conference DESCRIPTION:The ISACA® GWDC annual conference is the Chapter’s premium event for the year. This year the Annual Meeting coincide with the chapter’s 50th anniversary. \nThis year the Annual Meeting Conference is a virtual event.  Presentations will focus on emerging technologies\, risk vectors\, mitigation strategies\, and governance trends. Topics are aimed equally at participants focused on the Government and Private sectors. All sessions are designed to increase your understanding of current topics and hone your professional skills by learning directly from leading practitioners in their fields.  IT professionals\, IT advisory or audit professionals\, business executives\, students or professionals interested in learning more about IT risk management and governance should attend this event. \nFor the convenience of all our members\, we will make the Chapter’s business session – the Annual General Membership Meeting – available to them on-line. \nRegistration closes on June 11\, 2024 @ 12pm.  \nRegister Today! \n  \nAgenda \n\n\n09:00 AM – 09:10 AM \n\n\nOpening Remarks \nIntroduction to the conference and discussion of logistics\, including CPEs and polling questions. \n\n\n\n09:10 AM – 10:00 AM \n\n\nBridging the Divide: Technology’s Role in Shaping Policy for a Sustainable Future \nPresenter: Dr. Gina Guillaume-Joseph (Eztera Digital Solutions) \nGiven the dynamic nature of technology and its profound impact on society\, the topic will resonate with the audience in Washington DC\, considering both the political and technological significance. I’ll explore how technology not only drives innovation but also serves as a critical bridge between diverse sectors\, including government\, private industry\, and the public. I will delve into AI\, cybersecurity\, and the policies for tech governance. \n\n\n\n10:00 AM – 10:50 AM \n\n\nWhat are the intersections of Privacy and AI? \nPresenter: Deborah Adleman (Adleman Consulting Services LLC) \nEvery month there seem to be new examples of artificial intelligence (AI) technology such as Generative AI and accompanying privacy regulations. At the same time\, the complexity of these privacy requirements is also increasing. There is a heightened clamor for governments\, businesses\, and individuals to approach AI ethically while not derailing innovation. Amidst this environment\, what are the overlaps between Privacy and AI that can help us mitigate risk and govern emerging technologies consistent with our business mission? How do we protect privacy while allowing AI to increase business efficiency and simplify our lives without stifling innovation? \nLearn from Deborah Adleman of Adleman Consulting Services LLC who has spent her career as a US and Global Risk and Privacy Leader who will help us tackle these answers and leave us with a roadmap to take back to our organizations. \n\n\n\n10:50 AM – 11:00 AM \n\n\nMorning Break \n\n\n\n11:00 AM – 11:50 AM \n\n\nNavigating the Cybersecurity Frontier: Emerging Threats and Defense Strategies in 2024 \nPresenter: Sushila Nair (Cybernetic LLC) \nThis dynamic presentation delves into the evolving landscape of cybersecurity\, focusing on emerging technologies\, threats\, and defense strategies crucial for today’s digital world. \nThe session begins by exploring the realms of cyberwar and cybercrime. Recent state-sponsored cyberattacks targeting critical infrastructures are highlighted\, emphasizing the need for robust national cybersecurity strategies and international cooperation. The rise of sophisticated ransomware\, phishing schemes\, and AI-enhanced fraudulent activities are examined\, drawing insights from recent high-profile incidents. The importance of cybersecurity awareness\, advanced threat detection\, and response strategies are underscored as vital defensive measures. \nNext\, the transformative role of Artificial Intelligence (AI) and machine learning in cybersecurity is investigated. These technologies are revolutionizing threat detection and response\, though they also introduce risks such as adversarial AI and ethical concerns. \nA significant focus is placed on Zero Trust Architecture\, a critical shift in cybersecurity paradigms. The principles of zero trust are explained\, emphasizing the importance of continuously verifying users\, devices\, and applications. Practical steps for implementing zero trust within organizations are provided\, highlighting the approach’s effectiveness in mitigating modern cyber threats. \nIdentity security is covered as a cornerstone of effective cybersecurity. Strategies for robust identity and access management (IAM)\, including multi-factor authentication (MFA) and identity governance\, are discussed to reduce attack surfaces and protect sensitive data. \nThe presentation further explores emerging attack vectors\, such as supply chain attacks and zero-day exploits\, offering real-world examples and mitigation strategies. Advanced defensive measures\, including threat intelligence and sharing\, are examined\, stressing the value of collaboration and effective threat intelligence platforms. \nConcluding with a summary and a Q&A session\, this presentation aims to equip attendees with a comprehensive understanding of current cybersecurity challenges and the advanced defenses necessary to counter them. \n\n\n\n11:50 AM – 12:20 PM \n\n\nLunch Break \n\n\n\n12:20 PM – 01:10 PM \n\n\nStreamlining AI Governance: Tools for Tomorrow’s Challenges \nPresenter: Meghan Maneval (RiskOptics) \nIn an era where artificial intelligence is rapidly transforming industries\, the need for proactive and robust AI governance has never been more pressing. In this session\, “Streamlining AI Governance: Tools for Tomorrow’s Challenges\,” I’ll provide a strategic roadmap for organizations looking to establish a solid governance framework that not only meets today’s requirements but also anticipates future regulatory landscapes. During this session\, we will explore the practical steps necessary to lay the foundational groundwork for AI governance. Leveraging a real-world AI use case\, the focus will be on equipping your organization with the necessary strategies to establish AI Controls\, align with AI Regulations\, track AI Risk\, and monitor AI in your supply chain. \nYou’ll learn how to implement a governance structure that adapts to new challenges\, ensuring your AI initiatives are both innovative and within regulatory bounds. \nParticipants will explore: \n\n Aligning organization controls with AI specific regulations\, automating evidence collection\, and correcting non-conformities.\n Tracking AI projects and managing the associated assets\, threats\, vulnerabilities\, and risks.\n Monitoring your supply chain’s compliance with AI usage standards and risk reduction activities.\n\n\n\n\n01:10 PM – 02:00 PM \n\n\nWhat is going on in the ransomware cybercrime business ecosystem? \nPresenter: Dr. Ferhat Dikbiyik (Black Kite) \nRansomware groups now operate like agile tech startups\, not traditional crime cartels. They combine advanced tech skills with psychological manipulation and a business mindset. Their sophisticated tactics challenge standard cybersecurity defenses\, requiring a new approach to understanding and combating these threats. This session explores their operations and mindset through business and social psychology principles\, particularly those by Elliot Aronson. \nWe’ll discuss why technical defenses aren’t enough. Ransomware groups carefully choose targets based on vulnerability\, strategic value\, and psychological impact. Despite law enforcement’s progress against groups like Lockbit and Black Cat\, these syndicates adapt and evolve\, highlighting the need for a dynamic risk assessment model that considers both technical and psychological factors. \nWe’ll examine how some professionalized ransomware groups use business tactics and moral justifications\, posing as pentesters\, hacktivists\, or reluctant actors. By analyzing their PR moves\, apologies\, and rationalizations\, we’ll gain insights into their behavior. Case studies will reveal their strategies in operations\, negotiations\, and public relations. \n\n\n\n02:00 PM – 02:10 PM \n\n\nAfternoon Break \n\n\n\n02:10 PM – 03:00 PM \n\n\nBuilding an Effective Insider Risk Mitigation Program \nPresenter: Randall Trzeciak (Security Engineering Institute @ Carnegie Mellon University) \nThe National Insider Threat Center in the CERT Division of the Software Engineering institute at Carnegie Mellon University has been researching Insider Threats since 2001 and has analyzed over 3500 incidents where insiders have maliciously or non- maliciously harmed organizations. The research has resulted in the development of models describing how these incidents tend to evolve over time\, including the identification of both the technical and behavioral potential risk indicators. This presentation will provide a brief overview of the insider incident types; best practices for the mitigation of insider threats; provide an insider threat program development roadmap; and recommend resources for the evaluation of an insider threat program. \n\n\n\n03:00 PM – 03:50 PM \n\n\nHealthcare Under Siege: Decoding Cybersecurity and Privacy Challenges to Navigate the Surge in Ransomware Attacks \nPresenters: Tina Curtis (Office of the Attorney General for the District of Columbia) and Ruchi Shewaramani (Washington Health Benefit Exchange) \nTopic description to be posted soon \n\n\n\n03:50 PM – 04:00 PM \n\n\nClosing Remarks \n\n\n\n04:00 PM – 05:00 PM \n\n\nAnnual General Meeting (AGM) of the Chapter Membership \nThe member portion of the meeting will be held on a separate zoom and is open to all current chapter members. Members can register for this session on the AGM event page. \n\n  \nPresenters \n\n\n \n\n\nDr. Gina Guillaume-Joseph\nChief Innovation Officer (CIO) @ Eztera Digital Solutions \nGina Guillaume-Joseph\, PhD is a published author and technologist with executive experience and thought leadership within the Federal and Commercial Sector. \nGina is the Chief Innovation Officer (CIO) at Eztera Digital Solutions. Gina will leverage her technology implementation experience and vast network to support the Federal Government’s Technology Transformation Strategy. Her accomplishments and successes are based on strong program performance\, leadership discipline\, a commitment to developing relevant\, innovative and adaptive solutions\, and a vigilant focus on best value solutions for her clients. \nGina spent 16 years supporting our Federal Government as a contractor with Booz Allen Hamilton\, L-3 Communications and The MITRE Corporation. As a Systems Engineer she was responsible for implementing key strategic frameworks\, solutions and technology platforms to assist agencies such as the DoD\, IRS\, FDIC\, DHS\, VA\, and SSA overcome technology gaps in delivering capabilities and value to our United States Taxpayers. \nGina is the former Chief Technology Officer – Government at Workday and former Director of Technology at Capital One. Gina supported the HR and People Technology team as a strategic technical advisor. At Capital One\, she matured their Scaled Agile practices by hiring agilists\, training the team\, and fully implementing the framework to scale resulting in improved product value delivery across the organization. Workday was a key product implemented to Capital One’s more than 43\,000 employees. \n \n\n\n\n \n\n\nDeborah Adleman\nAdleman Consulting Services LLC\nCCEP\, SCCE\, IDP\, GCRP\, CIPP/US\, CIPM\, and FEP \nDeborah is a strategy-driven and practical\, results oriented leader recognized for enabling future focused enterprise-wide data protection risk management\, AI governance and ethics & compliance programs. Deborah’s evolved experience in leadership at a Big Four firm combined with a successful consulting career brings a global\, IT engineering\, and business process outcomes mindset to data governance\, process improvement and teamwork. Deborah was the US & Americas Data Protection Risk Management Leader for Ernst & Young for over a decade and a successful consultant within EY before that. While at EY\, Deborah led EY’s US and Americas’ data protection risk\, ethics and compliance program strategy and implementation across 50\,000 employees while collaborating with other EY global leaders. Deborah was accountable for assessing\, implementing\, and monitoring the effectiveness of the enterprise data protection program and its maturity. Deborah accomplished this by fusing ethical and responsible data protection leading practices into the core business processes and then establishing accountability grounded in metrics. Since leaving EY\, Deborah has started her own single person consultancy serving a wide range of companies\, continuing her tradition of helping companies leverage risk to empower their teams to perform accountably\, with integrity in the midst of uncertainty. \nDeborah has her Bachelor of Arts from the University of Pennsylvania\, and has various governance\, ethics and privacy certifications including the Certified Compliance and Ethics Professional (CCEP) through the Society for Corporate Compliance and Ethics (SCCE)\, the Integrated Data Privacy (IDP) and the Governance\, Risk & Compliance Professional (GCRP) from the Open Compliance and Ethics Group (OCEG)\, and the CIPP/US\, CIPM and FEP through the IAPP. \nDeborah is the author of “How to Operationalize Privacy and Data Governance for AI” (InformationWeek)\, and “A Data Privacy Compliance Program Primer” (SCCE) and is a regularly sought after speaker who recently provided subject matter expertise for the IAPP’s new Artificial Intelligence Governance Professional (AIGP) certification. \n \n  \n\n\n\n \n\n\nSushila Nair\nVice President\, Head of Cybersecurity Services\, CEO @ Cybernetic LLC\nCISSP\, GIAC GSTRT\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is the CEO of Cybernetic LLC and former Vice President of Capgemini’s North American Cybersecurity practice. Sushila Nair is a pivotal figure in driving secure digital transformation globally. With over 30 years of experience spanning computing infrastructure\, business\, and security risk analysis\, Sushila has carved a niche in the cybersecurity domain. Her journey includes a decade-long leadership of her own IT and Cybersecurity company across major UK cities and serving as a Chief Information Security Officer (CISO)\, where she mastered the art of safeguarding against evolving digital threats. \nAn esteemed thought leader\, Sushila’s insights have graced global platforms like RSA and ISACA’s conferences. Her role in the ISACA global emerging trends working group and as Vice President of ISACA’s Greater Washington\, D.C. Chapter showcases her commitment to advancing the field. Her efforts\, especially in championing the next generation of cybersecurity talent and promoting diversity\, earned her the prestigious ISACA Technology for Humanity Award in 2024. \n \n\n\n\n \n\n\nMeghan Maneval\nVice President of Product Strategy and Evangelism @ RiskOptics\nCISM\, CRISC \nMeghan Maneval is a distinguished figure in the cybersecurity and governance\, risk management\, and compliance (GRC) sectors\, renowned for her innovative approach and commitment to enhancing diversity in the tech industry. With nearly 20 years of experience\, she has consistently demonstrated her ability to simplify the complexities of cybersecurity for organizations around the world. \nAs the Vice President of Product Strategy and Evangelism at RiskOptics\, Maneval leverages her unique insights to drive significant advancements in GRC tools. Her direct involvement in the development of RiskOptics ROAR\, a trailblazing GRC solution that automates risk management and compliance\, underscores her role as a key innovator in the industry. \nManeval’s influence extends beyond RiskOptics- advocating for risk-centric strategies that adapt to the evolving landscape of cybersecurity. Her pioneering work in AI governance\, including the design of a continuous monitoring process and the development of an AI Governance course for ISACA\, showcases her dedication to responsible and secure AI usage. These achievements awarded her the SC Media Women in Cybersecurity Award. \nBeyond her technical achievements\, Maneval is passionate about fostering an inclusive work environment. She founded the Women in Leadership Program at RiskOptics\, aiming to empower female employees and equip them with the skills necessary for leadership roles. Her efforts reflect a deep commitment to breaking down barriers and creating opportunities for women in technology. \nAdditionally\, Maneval is an active mentor\, particularly within the Girl Scouts\, where she inspires young women to pursue careers in STEM. Her involvement with the Cyber Guild’s Diverse Minds Movement and her doctoral research on the impact of AI on neuroinclusion further illustrate her commitment to building a more diverse and inclusive tech community. \nMeghan Maneval’s comprehensive contributions to cybersecurity\, her innovative solutions\, and her dedication to mentorship and diversity mark her as a transformative leader in the field. \n \n\n\n\n \n\n\nDr. Ferhat Dikbiyik\nChief Research & Intelligence Officer @ Black Kite \nDr. Ferhat Dikbiyik\, as the Chief Research & Intelligence Officer\, stands at the vanguard of redefining cybersecurity’s frontiers\, particularly in the realm of ransomware. Under his leadership\, his team delves into the sophisticated world of cyber threats\, blending cutting-edge data analysis and machine learning to elevate the Black Kite platform’s capabilities. His unique approach uncovers not just the how of ransomware operations but the why\, illuminating the psychological underpinnings and business-like efficiency of these cybercriminals. \nWith a storied 15-year journey traversing from academia to the pulsating heart of startup innovation\, Dr. Dikbiyik’s transition shines a light on his versatility. Holding a Ph.D. in Electrical and Computer Engineering from the University of California\, Davis\, he initially focused on enhancing the resilience of telecom networks against disasters. This foundation set the stage for his later work\, where he explores the nexus between technology\, psychology\, and strategy within the cyber risk domain. \nDr. Dikbiyik has contributed to national and international projects on disaster risk\, including cyber risk. His prolific output\, featuring over 40 scientific papers with more than 1\,000 citations\, evidences his significant impact on the field. He is a co-inventor of two patents granted on cyber risk assessment\, one related to ransomware susceptibility measurement. \nIn recent years\, Dr. Dikbiyik has become a sought-after voice on the global stage\, elucidating the complexities of cyber risk management and the intricacies of ransomware groups. His work—bridging the gap between academic research and practical\, startup-driven solutions—resonates with a broad spectrum of cybersecurity professionals and businesses alike. \n \n\n\n\n \n\n\nRandall Trzeciak\nDirector of The Insider Threat Center at CERT\nAdjunct Faculty\, MSISPM Program Director @ Software Engineering Institute @ Carnegie Mellon University\n \nRandy Trzeciak currently holds a dual appointment between Heinz College and the CERT Program of the Software Engineering Institute at Carnegie Mellon University. In support of the Heinz College\, Randy occupies the role of Director of the Master of Science Information Security Policy & Management (MSISPM) Program as well as an adjunct professor for the graduate School of Information Systems and Management. \nIn support of the Software Engineering Institute\, Randy is the Technical Manager of CERT’s Enterprise Threat and Vulnerability Management Team and the CERT Insider Threat Center. The team’s mission is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing and conducting information security assessments; and providing information\, solutions and training for preventing\, detecting\, and responding to illicit activity. Team members are domain experts in insider threat and incident response. Team capabilities include threat analysis and modeling; building and evaluating insider threat programs; development of insider threat controls\, workshops\, and exercises. \nPrior to his current role in the CERT Program\, Mr. Trzeciak managed the Management Information Systems (MIS) team in the Information Technology Department at the SEI. Under his direction\, the MIS team developed and supported numerous mission-critical\, large-scale\, relational database management systems. \nPrior to his time working at the SEI\, Mr. Trzeciak was a software engineer for the Information Technology Development Center of the Carnegie Mellon Research Institute (CMRI)\, responsible for a variety of information networking projects. These projects included the design and development of large-scale databases and Internet-based systems that adhered to data privacy and security requirements; the design and implementation of multi-organizational portals for preparation and response to weapons of mass destruction; and collaboration among public health department epidemiologists. \nPrior to his career at Carnegie Mellon\, Mr. Trzeciak worked for Software Technology\, Incorporated (STI) in Alexandria\, Virginia. For nine years\, Mr. Trzeciak was a consultant to the Naval Research Laboratory (NRL) working on numerous projects designing\, building\, and supporting large-scale relational database management systems. During his employment with STI\, Mr. Trzeciak also filled the role of Information Systems Business Manager. \n \n\n\n\n \n\n\nTina Curtis\nAssistant Attorney General\, District-wide Privacy and Security Official/ Director of the Office of Privacy and Confidentiality @ Office of the Attorney General for the District of Columbia\nCIPP\, CCSA \nTina Curtis serves as Assistant Attorney General\, and District-wide Privacy and Security Official/ Director of the Office of Privacy and Confidentiality\, within the Office of the Attorney General for the District of Columbia. With a focus on health and human services data\, she leads the government’s corporate compliance efforts for 20 agencies\, spanning Human Services\, Public Safety and Education clusters. She also provides ad hoc advice across all governmental business types. This includes overseeing privacy and security matters involving the operation of agency offices\, data sharing design\, policy development\, audits\, contracts oversight\, policy development\, technology reviews and training. \nShe also serves as Secretary for the Institute of Electrical and Electronics Engineers’ (IEEE) Privacy PAR Working Group. The PAR is completing the development of a global privacy standard for consumer mobile devices. \nHer background also includes serving as Assistant General Counsel for the DC Department of Insurance Securities and Banking\, and as the Chair of the Minority Business Opportunities Commission for Prince George’s County\, Maryland. \nMs. Curtis is a graduate of the University of Maryland\, College Park and the Howard University School of Law. She holds Certified Information Privacy Professional (CIPP) and Certified Cyber Security Architect (CCSA) certifications. \n \n\n\n \n\n\nRuchi Shewaramani\nChief Information Security Officer @ Washington Health Benefit Exchange \nRuchi Shewaramani is a cyber security executive with 18+ years of experience in Information Technology Security\, Identity and Access Management (IAM)\, Governance\, Risk and Compliance (GRC) across healthcare\, education and financial sector. She is currently serving as the Chief Information Security Officer for Washington Health Benefit Exchange and as a Board member for ISACA Greater Washington DC Chapter. \nIn the last decade\, she has led the security program for various healthcare agencies in District of Columbia (DC) prior to joining Washington state exchange. She specializes in establishing and transforming cyber security program for healthcare agencies to attain compliance with state and federal partners\, safeguard customer data and build digital trust for the citizens served. \n \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent topics in the information technology. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/annual-meeting-2024/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/05/annual_meeting_2024.png ORGANIZER;CN="Yehuda Schmidt (Annual Meeting Questions)":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240523T083000 DTEND;TZID=America/New_York:20240523T123000 DTSTAMP:20240521T012938Z CREATED:20231030T234536Z LAST-MODIFIED:20240521T012938Z UID:31265-1716453000-1716467400@isaca-gwdc.org SUMMARY:Risk Management and Governance Conference 2024 DESCRIPTION:The ISACA Greater Washington DC (GWDC) is proud to host our annual Risk Management and Governance conference. This conference is part of our monthly conference series. \nIT professionals\, IT advisory or audit professionals\, business executives\, students or professionals interested in learning more about IT risk management and governance should attend this event. \nRegistration closes on May 22\, 2024 @ 12pm.  \nRegister Today! \nThe agenda for this event is being developed.  Details for this event will be posted when available. \n  \nAgenda \n\n\n08:30 AM – 09:30 AM \n\n\nWhere Is AI Taking Us? Cyber influence Operations and Synthetic Media \nPresenter: David Branscome (Microsoft) \nTools like ChatGPT\, OpenAI and DALL-E have burst onto the scene with a usability and simplicity that makes the use of AI seem to be easy enough for a child to use. \nBut is that good or bad? The answer may depend on who you ask. \nIn this discussion\, we’ll look at how nation-states are using AI tools to shape public opinion to achieve their political and strategic goals. We’ll look at the cyberinfluence campaigns surrounding COVID-19 and the ongoing war in Ukraine\, as well as the use of AI to digitally manipulate media for political gain. We’ll also investigate the tools being developed to counter these trends and help ensure the information we consume can be trusted. \n\n\n\n09:30 AM – 10:30 AM \n\n\nAI Risk Assessment: Where to Start\, What to Ask\, and Things to do About the Risk \nPresenter: Joe Veroneau (Conveyor) \nAs AI advancements revolutionize business decision-making\, understanding how to evaluate and mitigate AI-associated risk is top of mind for all companies. In this session\, participants will learn practical ways to scope and prioritize where to start when including AI risk in their wider risk assessment methodology. Participants will learn to evaluate if AI risk is present critically\, assess the potential impact and navigate the potential risks of AI-powered companies and processes. \n\n\n\n10:30 AM – 11:30 AM \n\n\nBleeding Edge of Cybersecurity Risk \nPresenters: Ramona Ratiu (Zurich Insurance and DePaul University) and Alex Islamov (MorganFranklin Consulting) \nThe presentation on the bleeding edge of cybersecurity risks offers a comprehensive exploration of the ever-evolving landscape of digital threats and vulnerabilities. We will delve into the intricacies of emerging technologies like artificial intelligence\, quantum computing\, the Internet of Things (IoT)\, and Information and Communication Technologies (ICT)\, which are being harnessed by sophisticated threat actors to launch unprecedented cyberattacks. You will gain insights into the growing menace of ransomware\, supply chain attacks\, and state-sponsored cyber espionage\, along with the escalating challenges these pose to organizations worldwide. By highlighting the need for proactive adaptation\, robust threat intelligence\, and innovative cybersecurity strategies\, this presentation will equip you with the knowledge and tools to navigate the cutting-edge risks in today’s digital world effectively. \n\n\n\n11:30 AM – 12:30 AM \n\n\nInformation Risk Management \nPresenter: Jay Ranade (Risk Management Professionals) \nInformation is the life blood of the organization\, because information risk is primarily to the business processes. Without information (data)\, there is no business. Protecting data from confidentiality\, integrity\, availability\, and privacy perspective is of paramount importance. Even from the enterprise risk management perspective\, all OTHER enterprise risks depend upon information. Information risk management revolves around identifying risks\, measuring risk\, treating risk\, and monitoring risk. One of the most complex tasks in information risks is designing KRIs and KCIs\, where most of the organizations make mistakes. \n\n  \nPresenters \n\n\n \n\n\nDavid Branscome\nGlobal Partner Solutions Architect for Security\, Compliance and Identity @ Microsoft\nCISSP\, GCWN\, GCED\, GCDA\, GMOB\, GCIH\, GISP\, GSEC\, GSOC\, GCFA\, GDAT\, GCPN\, GCFR \nDavid is a Global Partner Solutions Architect for Security\, Compliance and Identity at Microsoft. In this role\, David is responsible for training and supporting Microsoft partners on the latest security compliance and identity solutions\, including Microsoft 365\, Azure and Windows. \n \n\n\n\n \n\n\nJoe Veroneau\nDirector\, Trust & Security @ Conveyor Inc. \nRisk management professional with wide experience across GRC domains in an operational and advisory capacity. Currently specializing in cloud security compliance. \n \n  \n\n\n\n \n\n\nRamona Ratiu\nGlobal Head of Cyber Tabletop Exercises- Cybersecurity – Zurich Insurance\nAdjunct Professor – IT Risk Management – DePaul University\nBoard Strategic Advisor/Past President – ISACA Chicago Chapter\nSheLeadsTech Ambassador\nMS\, CISA\, CISM\, GSTRT \nRamona Ratiu’s current role at Zurich Insurance Group focuses on effective risk planning strategies as the core for strengthening\, improving\, and maturing the cybersecurity program. She successfully leads transformational cybersecurity projects through her strong planning and organizational skills. Ms. Ratiu’s experience in information security\, governance\, audit\, risk management\, and compliance helped her develop and implement technical and procedural solutions\, enabling stakeholders to achieve and sustain compliance efficiently across multiple standards. \nMs. Ratiu holds a bachelor’s degree in finance and earned the Master of Science in Information Security and Compliance from DePaul University. In addition\, she holds these certifications: Certified Information Systems Auditor (CISA)\, Certified Information Systems Manager (CISM)\, COBIT5 Foundations\, ITIL Foundations Certificate and GIAC Strategic Planning\, Policy and Leadership (GSTRT). \n \n\n\n \n\n\nAlex Islamov\nDirector\, Cybersecurity Strategy and GRC @ MorganFranklin Consulting\nCredentials \nAlex Islamov is the Director of Cybersecurity Strategy and Risk\, and a leader of the MorganFranklin Consulting Cyber Financial Services pillar with over 18 years of experience helping companies navigate complex compliance and regulatory environments while providing comprehensive operational\, information technology\, and information security risk management solutions. Alex offers extensive experience in software and technology\, healthcare\, manufacturing and distribution\, and financial services industries with significant subject matter expertise in IT Audit\, IT SOX\, IT/IS Governance\, Regulatory Compliance\, Data Privacy and Protection\, Information Security and Cybersecurity\, Enterprise Risk Management\, Third-Party Risk Management\, and Finance & Accounting. In addition\, Alex possesses deep knowledge and understanding of the regulatory standards and frameworks such as COSO\, SOX\, NIST (800-53 and CSF)\, HIPAA\, CSA CCM\, FISMA\, FedRAMP\, CIS CSC\, PCI-DSS\, HITRUST\, ISO\, and SOC 1/2/3. Prior to joining MorganFranklin Cyber\, Alex spent over 15 years in management/leadership positions at leading accounting firms\, financial institutions\, and software companies. \n \n\n\n\n \n\n\nJay Ranade\nSenior Trainer @ Risk Management Professionals\nCIA\, CISA\, CISM\, CISSP\, ISSAP\, CGEIT\, CRISC\, HCISPP\, CRMA\, and CBCP \nJay Ranade\, a certified CIA\, CISA\, CISM\, CISSP\, ISSAP\, CGEIT\, CRISC\, HCISPP\, CRMA\, and CBCP is an internationally renowned expert on computers\, IT Risk management\, disaster recovery\, IT Security\, cyber security and IT controls. He has written and published more than 37 IT-related books on various subjects ranging from networks\, security\, mainframe/distributed operating systems\, and computer programming languages. He also has an imprint with McGraw-Hill with more than 300 books called the “Jay Ranade Series” with more than 7 million copies in print. His books have been translated in German\, Portuguese\, Spanish\, Japanese\, Chinese\, and Korean. The New York Times critically acclaimed his book called the “Best of Byte” with endorsements from Bill Gates and Steve Wozniak. \nJay has consulted and worked for Global and Fortune 500 companies in the US and abroad including AIG\, Merrill Lynch\, Dreyfus/Mellon Bank\, Johnson and Johnson\, Unisys\, McGraw-Hill\, Mobiltel Bulgaria\, Central Bank of Armenia\, and Credit Suisse. His classes and lectures have been attended by employees of almost every Fortune 500 company globally. \nHe teaches graduate-level classes on Information Security Management and Ethical Risk Management at New York University. Jay is also an adjunct professor at St John’s University and teaches graduate-level classes on Accounting Information Systems\, IT Auditing\, Internal Auditing\, Security/Forensics\, and Operational Risk Management. Jay is senior faculty member for Wharton Executive Education program for U of Penn. \nJay teaches ISACA credentialing courses (CISA\, CISM\, CRISC\, CGEIT\, CSX-F) and non-credentialing classes for ISACA NY Metropolitan chapter\, London\, Singapore\, Armenia\, Bangkok\, Bermuda\, Cayman Islands\, US Navy\, and US Army. \nJay was awarded President’s “Outstanding Educator Award” by ISACA NY Metropolitan Chapter in June 2013. \n \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent topics in the IT risk management and governance space. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/risk-management-conference-2024/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/conference-risk-2024.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240516T083000 DTEND;TZID=America/New_York:20240517T160000 DTSTAMP:20240505T150505Z CREATED:20231014T163713Z LAST-MODIFIED:20240505T150505Z UID:31048-1715848200-1715961600@isaca-gwdc.org SUMMARY:Seminar - Auditing Microsoft Entra ID with PowerShell® DESCRIPTION:As organizations continue to move their data and applications to the cloud\, auditors need skills to audit cloud environments. Though environments may be FedRAMP authorized and/or subject to external assessments\, organizations will have responsibilities for certain activities\, such as account management\, privileged access\, and some configuration settings. Thus\, auditors will need to access cloud data to audit these environments. \nMicrosoft Entra ID\, formerly Azure Active Directory\, is Microsoft’s cloud service that provides identity and access management services to Microsoft’s cloud environments. Like Active Directory\, Entra ID allows organizations to establish user\, device\, and group accounts. Azure can also sync with an on-premises Active Directory. While Entra ID provides web interfaces\, auditors often need information that is not easily or efficiently retrieved from these interfaces.   \nThis two-day course will cover the Microsoft Graph and PowerShell commands needed to obtain data from Entra ID. The course will also cover basic audit tests that can be performed using PowerShell on Entra ID data. Attendees will be provided access to a virtual server to practice commands and perform hands-on exercises.  Auditors and security professionals who audit Entra ID will benefit from attending this course. \nRegistration closes on May 15\, 2024 @ 5pm. \nRegister Today! \n  \nAgenda \n\n\nDay 1 \n\n\n\n Lesson 1 – Accessing Azure and Entra ID\n Lesson 2 – User data\n Lesson 3 – Group data\n Lesson 4 – Role and Administrator data\n Lesson 5 – Device data\n\n\n\n\nDay 2 \n\n\n\n Lesson 6 – Application data\n Lesson 7 – Licenses\n Lesson 8 – Authentication Methods\n Lesson 9 – Entra ID Directory Policies\n Lesson 10 – Additional Entra ID Management Features\n\n\n  \nAdditional Course Details \nHands-on Lab Exercises \nEach student will be provided access to a Windows Server to use during the course. The server will be hosted on the Azure Lab Services platform. \nThe server will be accessed using Windows Remote Desktop. Therefore\, on the course dates\, students will need to use a Windows-based computer that permits use of the Remote Desktop protocol. \nAn email will be sent to each student this evening with instructions on accessing the virtual server. Students are encouraged to register and follow the instructions to access the virtual server prior to the start of the seminar. \nEach lesson in the course has an accompanying PowerShell script that will be used for that lesson and will be pre-loaded onto each student’s virtual server. \n  \nPowerShell and Microsoft Graph commands \nStudents will practice obtaining data from an Entra ID instance using Microsoft Graph commands. Students will then use basic PowerShell commands to arrange\, add to\, and extract information into a CSV file that can be used in audit workpapers or other analysis. \n  \nMaterials Provided During the Seminar \nEach student attending the seminar will be provided: \n\n Presentation materials\n PowerShell scripts for each lesson\n Access to the virtual server for up to 5 hours after the course ends for additional practice\n Link to the seminar recording\, good for 30 days after the seminar\n\n  \nInstructor \n\n \n\n\nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 28 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 17+ years\, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development\, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 14 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter completing this course\, students will have basic skills to use PowerShell to obtain\, view\, and export data from Microsoft Entra ID.  \n  \nCPE-Related Details \n\n Prerequisites: Students should be familiar with using PowerShell and working with Microsoft Entra ID.  This course builds on the concepts presented in the Seminar – Introduction to Auditing with PowerShell®.\n Advance Preparation: The instructor will provide materials during the Zoom.\n Program Knowledge Level: Intermediate\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/seminar-auditing-with-powershell-azure-active-directory/ LOCATION:Virtual Event CATEGORIES:Special Seminars ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/auditing_powershell_entraid.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240504T090000 DTEND;TZID=America/New_York:20240518T170000 DTSTAMP:20240430T113525Z CREATED:20231014T165516Z LAST-MODIFIED:20240430T113525Z UID:31075-1714813200-1716051600@isaca-gwdc.org SUMMARY:CRISC 2024 Review Course DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certified in Risk and Information Systems Controls™ (CRISC®).  This review course will provide practical advice on preparing for the CRISC exam and specific instruction regarding the job practice areas addressed by CRISC as defined by ISACA® Global. The dates of this course are three (3) consecutive Saturdays: May 4\, 11\, and 18\, 2024 from 9 am to 5 pm Eastern. \nThis event is intended for anyone sitting for the CRISC Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on May 3 @ 5pm.  \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nAgenda \n\nDay 1 \n\n\nIntroduction \nGovernance (Domain 1) \n\n\nDay 2 \n\n\nIT Risk Assessment (Domain 2) \nRisk Response and Reporting (Domain 3) \n\n\nDay 3 \n\n\nInformation Technology and Security (Domain 4) \nPractice Tests \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CRISC exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CRISC Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CRISC Review Manual and the CRISC Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n CRISC Review Manual\n CRISC Review Questions\, Answers & Explanations Manual\n CRISC Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CRISC page as part of their study program.  \n  \nInstructor \n\n \n\n\nJim Wiggins\nFounder and Principal @ Securible\, LLC\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security\, FITSP-M \nJim has over 26 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 21 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS ). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Microsoft Teams.  \n The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 21 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n Learning Objective: After completing the course\, students will be prepared to sit for the CRISC exam.\n Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/crisc-2024-review-course/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/crisc_2024.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240424T110000 DTEND;TZID=America/New_York:20240424T170000 DTSTAMP:20240423T205108Z CREATED:20240115T163105Z LAST-MODIFIED:20240423T205108Z UID:31612-1713956400-1713978000@isaca-gwdc.org SUMMARY:Diversity\, Equity\, and Inclusion Special Event 2024 DESCRIPTION:ISACA GWDC is proud to host the Diversity\, Equity and Inclusion special event for 2024.  This is an in-person event and is being held at Amazon HQ2 in Arlington. At the forefront of technology’s evolution lies a fundamental truth: diversity drives innovation. Join us as we redefine the future of technology together\, uniting diverse minds\, perspectives\, and experiences for a stronger\, more resilient industry. \nWho Should Attend: IT Executives\, Management and Operations staff\, Risk management leaders and professionals\, IT Auditors\, Cybersecurity professionals\, students or anyone interested in learning more about how diversity\, equity and inclusion can improve individual’s careers and mission of the organization should attend this event. \nNote\, a networking social will be held for event participants after the last session.  An RSVP is required and should be made when registering for the event. \nRegistration closes on April 23\, 2024 @ 8pm.  \nRegister Today! \n  \nEvent Sponsor \nThe GWDC is proud to have AWS Security Assurance Services as the sponsor for this event. \n \nAWS Security Assurance Services LLC\, a PCI-QSAC (Payment Card Industry-Qualified Security Assessor company) and HITRUST External Assessor Firm\, is a team of industry certified assessors\, helping you to achieve\, maintain\, and automate compliance in the cloud by tying together applicable audit standards to AWS service specific features and functionality.  \n  \nAgenda \n\n10:15 AM – 11:00 AM \n\n\nRegistration check-in \n  \n\n \n\n11:00 AM – 11:10 AM \n\n\nOpening Remarks \nPresenter: Jermaine Stanley\, GWDC President \n\n\n11:10 AM – 12:15 PM \n\n\nPanel Discussion: Equitable Opportunities in Technology and Cybersecurity Professions \nModerator: Richa Bangia (AWS) \nPanelists: Natalie Birindelli (AWS Security Assurance Services)\, Dr. Nida Davis (Microsoft)\, Darlene Slaughter (WMATA) \nTopics to the discussed in this session\, include: \n\nDiscussing the barriers to entry and advancement in the field.\nExploring initiatives to provide equal opportunities for professional growth.\nStrategies for recruiting and retaining a diverse workforce.\n\n\n \n\n12:15 PM – 01:00 PM \n\n\nLunch \nLunch will be provided to event attendees. \n\n \n\n12:30 PM – 01:00 PM \n\n\nLunch Topic: Smashing Stereotypes: Introduction to Neurodiversity in Cybersecurity \nPresenter: Elizabeth Green (Link Consulting) \nAt least 20% of the cybersecurity workforce is neurodivergent\, with conditions that may include autism\, ADHD\, dyslexia\, dyspraxia\, and more. Attend this session to learn more about the experience of being neurodivergent in cybersecurity from two cyber professionals who are members of the Diverse Minds Movement of Cyber Guild. Audience members will also learn actionable take-aways for immediate deployment to assist with creation of neurodiversity-inclusive workplace environments. This session will be delivered by members of Cyber Guild’s Diverse Mind’s Movement (DMM)\, led by founding member\, Elizabeth Green from Link Consulting\, LLC. \n\n \n\n01:00 PM – 01:30 PM \n\n\nExecutive DEI Conversation \nPresenter: Roslyn M. Brock (Abt Global)\, Jeff Stoval (Abt Global) \nIn the IT and generative Ai industries\, where technology can potentially shape societal norms and access to information\, integrating DEI practices by senior executives is not only a strategic imperative but also a responsibility. In the current climate\, executives can lead by example and drive significant positive change both within their organizations and across society at large by designing DEI metrics that mitigate bias\, eliminate disparities and promotes equal access for all. \n\n \n\n01:30 PM – 02:30 PM \n\n\nPanel Discussion: Unconscious Bias in Artificial Intelligence (AI) Technology \nModerator: Jermaine Stanley (GWDC President) \nPanelists: Dr. Gina Guillaume-Joseph (Eztera Digital Solutions)\, Eri O’Diah (SIID Technologies)\, Jeff Stoval (Abt Global) \nTopics to the discussed in this session\, include: \n\nDemystifying unconscious bias: Sharing practical insights into how unconscious bias can creep into AI development and deployment.\nProactive strategies for mitigation: Highlighting best practices and innovative approaches to mitigate bias in AI systems.\nBuilding a more ethical AI future: Discussing the role of leadership and collaboration in promoting responsible AI development that benefits all.\n\n\n \n\n02:30 PM – 03:30 PM \n\n\nA Bridge to Billions: How the Future is Powered by Inclusion\, Innovation\, and Corporate Courage \nPresenter: Tracey Walker (Institute for Corporate Courage) \nThis talk examines how leaders and courageous corporations are leveraging the power of inclusion to achieve big milestones. The DEI science of top career experience\, advancement innovation\, and out performing competition. \n\n \n\n03:30 PM – 03:45 PM \n\n\nAfternoon Break \n\n \n\n03:45 PM – 04:45 PM \n\n\nPanel Discussion: Futurism – Connecting Past\, Present\, and Future \nModerator: Tracey Walker (Institute for Corporate Courage) \nPanelists: Dr. Nida Davis (Microsoft)\, Ryan Ubuntu Olson (DAI)\, and Bethlehem Belaineh (Theory AI) \nFuturism draws inspiration from diverse perspectives from marginalized communities across diasporic history\, myths\, and traditions\, weaving them into futuristic narratives. This creates a sense of continuity and resilience\, connecting past struggles to future possibilities. We envision the panel to talk about: \n\nReimagining the Future: Challenges the dominant narratives of technology and progress\, often centered on white and western perspectives. It envisions alternative futures where other voices\, experiences\, and cultures are central and empowered.\nReclaiming Technology: The weaponization and negative impacts of technology\, particularly on marginalized communities. It seeks to reclaim technology as a tool for liberation\, social justice\, and community building.\nCollaboration and Community: Emphasizes the importance of collective action and building strong communities. It envisions future societies where collaboration\, mutual aid\, and shared knowledge lead to a better future for all.\n\n\n \n\n04:45 PM – 05:00 PM \n\n\nClosing Remarks \nPresenters: Jermaine Stanley\, GWDC President and Marvin Muhumuza\, GWDC Special Events Director \n\n \n\n05:00 PM – 06:00 PM \n\n\nNetworking Event \nA newtorking event will be held immediately after for event participants.     \nAn RSVP is required to attend.  This can be done when registering for the event. \n\n  \nPresenters \n \n\n \n\n\nRicha Bangia\nHealthcare Engagement Advisor @ Amazon Web Services \nRicha Bangia is a disrupter\, a change agent and a mentor to professionals for all walks of life. She plays a pivotal role in helping organizations transform their culture from mere survival to thriving through the power of people. Richa’s educational background includes a Bachelor’s degree in Finance/Economy from Rutgers University\, an MBA from the Rutgers School of Business and attended a Women in Executive Leadership program at Cornell. Some of her successes include establishment of the Women in Technology chapter for Columbia University IMC and helping set up the foundation for the Women in Global Services – Security chapter at AWS. \nRicha’s journey to excellence is fueled by an unwavering passion for empowering people. As an experienced Delivery Excellence professional\, she has led transformations across various industries focusing on people\, processes\, and technology. Her innate ability to recognize great potential has propelled her IT-focused career. Richa’s passions extend to building high-performance teams\, leading with authenticity and shaping visionary leaders who drive business outcomes. \nToday\, Richa disrupts the norm by offering a practical and repeatable framework\, advising organizations to move beyond “business as usual.” She builds trust with executives\, customers\, peers and competitors through her empathetic leadership. \nIn her leisure time\, Richa enjoys laughter with her husband\, two kids and family and friends. She channels her creativity by writing comedy standup and dedicates herself to community service\, volunteering at NJ soup kitchens and coaching soccer\, basketball and track. Her goal? To lay a solid foundation of giving back for her kids and the younger generation. \n  \n\n \n\n \n\n\nNatalie Birindelli\nSenior Security Advisor @ AWS Security Assurance Services \nNatalie Birindelli is a Senior Security Advisor on the AWS Security Assurance Services team. She has over 20 years in the hospital & health care industry. She has implemented large cybersecurity programs\, led the implementation of telehealth at the start of the COVID pandemic and is passionate about community advocacy. She serves on the Board of VA HIMSS and is committed to advancing health equity for the underserved. \n  \n\n \n\n \n\n\nDr. Nida Davis\nDirector of Security Architecture @ Microsoft \nNida is currently leading Microsoft’s Digital Security & Resilience (DSR) security architecture team as part which is dedicated to ensuring the security and resilience of every aspect of the Microsoft business. The mission of the DSR function is to support Microsoft build and deliver the most trusted devices and services\, while keeping Microsoft safe and protected. DSR is responsible for Microsoft company-wide information security and compliance\, with a strategic focus on information protection\, assessment\, awareness\, governance\, and enterprise business continuity. As customer zero\, DSR will deploy and secure digital services inside Microsoft and share best practices with enterprise customers at scale across the globe. As the Director of Security Architecture\, Nida leads a highly performing team of Microsoft PMs and Security Architects entrusted with all aspects of security architecture design\, execution\, and partner engagement. Previously Nida served as an Associate Director in the Federal Reserve’s Division of Supervision and Regulation (S&R)\, was responsible for providing oversight and guidance on business operational resiliency\, information technology\, cybersecurity\, data protection\, and emerging technologies. Nida has experience in leading national and international standards and cybersecurity best practices groups that deal in operational resiliency and cyber security. These include the Financial Stability Board’s cyber-lexicon workgroup and the Basel Committee on Banking and Supervision’s operational resiliency working group\, for both of which she has led key cybersecurity and operational resilience work streams. In addition\, Nida has experience serving on several U.S. Treasury-led national groups\, as well as on the G7 Cyber-Experts Group. Nida has received her Doctor of Liberal Studies from Georgetown University. She holds a Master of Business Administration (MBA) from the American University in Cairo\, Master of Arts in Leadership from Bellevue University\, a graduate degree from the ABA Stonier Graduate School of Banking\, as well as a Bachelor of Science in Chemical engineering from Jordan University. Lastly\, Nida was recognized as an award recipient of the prestigious Computer World Premier Top One Hundred IT Leaders for 2006. \n  \n\n \n\n \n\n\nDarlene Slaughter\nVice President\, Chief Diversity\, Equity\, and Inclusion Officer @ Washington Metropolitan Area Transit Authority (WMATA) \nDarlene R. Slaughter is a visionary with a passion to remove barriers and provide equal opportunities for all. As the first appointed Chief Diversity\, Equity and Inclusion Officer for Washington Metropolitan Area Transit Authority (WMATA)\, Darlene will support leading a culture of engagement\, innovation\, accountability\, trust\, and diversity and inclusion for the 13\,000 employees. \nPrior to joining WMATA\, Darlene served as the Chief Diversity Officer for March of Dimes; United Way Worldwide; Linkage Institute for Leading Diversity and Inclusion; and led an integrated strategy to utilize and support the talents of the employees as Fannie Mae’s Chief Diversity Officer. \nDarlene’s work as a leader and in Diversity continues to be recognized. She has received many awards and honors\, including Diversity Woman Media Elite 100; SAVOY’s Top 100 Influential Women in Corporate America\, Profiles in Diversity Journal’s Women Worth Watching\, Black Enterprises’ Top Executives in Diversity\, and Heart & Soul’s Women of Substance in Finance\, in addition to grace the cover of Inclusion Magazine. Darlene served on Twitter’s ICD Council\, American University President’s Diversity Council and Alumni Board\, and Springboard Foundation for Disability. She is a fellow and board member at Simmons University Inclusive Leadership Institute and a board member of the Social Capital Academy at Fullerton University in California. \nDarlene holds a M.S. in Human Resource Management and Organizational Development from American University and a B.S. in Elementary Education from Howard University. \n  \n\n \n \n\n  \n\n\nElizabeth Green\nOwner @ Link Consulting LLC \nLiz Green\, OTR/L has 20 years of experience as an occupational therapist (OT) in a variety of clinical settings. Her passion is to empower neurodistinct individuals in meeting self-directed goals that promote meaningful participation in work\, school and life. \nShe also has a certificate in DEI for HR through Cornell University. By combining advanced expertise as an OT with an HR concentration in DEI\, Liz has created the first ever neurodiversity consultancy model focused on implementation of neuroinclusion principles across the employee life-cycle that do not hinge on disclosure. \nShe has spoken at regional and national conferences\, including Society for HR Managers (SHRM)\, Occupational Therapy Association of Colorado (OTAC) and College Autism Network (CAN). \nShe is also heavily involved in neurodiversity education in the cybersecurity space\, including institutions/groups such as National Initiative for Cybersecurity Education (NICE) Community Coordinating Council\, Sunshine Cybersecurity Conference\, Women in Cybersecurity (WiCyS)\, Cybersecurity Skills Journal\, CompTIA\, SANS\, and Cyber Guild. Liz is also a senior fellow for the Council Exchange Board of Trade (CEBOT)\, which serves the business interest of 65\,000 U.S. minority technology businesses. \n  \n\n\n \n\n\nRoslyn M. Brock\nChief Global Equity Officer @ Abt Global \nRoslyn M. Brock is the Chief Global Equity Officer at Abt Global\, an international consulting and research firm that uses data and bold thinking to improve the quality of people’s lives worldwide. She is an international Arbiter of Social Impact with a distinguished career in health policy\, population health\, and equity\, diversity\, and inclusion for over three decades. At Abt\, Roslyn leads the organization’s Global Equity strategy that drives client-focused\, community centered solutions for mission delivery and sustainable growth. \nRoslyn is also Chairman Emerita of the NAACP National Board of Directors and a Board Trustee at the U.S. Global Leadership Coalition (USGLC) and The George Washington University where she recently chaired the University’s Presidential Search Committee that selected its first female President. Roslyn has chaired GW’s Milken Institute School of Public Health Board of Advisors and ESG Committee and served on the Board of the Catholic Health Association of the United States of America. She is a Life Member of Alpha Kappa Alpha Sorority\, Incorporated and the LINKS\, Incorporated. \nRoslyn holds a BS from Virginia Union University\, MHSA from The George Washington University\, MBA from Northwestern and MDiv. From Virginia Union University. She also holds four honorary doctorate degrees. She is an avid fisherwoman and enjoys horse bike riding. \nRoslyn’s personal philosophy is embodied in an African proverb: “Care more than others think is wise\, risk more than others think is safe\, dream more than others think is practical\, and expect more than others think is possible.” Her Trademark motto is “Courage Will Not Skip This Generation.” \n  \n\n\n \n\n\nJeff Stoval\nChief Information Officer @ Abt Global \nJeff Stovall is the Chief Information Officer at Abt Global\, where he leads the development and execution of Abt’s information technology and cyber security strategies and oversees enterprise platforms\, internal digital initiatives\, IT vendor partnerships\, and delivery service excellence in more than 30 countries. Prior to joining Abt\, Stovall served as an Industry Executive Director at Oracle Corporation\, focusing on cloud enablement in state and local governments. From 2008 to 2018\, he was the CIO for the City of Charlotte\, NC.  Jeff received his Bachelor of Science in Engineering from the Massachusetts Institute of Technology and his MBA from the Darden School at the University of Virginia. \nJeff was named Executive Member of the Year by the IT Senior Management Forum in 2022\, Top 25 “Doers\, Dreamers & Drivers” by Government Technology Magazine in 2018\, Public Sector CIO of the Year by the North Carolina Technology Association in 2017 and 2014\, and Non-Profit/Public Sector CIO of the Year by the InspireCIO ORBIE Awards in 2017.  He is past Chair on the Advisory Board for the UNC Charlotte College of Computing and Informatics and is the national Board Secretary of the Society for Information Management. \n  \n\n \n\n \n\n\nJermaine Stanley\nISACA GWDC President\nCISA\, CDPSE \nJermaine Stanley is a Cybersecurity\, Information Technology (IT)\, and Risk Advisory leader with more than 25 years of experience working with Financial Services\, Technology\, Insurance\, Non-Profit\, and Government organizations. He is a thought leader in the industry\, who has advised clients on complex Cybersecurity and IT Risk matters. In addition to being a member of ISACA Global’s ISACA Foundation Board of Directors\, Jermaine is the current President of the ISACA Greater Washington DC Chapter (ISACA GWDC). \nMore importantly\, Jermaine is a strong technology leader with a reputation for building teams\, mentoring\, and has a passion for creating Diverse\, Equitable\, and Inclusive (DEI) cultures\, who strives to help leaders build\, launch and lead initiatives that promote DEI within their organizations. Mr. Stanley holds a Master’s  degree in Software Engineering\, a Bachelor’s of Science in Electrical Engineering\, CISA and CDPSE certifications\, and holds a certification in Overcoming Unconscious Bias. \nJermaine is the Founder of Stanley consulting Group who’s mission is to “ensure that the business leaders and employees we serve have the tools and insights to help them build diverse\, inclusive\, and equitable workplace environments.”  \n  \n\n \n\n \n\n\nDr. Gina Guillaume-Joseph\nChief Innovation Officer (CIO) @ Eztera Digital Solutions \nGina Guillaume-Joseph\, PhD is a published author and technologist with executive experience and thought leadership within the Federal and Commercial Sector. \nGina is the Chief Innovation Officer (CIO) at Eztera Digital Solutions. Gina will leverage her technology implementation experience and vast network to support the Federal Government’s Technology Transformation Strategy. Her accomplishments and successes are based on strong program performance\, leadership discipline\, a commitment to developing relevant\, innovative and adaptive solutions\, and a vigilant focus on best value solutions for her clients. \nGina spent 16 years supporting our Federal Government as a contractor with Booz Allen Hamilton\, L-3 Communications and The MITRE Corporation. As a Systems Engineer she was responsible for implementing key strategic frameworks\, solutions and technology platforms to assist agencies such as the DoD\, IRS\, FDIC\, DHS\, VA\, and SSA overcome technology gaps in delivering capabilities and value to our United States Taxpayers. \nGina is the former Chief Technology Officer – Government at Workday and former Director of Technology at Capital One. Gina supported the HR and People Technology team as a strategic technical advisor. At Capital One\, she matured their Scaled Agile practices by hiring agilists\, training the team\, and fully implementing the framework to scale resulting in improved product value delivery across the organization. Workday was a key product implemented to Capital One’s more than 43\,000 employees. \n  \n\n\n \n\n\nTracey Walker\nCEO @ Institute for Corporate Courage\nCCD-AP \nAs CEO of the Institute for Corporate Courage (ICC)\, Tracey’s work transforms organizational cultures by infusing courage into leadership practices. Tracey leads this global mission\, bringing together great minds\, and forward-leaning best practices\, to enable corporate change\, leader development\, belonging and accelerated growth. Named to the nation’s Top 25 Women in Consulting in 2024\, her expertise lies in organizational behavior\, people-centric processes\, and driving business outcomes. Her work is re-writing the rules for corporate engagement and welcomes a new era of possibility. \nWith a 20-year career spanning public accounting\, legislative affairs\, and business advisory roles\, Tracey has spent her career solving corporate challenges for clients delivering inclusion compliance\, DE&I training implementation and infrastructure strategy. She serves on several boards and commissions for DEI nationally. An in-demand thought leader\, she presents lectures annually at the nation’s top business schools and trade organizations. She is certified in Diversity and Inclusion as an Advanced Practitioner from the Cornell University School of Industrial and labor Relations (ILR) and completed her graduate work with honors at the Harvard Business School in Organizational Behavior. \n  \n\n\n \n\n\nEri O’Diah\nCo-Founder & CEO at SIID Technologies \nEri is a two-time entrepreneur and the visionary behind SIID Technologies\, a startup that harnesses the power of data science and machine learning to promote fairness and transparency in legal proceedings. With over a decade of experience in marketing communications\, Eri is committed to utilizing her expertise to dismantle biased systems and advocate for equitable social reform. Presently\, she is immersed in researching algorithmic bias and pioneering innovative strategies to address biased decision-making within the legal realm. Eri’s notable accolades include being nominated for Woman of the Year by the Minnesota Leukemia & Lymphoma Society in 2019\, receiving the 2020 Emerging Business Owner award from the National Association of Women Business Owners\, and being a finalist in two MIT Solve innovation challenges in 2021. She holds a Bachelor’s degree in Electronic Media Management from California State University Northridge. \n  \n\n \n\n \n\n\nRyan Ubuntu Olson\nGlobal Manager of Diversity\, Equity\, Engagement\, and Inclusion @ DAI \nRyan Ubuntu Olson is a globally recognized gender and human rights expert. Ryan currently serves as a Global Manager of Diversity\, Equity\, Engagement\, and Inclusion at DAI\, an international development organization\, where he steers his fellow practitioners’ capacity to better understand and respond to the needs of local communities in all their complexities. This has translated to tangible contributions such as developing a global training on gender and sexual diversity used to sensitize US Missions around the world\, advising META’s Data for Good program on enriching gender data programs to be more inclusive\, to serving as a human rights and gender expert on The Global Fund’s Technical Review Panel which aids the organization in allocating $16b in HIV\, TB and Malaria every cycle to country health programs around the world. Ryan has been named an Out Leader in National Security and Foreign Policy and was recognized by a former President and also a former Secretary of State. He has recently published a memoir\, “Finding my Humanity” which captures his travels throughout the world\, and the trials and tribulations he has faced in overcoming stigma\, discrimination and violence throughout his life to become a global champion for gender equality\, human rights and dignity. \n  \n\n\n \n\n\nBethlehem Belaineh\nFounder and CEO @ Theory AI\nCSM\, CSPO\, A-CSPO \nBethlehem is the Founder & CEO of Theory AI\, a dynamic technology consulting firm based in Washington\, DC. Through her work with Theory AI\, Bethlehem leads the development and launch of workflow automation\, gamification\, and other exciting products that speed up business needs and enhance user engagement for customers and stakeholders across diverse contexts and markets. \nTheory AI delivers AI-native Market Research\, Product/Software Development and Management Consulting services that address complex challenges in healthcare\, education\, and federal sectors to a wide variety of clients ranging from Government Technology firms to High-Growth startups. A thought leader in the Artificial Intelligence (AI) space\, and with over a decade of experience in product management and strategy\, Bethlehem holds multiple SCRUM certifications such as ScrumMaster (CSM)\, Scrum Product Owner. (CSPO)\, and Advanced Scrum Product Owner (A-CSPO). \nBethlehem holds a Bachelor of Science (BS) in Biological Physics\, Economics from Brandeis University\, a Master of Engineering degree in Data Analytics Engineering (MEng) and is working on completing her Masters of Information of Information Systems (MIS) from George Mason University as well as a Masters of Business Administration (MBA) from Northwestern University. \n\n  \nLocation Information \nAmazon HQ2 “Merlin” Building (WAS17)\n510 14th St S \nArlington\, VA 22202 \n  \nCheck-in Instructions \n\nUpon entering the Merlin Building\, take the flight of stairs/escalator to the registration desk.\nThe GWDC will have volunteers/signs to provide assistance if needed.\n\n  \nParking Information\nParking is available at this site. The parking garage is located directly beneath the “Merlin” building (WAS17). There are 2 entrances to the parking garage\, one being located on Elm Street next to the WAS17 loading dock and the other being located on 13th Street between Elm and Eads\, next to the WAS19 loading dock. Parking garage height is 7’0″. \n  \nMetro\nPentagon City Metro (blue\, yellow lines) is a 9-minute\, flat walk to the “Merlin” Building. \n  \nEV Charging Stations\nThis site provides access to EV Charging stations. There are currently 92 EV charging stations spread throughout levels P1-P3. The charging stations are free of charge to tenants for the first 4 hours and are first come first serve. Please remember to re-locate your vehicle after it has finished charging so that other drivers may use this resource. ​ \n  \nMotorcycle Parking\nMotorcycle parking is available to registered employees and visitors with a validated parking pass. Please park your motorcycle in the designated motorcycle parking spots located on the P1 level of the garage. \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4.5 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event.  Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about current DEI current trends and practices.  In addition: \n\nShare stories on how diverse leaders achieved their successful careers.\nDiscuss how diversity drives innovation.\nUnderstanding the impact of AI on Diversity and Inclusion.\nDiscuss the weaponization and negative impacts of technology\, particularly on marginalized communities.\nProvide insights on how recruitment and retention processes are improving DEI.\nConnecting past struggles to future possibilities.\nEmpowering Diverse Voices in Futuristic Discussions.\nPoll audience to obtain their thoughts regarding various DEI questions.\n\n  \nCPE-Related Details \n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method: Live\, in-person\nField of Study: Personnel/Human Resources – Non-technical\n\n  URL:https://isaca-gwdc.org/event/dei-special-event-2024/ LOCATION:Amazon HQ2 Merlin Building\, 510 14th St S\, Arlington\, VA\, 22202\, United States CATEGORIES:Special Event ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/01/dei_2024.png ORGANIZER;CN="Marvin Muhumuza (Director of Special Events)":MAILTO:specialevents@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240418T183000 DTEND;TZID=America/New_York:20240418T203000 DTSTAMP:20240328T120908Z CREATED:20240328T120908Z LAST-MODIFIED:20240328T120908Z UID:32102-1713465000-1713472200@isaca-gwdc.org SUMMARY:Women in Technology Social Event DESCRIPTION:The GWDC will be hosting a Women in Technology Social event at The Board Room in Arlington\, VA.  Join us for a few hours and relax.  There is no agenda\, just come out\, have a few drinks on us\, and socialize with fellow members.  \nA raffle held at the end of the event. \nRegistration closes on April 17 @ 3 pm. \nRegister Today! \n  \nVenue Information \nThe Board Room\n925 N. Garfield Street\nArlington\, VA 22201 \nParking Information\nThere is street parking near the restaurant.  Parking is also available at the nearby Colonial Parking garage. \nNearest Metro\nThe restaurant is a short walk from Clarendon Metro Station \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  URL:https://isaca-gwdc.org/event/wit-social-2024/ LOCATION:The Board Room\, 925 N. Garfield Street\, Arlington\, VA\, 22201\, United States CATEGORIES:Social Events ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/03/social-wit-2024.png ORGANIZER;CN="Sushila Nair":MAILTO:marketing@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240418T144500 DTEND;TZID=America/New_York:20240418T170000 DTSTAMP:20240417T155729Z CREATED:20231031T000039Z LAST-MODIFIED:20240417T155729Z UID:31268-1713451500-1713459600@isaca-gwdc.org SUMMARY:2024 Annual FISMA and Risk Management Framework Panel Discussion DESCRIPTION:To protect federal information and systems\, the Federal Information Security Modernization Act of 2014 (FISMA) requires federal agencies to develop\, document\, and implement information security programs. The 2024 Annual FISMA Conference provides a useful update to IT Auditors and the Federal IT community on the current landscape and efforts to comply with FISMA. \nCome hear perspectives from senior federal executives who play key roles in FISMA compliance efforts in this year’s Federal Information Security Modernization Act of 2014 (FISMA) and Risk Management Framework (RMF) Panel Discussion. During this session\, you will learn about recent changes to the FISMA metrics\, and the opportunities and challenges agencies face in complying with FISMA. \nIT advisory or audit professionals that serve or support the Public Sector should attend this event. \nRegistration closes on April 17\, 2023 @ 2pm.   This is a free virtual event for GWDC Members. \nRegister Today! \n  \nEvent Sponsor \n  \n \nSikich LLP\, a professional services firm of more than 100 partners\, 1\,400 employees\, and 17 offices across the U.S. As a professional information technology (IT) firm\, Sikich provides client-tailored IT support\, managed security\, and numerous other expert IT services. As a full-service provider for government agencies and contractors\, we provide financial management and assurance services to support a wide range of federal and commercial clients\, including: \n\n Assist the U.S. Defense Industrial Base (DIB) sector in enhancing its cybersecurity posture within the multi-tier supply chain to ensure compliance with Cybersecurity Maturity Model Certification (CMMC) requirements.\n Conduct CFO Act engagements on behalf of more than three dozen federal CFOs and Offices of Inspectors General (OIGs) in the Executive and Legislative Branches.\n Conduct FISMA audits and other custom IT and cybersecurity performance audits. Our testing includes evaluations of access controls\, configuration and change management\, systems development life cycle including audits of Agile and Waterfall implementations\, disaster recovery and contingency planning\, and overall governance and security frameworks.\n\nThe ISACA Greater Washington D.C. Chapter is proud to have Sikich as the sponsor for this annual event. \n  \nAgenda \n\n2:45 PM – 2:55 PM \n\n\nOpening Remarks \n\n\n3:00 PM – 4:50 PM \n\n\nPanel Discussion: 2024 Annual FISMA and Risk Management Framework \nModerator: \n\n Sarah Mirzakhani\nPartner\, Sikich LLP\n\nPanelists: \n\n Steven Hernandez\nChief Information Security Officer\, and Director of Information Assurance Services @ U.S. Department of Education\n\n\n Jennifer Franks\nDirector\, Center for Enhanced Cybersecurity @ US Government Accountability Office (GAO)\n\n\n Victoria Yan Pillitteri\nFederal Information Security Modernization Act (FISMA) Implementation Project Lead @ National Institute of Standards and Technology (NIST)\n\n\n\n\n\n4:55 PM – 5:00 PM \n\n\nClosing Remarks \n\n  \nModerator \n\n \n\n\nSarah_Mirzakhani\nPartner @ Sikich LLP \nCISA \nSarah Mirzakhani\, CISA\, is a partner with over 20 years of experience in information technology audit/information assurance and information security solutions. Sarah serves federal agencies with varying\, complex IT systems and environments. Her experience includes leading information technology internal control reviews and security audits\, such as the Federal Information Security Modernization Act (FISMA) and overseeing vulnerability assessments and penetration testing. \nSarah is also skilled in conducting and leading system and organization controls/SSAE18 audits and readiness assessments\, regulatory compliance reviews\, and system implementation reviews for not-for-profit\, commercial\, and governmental entities. She has extensive knowledge of the National Institute of Standards and Technology (NIST)\, Federal Information Processing Standards (FIPS)\, and Office of Management and Budget (OMB). \nShe provides services in areas\, such as IT and Cybersecurity Audits\, FISMA Audit Services\, and Performance Audits. \nSarah holds a Bachelor of Science in Business Administration\, Management Information Systems\, West Virginia University\, and is a Certified Information Systems Auditor (CISA). She is affiliated with the Information Systems Audit and Control Association (ISACA) and the Association of Government Accountants (AGA). \n\n  \nPanelists \n\n \n\n\nSteven Hernandez\nChief Information Security Officer\, and Director of Information Assurance Services @ U.S. Department of Education\nMBA\, CISSP\, CISA\, CNSS\, CSSLP\, CDPSE\, SSCP\, CGGC\, ITIL \nSteven Hernandez is an information assurance executive serving the past twenty years in a variety of contexts and missions. His rich background includes law enforcement\, financial\, education\, healthcare\, credentialing\, heavy manufacturing\, non-profits\, and governments at the federal\, state\, and local levels. Steven’s experience ranges from the board room to leading tactical\, day-to-day security operations as well as leading broad security initiatives such as the US government’s Zero Trust Architecture approach across large and complex organizations. \nPresently he is the Chief Information Security Officer and Director of Information Assurance Services at the U.S. Department of Education. Steven also serves as the co-chair of the US Government Federal CISO Council and Government Chair of the ACT-IAC Cybersecurity Community of Interest. Prior to his position at Education\, he held a variety of roles at the Office of Inspector General\, US Department of Health and Human Services including CTO\, CIO\, CISO\, Senior Official for Privacy and Chief Services Engineering Officer. He is an inaugural member of the United States Scholarship for Service Hall of Fame and an ardent supporter of the next generation of cybersecurity professionals through his teaching work as an Honorary Professor\, Affiliate Faculty\, and guest lecturer at over a dozen Institutions of higher education. \n\n\n \n\n\nJennifer Franks\nDirector\, Center for Enhanced Cybersecurity @ US Government Accountability Office (GAO) \nJennifer Franks directs the Center for Enhanced Cybersecurity within GAO’s Information Technology and Cybersecurity team. She oversees reviews that primarily focus on emerging cybersecurity issues and assessing an agency’s ability to protect the confidentiality\, integrity\, and availability of its sensitive data and computing infrastructure. Her multi-disciplinary teams actively review agencies’ computer security vulnerabilities across their enterprise-wide computing environment by assessing program management compliance and technical controls recommended for the agencies to follow in accordance with federal guidance and leading practices. In addition\, she leads reviews in the areas of IT management and operations\, financial management\, healthcare and public health IT\, data protection\, and privacy. \nJennifer joined GAO in 2006. She is a Diversity Champion who leads efforts to increase inclusiveness at GAO. Since 2012\, she has facilitated numerous agency Diversity\, Equity\, Inclusion\, and Accessibility (DEIA) courses\, and holds facilitator certifications in “Engaging in Bold\, Inclusive Conversations” and “Green Dot Bystander Intervention” training. \nJennifer earned a master’s degree in information security policy and management from Carnegie Mellon University and earned a bachelor’s degree in computer information systems from Hampton University. \n\n\n \n\n\nVictoria Yan Pillitteri\nFederal Information Security Modernization Act (FISMA) Implementation Project Lead @ NIST\nCISSP \nVictoria Yan Pillitteri is a supervisory computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST). Ms. Pillitteri is the Acting Manager of the Security Engineering and Risk Management Group and also leads the Federal Information Security Modernization Act (FISMA) Implementation Project\, supervising a team of technical and administrative staff that are responsible for conducting the research and development of the suite of risk management guidance used for managing cybersecurity risk in the federal government\, and associated stakeholder outreach and public-private coordination/collaboration efforts. She serves as the lead of the Joint Task Force working group\, a partnership with Department of Defense\, the Intelligence Community and Civilian Agencies to develop a unified security framework to protect USG from cyberattacks and is co-chair of the Federal Cybersecurity and Privacy Professionals Forum hosted NIST. \nShe previously worked on development of the Cybersecurity Framework and Privacy Framework\, led the NIST Smart Grid and Cyber Physical Systems Cybersecurity Research Programs\, served on the board of directors of the Smart Grid Interoperability Panel\, and completed a detail in the office of the NIST Director as an IT policy advisor. She has co-authored a number of NIST Special Publications (SPs) and Interagency Reports (IRs) on information security\, including SP 800-12\, 800-37\, 800-53\, 800-82\, 800-171\, 800-171A\, 800-171B\, 800-137A\, 1108 and IR 7628. \nVictoria holds a B.S. in Electrical Engineering from the University of Maryland\, a M.S in Computer Science\, with a concentration in Information Assurance\, from the George Washington University\, completed the Key Executive Leadership Program at American University\, and is a Certified Information Systems Security Professional (CISSP). She has completed a Senior Executive Service Candidate Development Program (SES CDP) and is SES certified. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 2 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent changes to the FISMA metrics and the opportunities and challenges agencies face in complying with FISMA. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/2024-annual-fisma-and-risk-management-framework-panel-discussion/ LOCATION:Virtual Event CATEGORIES:Panels ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/panel-fisma-2024.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240411T083000 DTEND;TZID=America/New_York:20240412T160000 DTSTAMP:20240318T132506Z CREATED:20231014T162901Z LAST-MODIFIED:20240318T132506Z UID:31043-1712824200-1712937600@isaca-gwdc.org SUMMARY:Seminar - Auditing with PowerShell®: Active Directory® DESCRIPTION:Auditors performing audits of Windows systems inevitably need to obtain information from Active Directory®\, Microsoft’s platform for providing directory services to Windows and other devices. Whether it’s data on user accounts\, computer accounts\, group membership\, or configurations in group policy objects\, Active Directory is often a critical data source for Windows system audits. \nWhile Active Directory graphic user interfaces can be used to obtain this information\, they are often not efficient to use and some information isn’t easy to find and download. This often results in administrators needing to provide data or screenshots. \nPowerShell® provides a better method of obtaining information from Active Directory. As a Microsoft product\, PowerShell has a variety of commands for working with Active Directory. These include commands to obtain data on Active Directory objects\, such as users\, computers\, groups\, and group policy objects. Using simple PowerShell scripting capabilities\, auditors can develop scripts to efficiently collect data from Active Directory and perform audit tests on this data. \nThis two-day hands-on course will cover the PowerShell commands needed to obtain user\, computer\, group\, and group policy object data from Active Directory. The course will also cover basic audit tests that can be performed using PowerShell on Active Directory objects.  Attendees will be provided access to a virtual server to practice commands and perform hands-on exercises. \nAuditors and security professionals who audit Active Directory will benefit from attending this course. \nThis course builds on the concepts presented in the Seminar – Introduction to Auditing with PowerShell®. \nRegistration closes on April 10\, 2024 @ 5pm. \nRegister Today! \n  \nAgenda \n\n\nDay 1 \n\n\n\n Overview of PowerShell’s Active Directory and Group Policy modules\n Walkthrough of commands for:\n\n\n Organizational units\n User objects\n Computer objects\n Group objects\n\n\n\n\n\n\nDay 2 \n\n\n\n Walkthrough of commands for Group Policy Objects\n Basic scripts with audit tests for Active Directory objects\n Exporting data into CSV files\n\n\n  \nMaterials Provided During the Seminar \nEach student attending the seminar will be provided: \n\n Presentation materials\, which include detailed examples\n PowerShell script for working with Active Directory\n Answers to Practice Exercises\n Link to the seminar recording\, good for 30 days after the seminar\n\n  \nInstructor \n\n \n\n\nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 29 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 17+ years\, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development\, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 14 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter completing this course\, students will have basic skills to use PowerShell to obtain\, view\, and export data from Active Directory.  \n  \nHands-on Exercises \nStudents will be given access to a Windows Server at the beginning of the course to use in practicing commands and hands-on exercises. Instructions will be provided to the students during registration and in advance of the event on the requirements to access the server. \n  \nCPE-Related Details \n\n Prerequisites: Students should be familiar with using PowerShell and working with Active Directory.\n Advance Preparation: The instructor will provide materials during the Zoom. Advance preparation for accessing the Windows server will be provided in advance of the course.\n Program Knowledge Level: Intermediate\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/seminar-auditing-with-powershell-active-directory/ LOCATION:Virtual Event CATEGORIES:Special Seminars ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/auditing_powershell_ad.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240328T093000 DTEND;TZID=America/New_York:20240328T173000 DTSTAMP:20240324T143712Z CREATED:20240204T185627Z LAST-MODIFIED:20240324T143712Z UID:31708-1711618200-1711647000@isaca-gwdc.org SUMMARY:Women in Leadership and Technology 2024 Special Event DESCRIPTION:The GWDC is proud to present this event with our partners:  \n       \nISACA GWDC\, along with our partners are proud to host our annual Women in Leadership and Technology Special Event.  This year’s theme is “AI\, Cybersecurity\, and Audit Leadership: Pioneering Change.”  This is a distinguished and empowering gathering designed for professionals in the cutting-edge sectors of AI\, cybersecurity\, and audit. This event stands out as a beacon for progressive thought and action\, featuring an impressive lineup of world-leading women speakers from prominent organizations such as CISA\, NIST\, Microsoft\, and Amazon.  This is not just an event; it’s a stepping stone towards a more inclusive and innovative future in technology. Be part of this transformative experience and help pioneer change in the realms of AI\, cybersecurity\, and audit. \nSet against the backdrop of the dynamic Cooperative Plaza Conference Center in Arlington\, the summit is more than just a conference; it’s a melting pot of ideas\, innovation\, and collaboration. We aim to create an enriching environment that encourages learning\, connection\, and empowerment. This unique event focuses on the critical intersections and synergies between AI\, cybersecurity\, and audit\, exploring how these fields can collaboratively shape the future of technology and business. \nJoin us for a day filled with insightful keynotes\, engaging panel discussions\, and interactive sessions\, all led by trailblazing women at the forefront of their fields. This is your opportunity to network with like-minded professionals\, gain invaluable insights\, and be part of a movement driving change and diversity in the tech world. \n \nWho Should Attend: IT Executives\, Management and Operations staff\, Risk management leaders and professionals\, IT Auditors\, Cybersecurity professionals\, students or anyone interested in learning more about how AI\, cybersecurity\, and audit leadership. \nRegistration closes on March 27\, 2024 @ 12 pm.  \nRegister Today! \n  \nEvent Sponsor \n  \n \n  \nSince 1984\, the Carnegie Mellon University (CMU) Software Engineering Institute (SEI) has brought innovation to the U.S. government and has been critical to the government’s ability to acquire\, develop\, operate\, and sustain software systems that are innovative\, affordable\, trustworthy\, and enduring. The SEI’s three technical divisions research complex software engineering\, cyber operations\, and artificial intelligence (AI) engineering solutions; create and pilot innovative technologies; and transition maturing solutions into practice. The SEI is part of Carnegie Mellon University\, pioneering discoveries that enrich the lives of people on a global scale. CMU turns disruptive ideas into successes through leading-edge research. \n  \nAgenda \n\n8:30 AM – 09:30 AM \n\n\nRegistration Check-in and Networking \nBreakfast will be provided. \n\n\n \n\n09:30 AM – 10:00 AM \n\n\nWelcome and Opening Remarks \nPresenters: Sushila Nair (Capgemini) \nRepresentatives from Cloud Security Alliance (CSA)\, ISC2 and ISSA DC Chapters \nPresenters will introduce the significance of the event\, the goals for the day\, and a brief overview of the current state of women in technology\, especially in cyber and audit. \n\n\n\n10:00 AM – 11:00 AM \n\n\nKeynote Address: Securing Tomorrow: AI and the Journey Towards a ‘Secure by Design Future’ \nPresenter: Lauren Zabierek (Cybersecurity and Infrastructure Security Agency (CISA)) and Lisa Einstein (CISA) \nIn this fireside chat\, Lisa Einstein and Lauren Zabierek will discuss their work on Artificial Intelligence and Secure by Design. To catalyze enduring security for our nation as the National Cyber Strategy calls for\, we must make two fundamental shifts: ensuring that the most capable and best-positioned actors assume a greater share of the burden for mitigating cyber risk\, and increasing incentives to favor long-term investments into cybersecurity. CISA’s work on AI and Secure by Design are directly aligned with this vision and the agency is working across industry\, the security community\, and international partners to drive change toward long term security\, safety\, and resilience. Lisa and Lauren will share what they are doing in their respective roles\, highlight challenges and opportunities for the audience\, and share a bit about their experiences in cybersecurity. \n\n \n\n\n11:00 AM – 11:15 AM \n\n\nCoffee and Networking Break \nRefreshments will be provided \n\n \n\n\n11:15 AM – 12:05 PM \n\n\nPanel Discussion – Climbing the Tech Ladder: Strategies to Excel and Lead \nModerator: Katherine Scott (ISACA GWDC) \nPanelists: Teresa Allison (Dept. of the Treasury\, ISSA DC Chapter)\, Sushila Nair (Capgemini\, ISACA GWDC)\, and Randall Trzeciak (Software Engineering Institute @ Carnegie Mellon University) \nThis panel discussion aims to explore effective strategies and practical advice for women in technology who aspire to advance into leadership roles. It will provide insights into overcoming common barriers\, navigating corporate cultures\, and leveraging personal strengths for career advancement. The panelists\, who are successful female leaders in tech\, will share their experiences and tips on how to excel in a competitive and often male-dominated field. \nKey Discussion Points \n\nNavigating the Path to Leadership: Insights into the journey of rising up the ranks in the tech industry\, including key steps and milestones.\nOvercoming Gender-Specific Barriers: Discussing challenges specific to women in tech and strategies to overcome them\, such as dealing with bias and imposter syndrome.\nDeveloping Leadership Skills: Identifying and cultivating the essential skills needed for effective leadership in technology.\nMentorship and Sponsorship: Understanding the role of mentors and sponsors in career advancement and how to effectively seek and maintain these relationships.\nBuilding a Personal Brand: Tips on how to establish and promote a personal brand that aligns with leadership aspirations.\nWork-Life Integration: Discussing strategies for balancing professional growth with personal life\, including family commitments.\nNetworking and Community Involvement: The importance of building a professional network and getting involved in tech communities for career development.\nFuture Trends in Tech Leadership: Insights into emerging trends and how aspiring leaders can prepare for the future landscape of tech leadership.\n\n\n \n\n\n12:05 PM – 01:30 PM \n\n\nLunch Break and Networking \nLunch will be provided to event attendees. \n\n \n\n\n01:30 PM – 02:30 PM \n\n\nAI and Privacy: Maximizing the Benefits and Minimizing the Risks \nPresenter: Naomi B. Lefkovitz (NIST) \nCan there be privacy in the age of artificial intelligence? From privacy-preserving machine learning to the building blocks for personal privacy avatars\, this presentation will focus on NIST frameworks\, tools\, and guidelines that can maintain or enhance privacy with artificial intelligence. \n\n \n\n\n02:30 PM – 03:20 PM \n\n\nExtending the Principles of Responsible AI to Technology Policy \nPresenter: Dr. Diana Burley (American University) \nAI and other emerging technologies both empower innovation and expose societal vulnerabilities. The policies that guide their deployment and use determine\, to a large extent\, the role that these innovations play in society. As such\, the policies\, and the policymakers who shape them\, are powerful arbiters of future human welfare. How then\, do we extend the “responsible” principles we promote with the technology developers to the policies and policymakers who shape societal standards? \n\n \n\n\n03:20 PM – 03:40 AM \n\n\nCoffee and Networking Break \nRefreshments will be provided \n\n \n\n\n03:40 PM – 04:30 PM \n\n\nBeyond Cybersecurity: Women Coloring the Future of AI \nPresenter: Diya Wynn (Amazon) \nImagine a world where AI isn’t just considered a tech fad\, but a bridge to a more equitable future. Where diverse voices paint the canvas of innovation\, and women lead the charge. Join us for a dynamic exploration of how AI is shaping our world\, and how YOU can be a part of its story. Leave empowered to go beyond Cybersecurity\, join the movement and color the AI future. \n\n \n\n\n04:30 PM – 05:20 PM \n\n\nHarnessing the power of AI with Microsoft Copilot \nPresenter: Lili Davoudian (Microsoft) \nThis session will provide an overview of the Microsoft copilot stack\, with a focus on data security and governance. The session will walk through how to set up the appropriate data governance guardrails when introducing the Copilot product suite to ensure data security and compliance. It will also demonstrate how different element of the Microsoft Copilot stack can automate repetitive job functions\, across security and compliance. Finally\, the session will touch on Microsoft’s commitment to responsible AI principles. \n\n \n\n\n05:20 PM – 05:30 PM \n\n\nClosing Remarks \n\n  \nPresenters \n \n\n \n\n\nLauren Zabierek\nSenior Advisor\, Cybersecurity Division @ CISA \nLauren Zabierek is a Senior Advisor in the Cybersecurity Division at CISA with over 20 years in national security. Previously\, she served as the Executive Director of the Cyber Project at the Harvard Kennedy School’s Belfer Center\, where she ran a policy-relevant research program and managed students and nonresident fellows. She also served as the Acting Executive Director of the Belfer Center in her final semester there. She came to that role as a 2019 graduate of the Kenney School’s midcareer MPA program. Prior to graduate school\, she was an early member of the cybersecurity firm Recorded Future\, having established and managed their public sector team. She also served as a civilian intelligence analyst at the National Geospatial Intelligence Agency with multiple deployments to Afghanistan and served as a US Air Force intelligence officer at the beginning of her career. Lauren is also the co-founder of the online social media movement\, #ShareTheMicInCyber. She is a mentor with Girl Security\, a fellow at the National Security Institute at George Mason University\, and a fellow at New America. She has appeared on television\, radio\, and several podcasts and panels. \n\n \n\n \n\n\nLisa Einstein\nExecutive Director of CISA Cybersecurity Advisory Committee @ CISA \nLisa Einstein serves as Executive Director of the Cybersecurity and Infrastructure Security Agency’s Cybersecurity Advisory Committee\, a group of experts that advises CISA’s Director on ways to reduce cyber risk to critical infrastructure. She was Stanford’s first dual master’s degree recipient in computer science and international cyber policy. While at Stanford\, she led H.R. McMaster’s research team on emerging technologies and geopolitics\, contributed to a forthcoming book on trust and safety engineering\, and conducted research on AI-augmented education and algorithmic decision support tools for humanitarian evacuations. \nPreviously\, Lisa taught physics to over 600 students as a Peace Corps Volunteer in rural Guinea. With some of her students\, she co-founded Association des Jeunes pour la Défense des Droits des Enfants (AJDE)\, a Guinean NGO that promotes girls’ education and combats early marriage and gender-based violence. She received her BA from Princeton in physics and dance and danced professionally for several years\, including with Camille A. Brown and Dancers. \n\n \n\n \n\n\nKatherine Scott\nISACA GWDC Secretary \nKatherine has served as chapter Secretary since July 2020 and records Board meeting minutes and maintains chapter compliance and records. Katherine participated in ten chapter strategy sessions. \nKatherine served as Director of Membership from July 2016 to June 2000. She focused on the retention and growth of chapter membership\, coordinated social events and organized volunteers for the chapter. \nKatherine supports the Board and other directorates. She co-hosted the Women in Technology conference for two years\, helped at Academics events\, supported CPE issuance\, and wrote newsletter articles. She wrote a chapter roles and responsibilities document\, reviewed Board SOPs\, and led the chapter bylaw review. She has attended ISACA’s Global Leadership Conference three times\, served on a task force with ISACA Global to define the role that ISACA plays in helping students get into IT\, and participated in ISACA’s Day on the Hill in 2023. \n\n \n\n \n\n\nTeresa Allison\nCybersecurity Group Chief / Information System Security Manager (ISSM) @ U.S. Treasury Department\, Office of Information Technology\nPMP\, CISSP\, CCSP\, CGRC\, CISM\, CISA\, CRISC\, CGEIT\, CCSK\, Security+\, CSM\, CPSO\, ITIL\, Lean Six Sigma \nTeresa Allison is a certified Information security professional who has worked in the field of information technology consulting for over 20 years. She is a Cyber Group Chief / ISSM at the US Treasury\, Office of Information Technology in Washington\, DC.  Allison has served as a trusted advisor to CXOs and their staff by providing them with solutions for addressing their needs for managing and securing multi-billion-dollar IT investments. Teresa uses her skills as a policy analyst\, information technologist\, and manager to provide value to her clients. \nShe specializes in IT/Cybersecurity strategic planning\, budgeting\, performance management\, portfolio management\, governance\, risk management\, legal & regulatory compliance\, project management\, program management\, process improvement\, business operations transformation\, strategic communications and stakeholder management. Her technical knowledge includes systems analysis & design\, Software Development Life Cycle (SDLC)\, Agile\, Scrum\, DevOps\, SecDevOps\, programming (C++\, Java\, JavaScript\, SQL)\, web design & development\, database design & development and cloud computing. \nTeresa received her bachelor’s degree in political science from Xavier University. She graduated from Carnegie Mellon University’s H. John Heinz III School of Public Policy with a Master of Science in Public Policy and Management with a minor in Management of Information Systems. She is a certified IT professional who currently holds the PMP\, CISSP\, CCSP\, CGRC\, CISM\, CISA\, CRISC\, CGEIT\, CCSK\, Security+\, CSM\, CPSO\, ITIL\, Lean Six Sigma and other certifications. \nTeresa Allison is currently the Vice President of Programs & Events for the Information System Security Association (ISSA) DC Chapter. She served as a volunteer for the Women’s Society of Cyberjutsu which encourages women to pursue careers in Cybersecurity. Allison coordinated higher education outreach programs for the Project Management Institute (PMI) as a member of the Higher Education Partnerships committee. She is a member of the ISACA GWDC Chapter and the Healthcare Information Management Systems Society (HIMSS). Teresa Allison is the Past President of the Carnegie Mellon University Heinz College Alumni Association comprised of over 11\,000 alumni from around the world. \n\n \n\n \n\n\nSushila Nair\nVice President\, Head of Cybersecurity Services\, North America @ Capgemini\nCISSP\, GIAC GSTRT\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nVice President of Capgemini’s North American Cybersecurity practice\, Sushila Nair\, is a pivotal figure in driving secure digital transformation globally. With over 30 years of experience spanning computing infrastructure\, business\, and security risk analysis\, Sushila has carved a niche in the cybersecurity domain. Her journey includes a decade-long leadership of her own IT and Cybersecurity company across major UK cities and serving as a Chief Information Security Officer (CISO)\, where she mastered the art of safeguarding against evolving digital threats. \nAn esteemed thought leader\, Sushila’s insights have graced global platforms like RSA and ISACA’s conferences. Her role in the ISACA global emerging trends working group and as Vice President of ISACA’s Greater Washington\, D.C. Chapter showcases her commitment to advancing the field. Her efforts\, especially in championing the next generation of cybersecurity talent and promoting diversity\, earned her the prestigious ISACA Technology for Humanity Award in 2024. \n\n \n\n \n\n\nRandall Trzeciak\nAdjunct Faculty\, MSISPM Program Director @ Software Engineering Institute at Carnegie Mellon University \nRandy Trzeciak currently holds a dual appointment between Heinz College and the CERT Program of the Software Engineering Institute at Carnegie Mellon University. \nIn support of the Heinz College\, Randy occupies the role of Director of the Masters of Science Information Security Policy & Management (MSISPM) Program as well as an adjunct professor for the graduate School of Information Systems and Management. \nIn support of the Software Engineering Institute\, Randy is the Technical Manager of CERT’s Enterprise Threat and Vulnerability Management Team and the CERT Insider Threat Center. The team’s mission is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing and conducting information security assessments; and providing information\, solutions and training for preventing\, detecting\, and responding to illicit activity. Team members are domain experts in insider threat and incident response. Team capabilities include threat analysis and modeling; building and evaluating insider threat programs; development of insider threat controls\, workshops\, and exercises. \nPrior to his current role in the CERT Program\, Mr. Trzeciak managed the Management Information Systems (MIS) team in the Information Technology Department at the SEI. Under his direction\, the MIS team developed and supported numerous mission-critical\, large-scale\, relational database management systems. \nPrior to his time working at the SEI\, Mr. Trzeciak was a software engineer for the Information Technology Development Center of the Carnegie Mellon Research Institute (CMRI)\, responsible for a variety of information networking projects. These projects included the design and development of large-scale databases and Internet-based systems that adhered to data privacy and security requirements; the design and implementation of multi-organizational portals for preparation and response to weapons of mass destruction; and collaboration among public health department epidemiologists. \nPrior to his career at Carnegie Mellon\, Mr. Trzeciak worked for Software Technology\, Incorporated (STI) in Alexandria\, Virginia. For nine years\, Mr. Trzeciak was a consultant to the Naval Research Laboratory (NRL) working on numerous projects designing\, building\, and supporting large-scale relational database management systems. During his employment with STI\, Mr. Trzeciak also filled the role of Information Systems Business Manager. \n\n \n\n \n\n\nNaomi Lefkovitz\nSenior Privacy Policy Advisor and Lead for the Privacy Framework in the Information Technology Lab @ NIST \nNaomi Lefkovitz is the Senior Privacy Policy Advisor and Lead for the Privacy Framework in the Information Technology Lab at the National Institute of Standards and Technology\, U.S. Department of Commerce. She leads the privacy engineering program\, which focuses on developing privacy risk management processes and integrating solutions for protecting individuals’ privacy into information technologies\, including digital identity services\, IoT\, smart cities\, big data\, mobile\, and artificial intelligence. \nFierceGovernmentIT named Ms. Lefkovitz on their 2013 “Fierce15” list of the most forward-thinking people working within government information technology\, and she is a 2014 and 2018 Federal 100 Awards winner. \nBefore joining NIST\, she was the Director for Privacy and Civil Liberties in the Cybersecurity Directorate of the National Security Council in the Executive Office of the President. Her portfolio included the National Strategy for Trusted Identities in Cyberspace as well as addressing the privacy and civil liberties impact of the Obama Administration’s cybersecurity initiatives and programs. \nPrior to her tenure in the Obama Administration\, Ms. Lefkovitz was a senior attorney with the Division of Privacy and Identity Protection at the Federal Trade Commission. Her responsibilities focused primarily on policy matters\, including legislation\, rulemakings\, and business and consumer education in the areas of identity theft\, data security and privacy. \nAt the outset of her career\, she was Assistant General Counsel at CDnow\, Inc.\, an early online music retailer. \nMs. Lefkovitz holds a B.A. with honors in French Literature from Bryn Mawr College and a J.D. with honors from Temple University School of Law. \n\n \n\n \n\n\nDr. Diana Burley\nVice Provost for Research and Innovation @ American University \nDr. Diana L. Burley is a global cybersecurity expert with more than 30 years of experience driving digital transformation\, implementing cybersecurity workforce initiatives\, and promoting an equitable global technology community. Diana is currently Vice Provost for Research and Innovation at American University where she also leads the Khan Cyber & Economic Security Institute and serves as a member of the faculty. As both the university’s chief research officer and chief innovation officer\, Diana oversees the university-wide R&D portfolio\, research partnerships\, and strategic initiatives to catalyze discovery. She advises government officials and regularly offers thought leadership at executive forums. Her board service includes the Cyber Future Foundation and the Global Cyber Security Advisory Group\, and she has been honored by GET Cities\, Executive Women’s Forum\, SC Magazine\, ACM\, and others for her leadership in building the global cybersecurity workforce. She earned her Ph.D. from Carnegie Mellon University. \n\n \n\n \n\n\nDiya Wynn \nResponsible AI Lead @ Amazon \nDiya is a Responsible AI Lead at AWS that started and led customer engagement globally on Responsible AI. In 2023\, she was named one of Business Insiders top 15 in Enterprise AI and top 100 in AI\, one of 100 Brilliant Women in AI Ethics™\, received the VentureBeat Women in AI – Responsible AI and was a finalist for Women in AI – AI for Good Responsible AI leader. She makes Responsible AI practical and accessible. Her focus with organizations is the intentional action of building trust in AI by mitigating risks and uncovering potential unintended impacts related to its development\, deployment and its use. She has met with legislators and policy makers globally to provide perspective to influence imminent regulation and policy on AI. For the first 15 years of her career\, she worked in early-stage companies in consulting and in roles focused on scaling products for acquisition. \nShe is an author and international speaker; serves on non-profit boards; volunteers through multiple organizations; and guest lectures on responsible and inclusive technology. \nWhen she isn’t working hard on the future of AI\, she’s working hard to influence the future. For Diya\, this starts at home with her two sons but extends to the dozens she mentors\, whom she encourages to color outside the lines\, defy the odds\, and redefine boundaries. \n\n \n\n \n\n\nLili Davoudian\nSecurity Technical Specialists Lead @ Microsoft \nLili Davoudian leads the Security Technical Specialists at Microsoft. Her team is responsible for showcasing the technical excellence of Microsoft’s security suite to customers in the Defense space. She previously worked in Engineering\, where she was instrumental in launching key features across the Microsoft security platform. She holds a Bachelor of Science in Foreign Service from Georgetown University\, and currently lives in New York City. \n\n  \nLocation Information \nCooperative Plaza Conference Center\n4301 Wilson Blvd. (“Ballston”)\nArlington\, VA 22203\nhttps://www.cooperativeplaza.com/conference-center/ \n  \nCheck-in Instructions \n\nEntrance to the Conference Center is located on Wilson Blvd.\nThe Conference Center is located on the right-hand side of the main entrance.\nProceed through the doors labeled “Cooperative Plaza Conference Center” to the registration desk.\nVisit https://www.cooperativeplaza.com/conference-center/ for a 360 tour of the conference center.\nThe GWDC will have volunteers/signs to provide assistance if needed.\nCheck-in begins at 8:30 AM.\n\n  \nParking Information \n\nParking is available in the Conference Center garage. Visit the Conference Center website for more information.\nThere are also parking garages near the center.\nParking is NOT validated for this event. Parking fees are the responsibility of event attendees.\n\n  \nNearest Metro\n \nThe Conference Center is near the Ballston-MU metro station (Orange and Silver lines) \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event.  Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about AI\, cybersecurity\, and audit leadership. \n  \nCPE-Related Details \n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method: Live\, in-person\nField of Study: Information Technology – Technical\n\n  URL:https://isaca-gwdc.org/event/wit-special-event-2024/ LOCATION:Cooperative Plaza Conference Center\, 4301 Wilson Blvd\, Arlington\, 22203\, United States CATEGORIES:Special Event ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2024/02/women_in_tech_leadership_conference_2024.png END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240321T090000 DTEND;TZID=America/New_York:20240322T170000 DTSTAMP:20240324T145653Z CREATED:20231029T161836Z LAST-MODIFIED:20240324T145653Z UID:31078-1711011600-1711126800@isaca-gwdc.org SUMMARY:Artificial Intelligence and Generative AI 101 Seminar DESCRIPTION:In this comprehensive two-day course\, participants will delve into the transformative power of Generative AI\, with a special emphasis on popular platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney. Beginning with a brief overview of Artificial Intelligence and Machine Learning\, the course will lead you through the fascinating world of Generative AI and its role in reshaping industries. Through a mix of theoretical understanding and practical hands-on sessions\, you will master the operational use of these platforms to solve real-world problems and drive innovation in your organization. The course will cover potential challenges\, ethical considerations\, and practical applications of Generative AI\, preparing you for a future-oriented\, AI-driven operational landscape. \nPlease take a moment to hear from the instructor\, Jim Wiggins\, about the seminar presented in October 2023 and how it will help you understand the Generative AI landscape more fully.  Jim has over 26 years of cybersecurity experience.  The March 2024 seminar will be an updated edition of the October 2023 seminar. \n \nRegistration closes on March 20 @ 3 pm. \nRegister Today! \n  \nCourse Materials\, Format\, and Schedule \nCourse Format \nThis course blends expert lectures\, interactive discussions\, and practical sessions. It fosters a collaborative learning environment and provides access to online resources for self-paced study. \n  \nCourse Schedule  \nThe course spans two days\, 7 hours each day\, inclusive of breaks. Specific scheduling will be provided closer to the course date. \n  \nCourse Materials \nParticipants will gain access to a range of course materials including online resources\, a comprehensive slide deck\, and popular AI platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney. Additional recommended readings and supplementary materials will be provided during the course. \n  \nAgenda \n\nDay 1 \n\n  \n  \n\n Introduction and Course Overview (30 minutes)\n\n\n Presenter Introduction\n Course Objectives and Outcomes\n Course Materials and Format\n\n\n History of Artificial Intelligence and Generative AI (1 hour)\n\n\n Evolution of Artificial Intelligence\n Development of Machine Learning and Deep Learning\n The Emergence of Generative AI: A Historical Perspective\n\n\n Overview of Common Generative AI Platforms (2 hours)\n\n\n Introduction to ChatGPT\, Bard\, DALLE-2\, and Midjourney\n Features and Unique Capabilities of Each Platform\n Break (15 minutes)\n Comparative Analysis: Strengths\, Weaknesses\, and Appropriate Use Cases for Each Platform\n\n\n Gaining Access to Platforms (1 hour)\n\n\n Procedures for Accessing AI Platforms\n Subscriptions\, Costs\, and Managing Organizational Access\n Break (30 minutes – Lunch)\n\n\n Introduction to Prompting (1 hour)\n\n\n Understanding Prompts and Their Role in Generative AI\n Constructing Effective Prompts: Best Practices\n\n\n Prompt Engineering (1.5 hours)\n\n\n Techniques for Advanced Prompt Engineering\n Hands-on Exercise: Crafting and Testing Prompts on Different Platforms\n Break (15 minutes)\n Review and Feedback on Prompt Engineering Exercise\n\n  \n\nDay 2 \n\n  \n  \n\n Recap of Day 1 and Overview of Day 2 (30 minutes)\n Practical Applications of Generative AI (2 hours)\n\n\n The Impact and Potential of Generative AI across Various Domains\n Real-world Use Cases and Success Stories\n Break (15 minutes)\n Exercise: Brainstorming Possible Applications in Participants’ Context\n\n\n Ethical Considerations and Risks in Generative AI (1 hour)\n\n\n Understanding the Ethical Landscape of AI\n Identifying and Mitigating Risks in Using Generative AI\n Break (30 minutes – Lunch)\n\n\n Hands-on Session: Operationalizing Generative AI (2.5 hours)\n\n\n Accessing Platforms and Setting Up for a Task\n Crafting Prompts for a Given Task\n Review and Feedback on Hands-on Exercise\n Break (15 minutes)\n\n\n Future Trends in Generative AI and Closing Remarks (1 hour)\n\n\n The Road Ahead: What to Expect from the Future of Generative AI\n Opportunities for Further Learning and Specialization\n Course Review\, Q&A\, and Feedback Session\n\n  \nInstructor \n\n \n\n\nJim Wiggins\nFounder and Principal @ Securible\, LLC\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security\, FITSP-M \nJim has over 26 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 21 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS ). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Microsoft Teams.  \n The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 16 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nLearning Objectives \nBy the end of this course\, participants will: \n\n Understand the core concepts of Artificial Intelligence\, Machine Learning\, and Generative AI.\n Familiarize themselves with popular Generative AI platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney.\n Gain practical experience in leveraging these platforms for solving organizational challenges.\n Understand the potential challenges\, ethical considerations\, and potential misuse of Generative AI.\n Explore practical applications and future trends of Generative AI within an operational framework.\n\n  \nCourse Outcomes \nUpon completion of the course\, participants will be able to: \n\n Articulate the foundational principles of AI\, Machine Learning\, and Generative AI.\n Employ popular AI platforms to drive innovative problem-solving and operational excellence in their organizations.\n Navigate potential challenges and ethical considerations associated with the use of Generative AI.\n Apply their knowledge of Generative AI to foster innovation and future readiness in their organizational landscape.\n Stay updated on the latest advancements and future trends in Generative AI\, leveraging these for ongoing improvements and innovation.\n\n  \nCPE-Related Details \n\n Prerequisites and Advance Preparation:  None. A basic understanding of computers and technology is recommended.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/artificial-intelligence-and-generative-ai-101-seminar-spring2024/ LOCATION:Virtual Event CATEGORIES:Special Seminars ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/ai_seminar_2023.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240316T083000 DTEND;TZID=America/New_York:20240406T170000 DTSTAMP:20231014T164907Z CREATED:20231014T164907Z LAST-MODIFIED:20231014T164907Z UID:31072-1710577800-1712422800@isaca-gwdc.org SUMMARY:CISA Spring 2024 Review Course DESCRIPTION:The GWDC is sponsoring an intensive 4-day virtual review course for the Certified Information System Auditor® (CISA®) exam.  This review course will provide practical advice on preparing for the CISA exam and specific instruction regarding the job practice areas addressed by CISA as defined by ISACA® Global. The dates of this course are four (4) consecutive Saturdays: March 16\, 23\, 30\, and April 6\, 2024 from 8:30 am to 5 pm Eastern. \nThis event is intended for anyone sitting for the CISA Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on March 15\, 2023 @ 3pm.  \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nAgenda \n\nDay 1 \n\n\nModule 1 – The Process of Auditing Information Systems \nModule 2 – Governance and Management of IT \n\n\nDay 2 \n\n\nModule 3 – Information Systems Acquisition\, Development\, and Implementation \n\n\nDay 3 \n\n\nModule 4 – Information Systems Operations\, Maintenance\, and Support \n\n\nDay 4 \n\n\nModule 5 – Protection of Information Assets \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISA exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISA Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISA Review Manual and the CISA Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n CISA Review Manual\n CISA Review Questions\, Answers & Explanations Manual\n CISA Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISA page as part of their study program.  \n  \nInstructors \n\n \n\n\nJim Wiggins\nFounder and Principal @ Securible\, LLC\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security\, FITSP-M \nJim has over 26 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 21 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS ). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n\n \n\n\nTyler Harding\nSenior Manager @ Amazon Supply Chain \nCPA\, CISA\, CISM\, CISSP\, CAP\, GGEIT\, FITSP:A\, FITSP:M \nTyler Harding is a Senior Manager and leads a commercial and DoD compliance program at Amazon Supply Chain (supplychain.amazon.com). The Compliance team’s goal is to earn customer’s trust and maintain compliance with multiple information security certifications such as ISO 27001\, AICPA SOC 2\, HiTRUST\, and NIST SP 800-171. Prior to his role at Amazon Supply Chain\, Tyler was the DoD Security and Compliance Manager for AWS and led efforts to accredit AWS cloud services to Impact Levels 4 and 5 under DoD’s Cloud Computing Security Requirements Guide (CC SRG). \nBefore joining Amazon in 2019\, Tyler spent over 20+ years in public accounting firms such as PWC\, KPMG\, and Kearney & Company in their respective IT audit practices and led engagement teams through many SOC 1\, FISMA\, and financial statement audits. \nAs a recovering IT auditor\, Tyler now enjoys his Summers and Falls swimming\, cycling\, and playing an occasional round of golf! Tyler has also supported the ISACA Greater Washington D.C. Chapter for over 20 years by teaching CISA\, CISM\, and CGEIT review courses. \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Microsoft Teams.  \n The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 32 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n Learning Objective: After completing the course\, students will be prepared to sit for the CISA exam.\n Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/cisa-spring-2024-review-course/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/cisa_spring_2024.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240301T083000 DTEND;TZID=America/New_York:20240301T160000 DTSTAMP:20240121T173212Z CREATED:20231014T162233Z LAST-MODIFIED:20240121T173212Z UID:31034-1709281800-1709308800@isaca-gwdc.org SUMMARY:Seminar - Auditing with PowerShell®: Nessus® DESCRIPTION:Nessus® is a popular vulnerability scanning tool used by organizations to identify\, assess\, and manage software vulnerabilities.  Reports generated by Nessus provide a wealth of information to auditors and security professionals about system vulnerabilities.  In addition to webpage style reports\, Nessus results can also be exported into an XML file (.nessus) that contain the full details of a scan\, including results\, scan profiles and plugins selected\, and other scan configurations.  Viewing these .nessus files\, especially if there are multiple files\, can be challenging.  However\, PowerShell®\, with its built-in capabilities for parsing XML files\, is an excellent tool for extracting information from one or many files.  Anyone who uses information in Nessus files will find PowerShell to be a critical tool in working with Nessus.   \nThis one-day hands-on virtual class will provide students with the PowerShell commands and approach to import\, identify scan and scan results information\, and export this information into a workpaper-friendly CSV file.  Auditors and security professionals who need to work with Nessus data offline\, or import into other tools\, will benefit from attending this course. \nThis course builds on the concepts presented in the Seminar – Introduction to Auditing with PowerShell®. \nRegistration closes on February 29\, 2024 @ 5pm. \nRegister Today! \n  \nAgenda \nMorning Topics \n\n Overview of Nessus and PowerShell\n Navigating Nessus XML Files (including hands-on practice)\n Working with Nessus Scan Policy Details section of Nessus files (including hands-on practice)\n Working with Nessus Scan Results Details section of Nessus files (including hands-on practice)\n\nAfternoon Topics \n\n Walkthrough of PowerShell script for working with Nessus files\n Practice executing PowerShell script\n Troubleshooting Tips\n Practice Exercises\n\n  \nMaterials Provided During the Seminar \nEach student attending the seminar will be provided: \n\n Presentation materials\, which include detailed examples\n Practice Nessus files\n PowerShell script for working with Nessus Files\n Answers to Practice Exercises\n Link to the seminar recording\, good for 30 days after the seminar\n\n  \nInstructor \n\n \n\n\nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 29 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 17+ years\, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development\, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter completing this course\, students will be able to: \n\n Read and navigate Nessus XML files\n Import data from Nessus files into PowerShell\n Analyze and export Nessus data to CSV files \n\n  \nCPE-Related Details \n\n Prerequisites: Students should be familiar with using PowerShell and working with Nessus.\n Advance Preparation: The instructor will provide materials during the Zoom. Students can follow along with the instructor in executing PowerShell commands during the course.\n Program Knowledge Level: Intermediate\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/auditing-with-powershell-nessus/ LOCATION:Virtual Event CATEGORIES:Special Seminars ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/auditing_powershell_nessus-1.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240222T083000 DTEND;TZID=America/New_York:20240222T123000 DTSTAMP:20240221T152229Z CREATED:20231029T214309Z LAST-MODIFIED:20240221T152229Z UID:31262-1708590600-1708605000@isaca-gwdc.org SUMMARY:Emerging Technology Conference 2024 DESCRIPTION:The ISACA Greater Washington DC (GWDC) is proud to host our annual Emerging Technology conference. This conference is part of our monthly events. \nFraud and cybersecurity professionals\, IT advisory or audit professionals\, business executives\, students or professionals interested in learning more about new and emerging technologies should attend this event. \nRegistration closes on February 21\, 2024 @ 5pm.  \nRegister Today! \n  \nAgenda \n \n\n08:30 AM – 09:30 AM \n\n\nThe Impact of Emerging Technologies on Teams of the Future \nPresenter: Michael Wasielewski (Capgemini) \nCyber security professionals have evolved over the decades and today’s emerging technologies have put us at another inflection point\, where the skills that serve us well now are not necessarily the same skills that we will need in the future. Frameworks and technologies like Zero Trust\, Automation with AI\, and now Generative AI are creating new opportunities for us to be more efficient and deliver better results\, but only if we know how to use them. This discussion will center around how these technologies impact the people and teams expected to use and secure them\, and how you can upskill yourself and your teams as these technologies support\, not replace\, all of us. \n\n \n\n\n09:30 AM – 10:30 AM \n\n\nZero Trust Application Framework\, Building Security without a Perimeter \nPresenter: Nat Bongiovanni (NTT DATA Federal Services) \nZero-Trust is everywhere\, but how do you implement it in your applications with the flexibility and agility you need for complex authorization changes? In this presentation\, I’ll discuss how to do this by building cloud-ready Zero Trust Architecture (ZTA) applications. We will discuss the three components of Zero Trust that enable ZTA as well as the concepts and implementation of policy decision and enforcement points with examples\, covering NIST SP 800-204 a\, b\, and c. \n\n \n\n\n10:30 AM – 11:30 AM \n\n\nAI-Driven Cybersecurity: Empowering CIOs and CISOs for Enhanced Risk Management and Governance \nPresenter: Oki Mek (Microsoft) \nThe discussion will be the advent of emerging technologies\, big data\, and a diverse array of teams has amplified the complexities of cybersecurity. We will discuss how AI can empower CIOs and CISOs to do more with less by facilitating connections between people\, processes\, and technologies. AI can bridge the various entities that constitute a cybersecurity program\, such as governance\, compliance\, risk management\, change management\, incident management\, analysis\, dashboarding and reporting. Ultimately\, this session will elucidate how AI enables cybersecurity programs to manage risks in real-time and prioritize security activities. \n\n \n\n\n11:30 AM – 12:30 PM \n\n\nGenerative AI in Cybersecurity \nPresenter: Jim Wiggins (Federal IT Security Institute – FITSI) \nThis comprehensive presentation dives into the dynamic intersection of Generative AI and cybersecurity\, showcasing its transformative influence in modern digital defense strategies. It highlights how Generative AI is redefining threat detection\, streamlining policy frameworks\, and enhancing training approaches in cybersecurity. The session will also illuminate the complex ethical questions and privacy challenges posed by advanced AI technologies. Attendees will explore how these intelligent systems can be leveraged responsibly\, ensuring robust cyber defenses while maintaining ethical integrity. The discussion will include real-world applications\, demonstrating the practical impact of Generative AI in cybersecurity. This insightful exploration is designed to provide a deeper understanding of AI’s role in shaping future cybersecurity landscapes. \n\n  \nPresenters \n\n\n \n\n\nMichael Wasielewski\nHead of Cloud Security and Next-Gen Secure Architectures @ Capgemini \nMoving from outside of Washington D.C. in the US\, Michael moved to Paris joining Capgemini in December of 2021. Responsible for global cloud security and next-gen secure architecture portfolio development\, Michael brings a robust background ranging from Network Operations and Engineering\, running global Information Security teams and modernizing enterprises through their cloud and workplace journeys\, and executing as a global Cloud Security specialist. When not playing video games with his two kids or struggling to learn French\, Michael wishes he could play more golf or do some more skydiving. \n\n\n\n \n\n\nNat Bongiovanni\nCTO and CIO @ NTT DATA Federal Services\, Inc \nNat Bongiovanni is the CTO and CIO at NTT DATA Federal Services\, Inc. He is a veteran of the United States Navy with nearly 40 years of experience in the public and private sectors. Mr. Bongiovanni thrives on technical challenges and\, over the course of his extensive career\, has lent his considerable expertise to solving the most difficult challenges facing the government. \nMr. Bongiovani’s vast and varied technical acumen uniquely suits him to lead diverse teams across highly secure and regulated government environments. His thoughtful\, pragmatic nature combines with an encyclopedic knowledge of information technology to facilitate strategic growth in his current role. Under Nat’s leadership\, NTT DATA Federal Services\, the secure arm of a $1B public sector IT organization\, had grown exponentially while remaining compliant with the rules and regulations of a FOCI-mitigated organization. \nWhile it is impossible to list the many government clients impacted by Nat’s impeccable critical thinking skills and proven knowledge\, Nat and his teams have delivered successful programs at such notable government agencies as the Federal Bureau of Investigation\, Department of Homeland Security\, Defense Intelligence Agency\, Department of Interior\, and many others. Early in his career\, Mr. Bongiovanni held leadership positions at Blue Cross Blue Shield and Enterprise Rent-A-Car. \n\n\n\n \n\n\nOki Mek\nCISO @ Microsoft Federal Civilian Sector \nOki Mek recently joined Microsoft as Chief Information Security Officer for the Federal Civilian Sector. His civil servant career spans nearly 20 years inside the federal government. Oki is also a veteran of the Army National Guard\, who believes in service to others as a personal mission and purpose. Oki previously served as the Chief Information Security Officer (CISO) for Equideum Health. In his U.S Department of Health and Human Services (HHS) roles\, he served as the first appointed Chief Artificial Intelligence Officer (CAIO)\, Acting Chief Information Officer (CIO) for Office of the Secretary\, Senior Advisor to the HHS CIO\, Chief Technology Officer\, Chief Product Officer\, and Senior Information Security Manager. \n\n\n\n \n\n\nJim Wiggins\n Founder and Chief Executive Officer (CEO) @ the Federal IT Security Institute (FITSI)\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, MCSE: Security\, FITSP-M \nJim has over 26 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 21 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients. \nToday\, Jim is the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI provides a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at https://www.fitsi.org. \nJim is also the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on FITSI can be found at https://www.fitsi.org. \nAdditionally\, Jim is the Founder and Principal at Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, Jim provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). More information on Securible can be found at: https://www.securible.com. \nIn 2020\, Jim launched a TV show about cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: https://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the ongoing impact he has made in the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent topics in the emerging technologies space. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/emerging-technology-conference-2024/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/emerging-technology-2024.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20240118T083000 DTEND;TZID=America/New_York:20240118T123000 DTSTAMP:20240118T140553Z CREATED:20231029T213337Z LAST-MODIFIED:20240118T140553Z UID:31256-1705566600-1705581000@isaca-gwdc.org SUMMARY:IT Audit Conference 2024 DESCRIPTION:The ISACA Greater Washington DC (GWDC) is proud to host our annual IT Audit conference. This conference is part of our monthly conference series. \nIT professionals\, IT advisory or audit professionals\, business executives\, students or professionals interested in learning more about IT Audit should attend this event. \nRegistration closes on January 17\, 2024 @ 8pm.  \nRegister Today! \n  \nAgenda \n\n\n08:30 AM – 09:30 AM \n\n\nBuilding an API Audit Program \nPresenter: Baljeet Malhotra (TeejLab) \nAPIs benefit organizations immensely through accelerated innovations\, newer business models\, and competitive differentiation. However\, the growing API usage also means increased cybersecurity risks for enterprises. Given the importance of APIs in digital transformation at enterprises\, it is imperative for Audit Professionals to understand better various API risks that pose various challenges to their organizations. In this session\, we’ll first identify various risks that originate from within the enterprise API ecosystems. This session will then provide an overview of an API Auditing framework to manage API Risks effectively. Dr. Malhotra will also highlight best industry practices and hands-on examples for API Risk Management. \n\n\n\n09:30 AM – 10:30 AM \n\n\nUse of Agile Methodology in IT Audit \nPresenter: Jack Doyle (Kearney & Company) \nWhile Agile delivery approaches are normative in software development\, auditor and consultant usage is a mixed bag. This presentation is meant to inform assessors considering a change in project management style by describing agile\, reviewing key tenets of implementation\, and discussing experience using agile for assessments. The presentation should answer questions such as: \n\n What is the value of changing from the existing approach?\n How is this different from any other corporate project management vocabulary?\n How and why does your team discuss project status?\n What project management activities result in changes to delivery?\n What are the use cases where this approach is best suited and how do you implement them?\n\n\n\n\n10:30 AM – 11:30 AM \n\n\nPrioritizing Enterprise Risks Using Data Normalization with Ken Squires \nPresenter: Ken Squires (Sikich) \nMany organizations have competing risk assessment remediation priorities with business objectives and regulatory requirements that are difficult to compare. Normalization techniques can collect and aggregate numerical risk values into comparable data to ensure the organization’s IT resources\, legal team\, C-Level executives\, and key stockholders can jointly prioritize the implementation of controls needed to mitigate risk to a reasonable level. \nAttendees will learn: \n\n Define acceptable risk criteria that can be utilized as a data normalization technique\n View a sample risk register populated with results from different assessments that have gone through the risk data normalization process.\n\n\n\n\n11:30 AM – 12:30 AM \n\n\nAdaptive Cybersecurity Risk Assessments \nPresenter: Gideon Rasmussen (Cybersecurity Management Consultant) \nThis session provides practical cybersecurity assessment advice. It details the end-to-end process\, including scoping\, 9 steps to develop work papers\, scheduling\, on-site assessment\, report preparation\, and presentation. \nThe first assessment example leverages the NIST Cybersecurity Framework to ensure coverage across security domains. Sample scoping questions will be provided\, along with tips and examples to add controls based on business processes\, insider threat\, privacy\, and fraud. \nThis session also addresses follow-on assessments. Attendees are encouraged to evaluate lines of business and to take deep dives into critical functions. Tips and examples are provided to leverage best practices\, creating specific testing procedures. \nRather than repeating the same assessment year-over-year\, the scoping methodology is risk opportunistic. There is a focus on areas that have not been evaluated recently and areas that may require enhanced controls due to the presence of valuable data. Albert Einstein’s quote applies here: “The definition of insanity is doing something over and over again and expecting different results”. \nThe session will briefly walk through the assessment report framework\, providing tips along the way. \nThe assessment presentation phase includes a slide deck framework covering: the threat landscape\, assessment methodology\, high and moderate-high findings\, a Strengths\, Weaknesses\, Opportunities and Threats (SWOT) slide and next steps. \n\n  \nPresenters \n  \n\n\n \n\n\nDr. Baljeet Malhotra\nFounder & CEO of TeejLab \nDr. Baljeet Malhotra is an award-winning researcher and a global tech leader known for his work in Open Source and API Risk Management. He founded TeejLab in 2019 and steered the team to build API Discovery and Security™\, world’s first end-to-end API Risk Management platform. Prior to TeejLab\, he established the R&D unit of Black Duck Software in 2016 (acquired by Synopsys). He also served as Research Director at SAP and Senior Software Engineer at MahindraTech. He received a PhD in Computing Science from the University of Alberta and won several awards including NSERC (Canada) scholar and Global Young Scientist (Singapore). He concurrently holds Adjunct Professor positions at the University of British Columbia\, University of Victoria and University of Northern BC. He has given numerous talks globally that were organized by ISACA\, ISSA\, IIA\, ISC2\, OWASP and other organizations. \n \n\n  \n\n\n \n\n\nJack Doyle\nPrincipal @ Kearney & Company\nCPA\, CGFM\, CISA\, CISSP \nJack Doyle has 12 years of experience across financial statements\, IT controls audit\, GRC consulting\, and GRC software implementation. Jack is a Principal at Kearney & Company\, where he currently supports OCIO GRC clients at the National Institute of Health\, following experience in the HHS\, DHS\, DoD\, and Intel communities. \nJack is a proud graduate of Virginia Tech\, where he majored in accounting and philosophy. Jack grew up in northern Virginia but is loyal to his Massachusetts family roots for all things sports\, especially the Boston Celtics. Jack holds the following certifications: CPA\, CGFM\, CISA\, and CISSP. \n  \n\n\n\n \n\n\nKen Squires\nPartner of Governance\, Risk & Compliance @ Sikich\nCDPSE\, CISA\, CISSP\, CRISC\, HCISPP\, NSA IAM \nKen Squires is a Partner of Governance\, Risk\, and Compliance (GRC) at Sikich\, a leading professional services firm that helps clients achieve their goals in the digital age. With more than 26 years of risk management experience and multiple credentials\, such as CISSP\, HCISPP\, and CRISC\, he offers unparalleled strategic guidance to clients as they work to complete organizational cybersecurity objectives and navigate complex compliance requirements. \nAs a virtual Chief Information Security Officer (vCISO) for several companies\, he has managed multiple information security management systems based on ISO 27001\, NIST\, HITRUST\, HIPAA\, and PCI standards. He has also led internal and external vendor due diligence assessments\, presented findings and remediation projects to C-level sponsors and executive leadership teams\, and designed and implemented security policies and incident response plans. He has contributed intellectual capital to Sikich’s Professional Services Framework\, including reporting\, checklists\, templates\, testing methods and techniques\, and research. Ken’s mission is to help clients protect their data\, assets\, and reputation from cyber threats and regulatory risks. \n \n\n  \n\n\n \n\n\nGideon Rasmussen\nCybersecurity Management Consultant\nCISSP\, CRISC\, CISA\, CISM\, CIPP \nGideon Rasmussen is a Cybersecurity Management Consultant with over 20 years of experience in corporate and military organizations. Gideon has designed and led programs including Information Security (as a CISO)\, PCI – Payment Card Security\, Third Party Risk Management\, Application Security and Information Risk Management. Has diverse industry experience within banking\, insurance\, pharmaceuticals\, DoD/USAF\, state government\, advertising and talent management. \nGideon has authored over 30 information security articles. He is a veteran of the United States Air Force\, a graduate of the FBI Citizens Academy and a recipient of the Microsoft Most Valuable Professional award. Gideon has also completed the Bataan Memorial Death March (4 occurrences). \n \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent topics in the IT Audit space. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/it-audit-conference-2024/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/conference_itaudit_2024.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231207T083000 DTEND;TZID=America/New_York:20231207T123000 DTSTAMP:20231206T180223Z CREATED:20231029T212110Z LAST-MODIFIED:20231206T180223Z UID:31252-1701937800-1701952200@isaca-gwdc.org SUMMARY:Security and Risk Trends - Recap of 2023 with a Look ahead to 2024 DESCRIPTION:The ISACA Greater Washington DC (GWDC) proudly hosts the 2023 Security and Risk Trends conference. This seminar will recap cybersecurity and risk trends noted/experienced in 2023 and look ahead to what to expect in 2024. This virtual conference is part of our monthly conference series. \nBusiness leaders and managers\, executives\, technologists\, professionals\, and students\, interested in staying current in the field of cybersecurity and risk governance should attend this conference. \nRegistration closes on December 6\, 2023 @ 2pm.  \nRegister Today! \n  \nAgenda \n\n\n08:30 AM – 09:30 AM \n\n\n2023 Unlocked\, 2024 Unleashed \nPresenter: Sushila Nair (Capgemini) \nIn a world where cybersecurity threats are evolving rapidly\, understanding the landscape of the past and anticipating future challenges is crucial for organizational resilience. “2023 Unlocked\, 2024 Unleashed: Navigating the Future of Security and Risk” is a comprehensive presentation that delves into the significant security trends in 2023\, evaluates effective strategies for security budget allocation\, and forecasts the security and risk management landscape for 2024. \nThis presentation will recapitulate critical security incidents and technological advancements of 2023\, highlighting how they have reshaped the security domain. It will also delve into strategies for effective budget allocation in security spending\, providing insights into optimizing resources for maximum protection. The presentation will offer predictions for 2024\, focusing on anticipated threats\, emerging technologies\, and financial planning strategies. Attendees will leave with a holistic understanding of the security field and actionable strategies for the upcoming year. \nThis presentation aims to equip attendees with a thorough understanding of the current security environment and provide them with the tools and knowledge needed to prepare for the future effectively. \n\n\n\n09:30 AM – 10:30 AM \n\n\nSecuring Tomorrow’s Future in Education \nPresenter: VJ Rao (Fairfax County Public Schools) \n“Securing Tomorrow’s Future in Education” is a crucial exploration into the cybersecurity challenges and strategies within the K-12 education sector\, emphasizing the experiences of Fairfax County Public Schools. This presentation navigates the intricate digital ecosystem of today’s educational environment\, unraveling the complexities of maintaining a secure and resilient cyber infrastructure in a large and diverse school system. \nThe talk will discuss the state of K-12 cybersecurity and spotlight the recent trends and unique threats that schools face\, from protecting sensitive student data to ensuring safe digital learning spaces. It will also delve into the risks and vulnerabilities inherent in the educational sector’s technology use\, discussing how to safeguard effectively against breaches and cyber threats while prioritizing student privacy and safety. \n\n\n\n10:30 AM – 11:30 AM \n\n\nThe Digital Trust Gap: How Cyber Pros Break Silos to Advance Digital Trust \nPresenter: Pam Nigro (Medecision) \nDigital trust is sometimes misunderstood as a cybersecurity function; it’s really a part of an ecosystem that harnesses privacy\, quality\, assurance\, risk\, and governance to strengthen your enterprise and consumer trust. Learn how cyber professionals can communicate and collaborate with other IT functions in the digital trust ecosystem\, and gain access to a new digital trust ecosystem framework. \n\n\n\n11:30 AM – 12:30 PM \n\n\nPanel Discussion: Navigating the Shifting Cybersecurity Landscape: Insights from Top CISOs \nModerator: Ruchi Shewaramani \nPanelists: Lakshmi Hanspal\, Anne Saunders (Capgemini)\, and Zac Warren (TANIUM) \nCybersecurity is a critical pillar of organizational resilience and operational integrity in a rapidly evolving digital world. The panel discussion “Navigating the Shifting Cybersecurity Landscape: Insights from Top CISOs\,” part of the “Security and Risk Trends – Recap of 2023 with a Look Ahead to 2024” conference\, promises to offer unparalleled insights into the world of cybersecurity as seen through the eyes of experienced Chief Information Security Officers. \nThis 50-minute session will bring together a panel of distinguished CISOs and former CISOs from various industries to discuss and dissect the significant cybersecurity events and trends 2023. The panelists will share their firsthand experiences\, challenges\, and successful strategies implemented in their organizations. This retrospective look will provide valuable lessons learned and insights into the evolving nature of cyber threats and defense mechanisms. \n\n  \nPresenters \n\n\n \n\n\nSushila Nair\nVice President – North American Cybersecurity Practice @ Capgemini \nCISSP\, GIAC GSTRT\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is Capgemini’s Vice President\, North American Cybersecurity practice. Capgemini is a global leader in providing secure digital transformation for our clients. Sushila has most recently served as the Vice President for cybersecurity offers at NTT Data Services and has held the role of a CISO for 10 years. Sushila has over 30 years of experience in computing infrastructure\, business and security risk analysis\, preventing credit card fraud\, and served as a legal expert witness. Sushila has been featured in global technical events including RSA\, Segurinfo and ISACA’s global conferences\, co-authored books and is regularly quoted in the press. She plays an active role in supporting best practices and skills development within the cybersecurity community through her work with ISACA and CSA. \nSushila is part of the ISACA global emerging trends working group. Sushila Nair was named by IT Security Guru as one of the Most Inspiring Women in Cyber 2022! Sushila is also the current Vice President of the ISACA Greater Washington D.C. Chapter. \n \n\n\n\n \n\n\nVJ Rao\nDirector of Cybersecurity @ Fairfax County Public Schools \nVJ Rao currently oversees information security for Fairfax County Public Schools (FCPS). He is a widely respected cyber-security leader who joins the school division with over 20 years of experience. He also served as the Chief Information Security Officer for the 2016 and 2020 Presidential and Vice-Presidential Debates. \nBefore FCPS\, VJ worked at the Washington Metropolitan Area Transit Authority (WMATA) and served as Deputy Chief Technology Officer at the National Democratic Institute. As an industry expert on cyber risk\, VJ has conducted several security audits and risk assessments for organizations ranging from large banks to federal\, local\, and state governments. He regularly speaks on security matters\, and his efforts have been profiled in several technology articles. \n\n\n\n \n\n\nPam Nigro\nVice President of Security and Security Officer @ Medecision\nCRMA\, CISA\, CGEIT\, CRISC\, CDPSE \nPamela (Pam) Nigro\, CRMA\, CISA\, CGEIT\, CRISC\, CDPSE\, was recently named Security’s 2023 Top Cybersecurity Leaders by Security Magazine. Ms. Nigro serves on the Board of Directors for ISACA as Director\, where she was the Chair from 2022 2023. Presently\, Ms. Nigro is Vice President of Security at Medecision where she is responsible for all cyber security efforts that secure and protect information important to Medecision and its customers\, while ensuring the overall cyber resiliency of the company. Ms. Nigro is also an Adjunct Professor at Lewis University in Illinois where she teaches in the MSIS and MBA programs. Ms. Nigro has achieved her MBA from Illinois Institute of Technology. She has more than 25 years of experience in the healthcare industry and the information technology industry and holds numerous IT certifications. \n\n\n\n \n\n\nRuchi Shewaramani\nChief Information Security Officer at WA Health Benefit Exchange \nRuchi Shewaramani is a cyber security executive with 15+ years of experience in Information Technology Security\, Identity and Access Management (IAM)\, Governance\, Risk and Compliance (GRC) across Healthcare\, Education and Financial institutions. She holds a Masters in Software Engineering from Seattle U. In the last decade\, she has managed the security program for various Health and Human Services Agencies in the District of Columbia (DC) and Washington state and successfully cleared numerous federal audits. She specializes in leading HealthCare agencies to secure their data\, be compliant with state/federal partners and provide digital trust to the citizens they serve. She is currently serving as the Chief Information Security Officer for WA Health Benefit Exchange and as a Board member for ISACA Greater Washington DC Chapter. \n\n\n \n\n\nLakshmi Hanspal \nLakshmi Hanspal is the former Chief Information Security Officer of Amazon Devices and Services\, leading the Trust and Security team across multiple security and privacy domains\, including Cyber\, Customer\, Product\, Platform\, Risk and Assurance\, Compliance\, Data Protection\, and Finance. Lakshmi is a persuasive and recognized executive leader who provides transformational leadership for security strategies\, emphasizing cloud security\, risk\, and privacy management. She has a strong ability to engage with customers and senior-level executives across the organization and influence buy-in and consensus on key initiatives. Lakshmi is passionate about securing digital transformation\, IoT security\, and supporting socially conscious connected commerce. She actively engages and promotes Women in technical leadership roles and develops early talent for diversity within teams. Lakshmi is a catalyst and harbinger of change within her professional and volunteering circles. \nBefore joining Amazon\, Lakshmi was the Global CSO at Box\, where she protected a large dynamic cloud content platform with more than 100k+ customers. Lakshmi has also held leadership roles at SAP\, PayPal\, and Bank of America. Her career spans across 26+ years in Information Security and risk management\, with 16+ years in the financial and payment space. \nLakshmi is a graduate of Boston University with a Masters in Computer Science. She is an actively sought-after advisor and investor in Silicon Valley. She serves on the Advisory Boards and Board of Directors of innovative mission-based organizations and non-profits\, ready for growth and scale. She lives in California’s Bay Area with her family and is an active volunteer within the community in youth sports. \n\n\n \n\n\nAnne Saunders\nGlobal Director\, Cybersecurity Technology Partnerships @ Capgemini  \nAs a senior executive\, Anne’s career encompasses more than 15 years of cybersecurity experience working in various capacities including leadership\, solution design\, sales engineering and business development. Anne has worked to bring cybersecurity solutions to a variety of verticals including retail\, financial services\, manufacturing and technology. \nIn her current role for Capgemini\, (formerly Leidos Cyber)\, Saunders manages the global cybersecurity channel and technology portfolio. With a deep understanding of the entire cybersecurity life cycle\, she actively assists in bringing the right mix of technology\, value and solution design to help multimillion dollar enterprises with their cybersecurity roadmap and solution decision-making. Saunders also takes an active role in the cybersecurity community speaking at various conferences throughout the year\, including the RSA conference and Blackhat. \nPrior to\, and during her current role\, Saunders has sat on numerous advisory boards ranging from start-ups to regionally established security firms. Her knowledge of business operations and value-building\, coupled with her engineering and security operations background give her a unique ability to understand the business landscape to execute the correct cybersecurity strategies. \n\n\n \n\n\nZac Warren\nChief Information Security Advisor EMEA @ TANIUM \nZac Warren\, Chief Security Advisor in EMEA\, is a seasoned cybersecurity professional with a rich background in IT. Beginning as a senior security analyst at a leading security company\, Zac evolved into a cybersecurity architect and consultant for major system integrators. His career has been marked by transformative contributions\, assisting government agencies and Fortune 100 companies in restructuring security frameworks. Currently spearheading Tanium’s cybersecurity endeavors in EMEA\, Zac is dedicated to developing and supporting the company’s cybersecurity business as well as guiding organizations to stay ahead in the ever-evolving realm of cybersecurity. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent topics in the cybersecurity and risk governance space. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/security-risk-trends-2023/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/10/conference-security-trends-2023.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231203T150000 DTEND;TZID=America/New_York:20231203T180000 DTSTAMP:20231031T001144Z CREATED:20231031T001144Z LAST-MODIFIED:20231031T001144Z UID:31271-1701615600-1701626400@isaca-gwdc.org SUMMARY:Holiday 2023 Social Event DESCRIPTION:The GWDC will be hosting our Holiday Social event at The Board Room in Arlington\, VA.  Join us for a few hours and relax.  There is no agenda\, just come out\, have a few drinks on us\, and socialize with fellow members.  \nA raffle held at the end of the event. \nRegistration closes on December 1 @ 3 pm. \nRegister Today! \n  \nVenue Information \nThe Board Room\n925 N. Garfield Street\nArlington\, VA 22201 \nParking Information\nThere is street parking near the restaurant.  Parking is also available at the nearby Colonial Parking garage. \nNearest Metro\nThe restaurant is a short walk from Clarendon Metro Station \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  URL:https://isaca-gwdc.org/event/holiday-2023-social-event/ LOCATION:The Board Room\, 925 N. Garfield Street\, Arlington\, VA\, 22201\, United States CATEGORIES:Social Events ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/fall2023_social.png ORGANIZER;CN="Sushila Nair":MAILTO:marketing@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231130T083000 DTEND;TZID=America/New_York:20231201T160000 DTSTAMP:20231129T154920Z CREATED:20231001T154651Z LAST-MODIFIED:20231129T154920Z UID:30989-1701333000-1701446400@isaca-gwdc.org SUMMARY:Seminar - Introduction to Auditing with PowerShell® DESCRIPTION:Auditors and IT professionals work with large amounts of data\, requiring the need for a variety of tools to help them obtain\, review\, analyze\, and/or export this data. One of the most versatile (and free) tools for working with data is PowerShell®\, which is included with the Windows OS. While designed as a systems administration tool\, it also has powerful capabilities that auditors and IT professionals can use.  \nThis two-day hands-on virtual seminar is designed for auditors and IT professionals who want to learn how to use PowerShell® in performing audits or data analysis projects. \n\n On Day 1\, students will learn the basics of PowerShell\, including commands to import\, view\, summarize\, and export data\, such as CSV\, XML\, Word\, Excel\, and text. Students will also be provided an overview of how PowerShell can be used to obtain data from Windows Event Logs\, Active Directory\, Azure Active Directory\, and other data sources.\n On Day 2\, students will learn commands for analyzing and working with data imported into PowerShell as well as an overview of scripting commands and concepts.\n\nThroughout the seminar\, students will have the opportunity to use the commands presented through hands-on exercises. \nTo understand the instructor’s perspective on how PowerShell can be used in audits and projects\, read his article on Why Auditors Should Be Using PowerShell®. \nRegistration closes on November 29\, 2023 @ 8pm. \nRegister Today! \n  \nAgenda \n\n\nDay 1 \n\n\n\n Overview of PowerShell\n Basics of using PowerShell commands\n PowerShell commands to import\, summarize\, view\, and export CSV data\n Overview of using PowerShell to import data from:\n\n\n XML and text files\n Windows event logs\n Word and Excel files\n Active Directory\n Azure Active Directory\n\n\n Hands-on exercises\n PowerShell resources and recap\n\n\n\n\nDay 2 \n\n\n\n Working with data in PowerShell\n Hands-on practice in working with data\n Scripting basics\n Hands-on practice in scripting\n Troubleshooting scripts\n\n\n  \nInstructor \n\n \n\n\nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 28 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 17+ years\, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development\, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 14 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter completing this course\, students will have basic skills to use PowerShell to import\, analyze\, and output data. Students will also have an awareness of potential data sources that PowerShell can be used with. \n  \nCPE-Related Details \n\n Prerequisites: Students should be familiar with using Windows and using CSV files.\n Advance Preparation: The instructor will provide materials in advance of the course that should be saved to the student’s computer. Students can follow along with the instructor in executing PowerShell commands during the course.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/seminar-introduction-to-auditing-with-powershell-fall2023/ LOCATION:Virtual Event CATEGORIES:Special Seminars ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2022/12/ps_seminar-e1678063263304.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231026T180000 DTEND;TZID=America/New_York:20231026T200000 DTSTAMP:20231018T214507Z CREATED:20230917T141234Z LAST-MODIFIED:20231018T214507Z UID:30885-1698343200-1698350400@isaca-gwdc.org SUMMARY:Fall 2023 Social Event DESCRIPTION:The GWDC will be hosting our Fall Social event at The Board Room in Arlington\, VA.  Join us for a few hours and relax.  There is no agenda\, just come out\, have a few drinks on us\, and socialize with fellow members.  \nA raffle held at the end of the event. \nRegistration closes on October 25 @ 3 pm. \nRegister Today! \n  \nVenue Information \nThe Board Room\n925 N. Garfield Street\nArlington\, VA 22201 \nParking Information\nParking validation at Colonial Parking garage \nNearest Metro\nThe restaurant is a short walk from Clarendon Metro Station \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  URL:https://isaca-gwdc.org/event/fall2023_social/ LOCATION:The Board Room\, 925 N. Garfield Street\, Arlington\, VA\, 22201\, United States CATEGORIES:Social Events ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/fall2023_social.png ORGANIZER;CN="Sushila Nair":MAILTO:marketing@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231026T083000 DTEND;TZID=America/New_York:20231026T123000 DTSTAMP:20231029T161617Z CREATED:20230917T140521Z LAST-MODIFIED:20231029T161617Z UID:30901-1698309000-1698323400@isaca-gwdc.org SUMMARY:Cybersecurity 2023 Conference DESCRIPTION:The GWDC is proud to host its annual cybersecurity conference. This virtual conference is part of our monthly conference series. \nBusiness leaders and managers\, executives\, technologists\, professionals\, and students\, interested in staying current in the field of cybersecurity should attend this conference. \nRegistration closes on October 25\, 2023 @ 12pm.  \nRegister Today! \n\nDate Change for this event! \nPlease note that this event is now scheduled to be held on October 26\, 2023. The event was previously advertised to occur on October 12th. \n\n  \nAgenda \n\n08:30 AM – 09:30 AM \n\n\nUsing Generative AI to Strengthen Cybersecurity – How IT professionals can balance its risks and rewards \nPresenter: Nirali Chawla (KPMG US) and Joseph Klimavicz (KPMG US) \nGenerative AI is a game-changing technology\, offering innovative ways to engage users and generate content with deeper insights. It is opening up entirely new avenues for improving experiences\, delivering new value streams and transforming business models. KPMG will discuss some opportunities for generative AI to enable cybersecurity to help business leaders harness the power of AI and associated risks to accelerate time-to-value in a trusted manner – from strategy and design through implementation and ongoing operations. \n\n\n09:30 AM – 10:30 AM \n\n\nViews from the Cloud: Cybersecurity and the Next Regulatory Frontier \nPresenter: Alexis Robinson (AWS) \nTopic description to be posted soon! \n\n\n10:30 AM – 11:30 PM \n\n\nSecurity Assessments – Pathway to Zero Trust \nPresenter: Albert E. Whale (Capgemini America) \nIn the presentation titled “Security Assessment – Pathway to Zero Trust\,” we delve into the evolving cybersecurity landscape\, emphasizing the insufficiencies of traditional Security Assessments and the necessity for a more robust approach\, the Zero Trust Model. Rooted in the principle “Never Trust\, Always Verify\,” Zero Trust demands no inherent trust\, advocating for micro segmentation and continuous monitoring. \nOur exploration underscores the role of security assessments in successfully transitioning to this model\, encompassing tasks like mapping current infrastructure\, pinpointing sensitive data\, reviewing policies\, designing segmented access\, and implementing real-time monitoring. By addressing challenges such as organizational resistance and technological integration\, and highlighting the overarching benefits of an enhanced security posture\, we aim to provide attendees with a comprehensive overview and a roadmap to begin their Zero Trust journey. \n\n\n11:30 AM – 12:30 PM \n\n\nWorking backwards with AWS Customer Compliance Guides to accelerate security assessments \nPresenter: Kevin Donohue (AWS) \nThe rapid increase in the number of innovative cloud service offerings has blurred the lines between traditional cloud service models like IaaS\, PaaS and SaaS. When looking at cloud services through the lens of compliance\, categorizing them becomes less important than applying the shared responsibility model to security control requirements. Establishing a clear understanding of security responsibilities based on the services in your workload is key to reducing compliance challenges. \nIn this presentation\, we’ll demonstrate how AWS Customer Compliance Guides make shared responsibility and compliance easier for customers interpret and integrate into their organization’s cloud strategy. We’ll demonstrate how the approach of working backwards from the security options you have for each service and mapping them to security standards can help accelerate your compliance initiatives. \n\n  \nPresenters \n\n \n\n\nNirali Chawla\nManaging Director\, Federal Advisory Services @ KMPG US\nCISSP\, CISA\, CRISC\, CAP\, ITIL\, and Six Sigma Green Belt \nNirali Shah Chawla is a Managing Director in KPMG’s Federal Advisory practice with more than 20 years of experience providing a wide range of services to private and public sector clients including financial and information technology audit readiness services\, information assurance and Cyber security services\, Governance\, Risk & Compliance implementations and programs\, Cloud Computing and transformation consulting services. Ms. Chawla currently leads some of the largest federal agencies at the brink of transformational change and growth\, leveraging her knowledge of existing and emerging technologies to uncover IT opportunities for business process and internal controls improvements. Ms. Chawla is the co-author of NIST Special Publication 800-137\, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations\, and holds certifications such as the CISSP\, CISA\, CRISC\, CAP\, ITIL\, and Six Sigma Green Belt. Ms. Chawla is a recognized industry leader in the Information Technology Risk Management and transformation field\, speaking at industry conferences and instructing training seminars. \nMs. Chawla is the ISACA GWDC Director of Marketing\, AFCEA Scholarships Education Committee Chair\, Member of Cyber Council for INSA and on the Steering Committee for a non-profit organization\, Vicente Ferrer Foundation (VFF). She is also a member of the following organizations: ASMC\, NAASA and Women in Technology (WIT). \n\n\n \n\n\nJoseph Klimavicz\nManaging Director\, Federal Advisory Services @ KMPG US \nMr. Joseph Klimavicz joined KPMG LLP as a Managing Director in March 2020. In this position\, he leads the Federal Technology Advisory practice and helps government clients implement digital transformations and deal with rapidly changing technology\, growing complexities from budget constraints\, competing agendas\, and continuous attacks on their information infrastructure. \nMr. Klimavicz previously served as the Department of Justice (DOJ) Deputy Assistant Attorney General and CIO from May 2014 until March 2020. In this position\, he provided leadership and oversight of the Department’s information and technology programs and implemented large-scale and complex digital transformations. He also served as DOJ’s Chief Data Officer\, Senior Agency Official for Geospatial Information\, and executive responsible for both radio frequency spectrum and all technical standards. In addition\, he served as vice-chair of the Federal CIO Council. \nMr. Klimavicz’s 37-year career in the federal government began with the Central Intelligence Agency (CIA) as an imagery scientist. He subsequently served in line management positions within the CIA and the Department of Defense (DOD) leading information technology programs\, to include serving as the National Geospatial-Intelligence Agency Deputy CIO. Mr. Klimavicz also served as National Oceanic and Atmospheric Administration (NOAA) CIO and Director\, High Performance Computing and Communications from January 2007 until May 2014. \n\n\n \n\n\nAlexis Robinson\nSenior Manager\, Industry Specialist @ AWS\nCISA\, PMP\, MBA \nAlexis Robinson is a Senior Manager\, Industry Specialist for Amazon Web Services (AWS) Security Assurance in the Washington\, DC area. For the past 15 years\, she has served her clients\, buyers of the cloud\, and AWS Partners by enabling strategies based on security best practices\, collaborating for thought leadership\, solving problems\, and conducting cybersecurity and financial assessments. She graduated with double Bachelors of Science degrees in Accounting and Information Systems from the Robert H. Smith School of Business at University of Maryland\, College Park. She most recently graduated from Quantic with an Executive Masters in Business Administration. She has worked at several companies including CGI Federal and Ernst & Young before finding her way to Amazon. She is a Certified Information Systems Auditor (CISA) and a Project Management Professional (PMP). \nOn her free time\, she is playing video games\, watching “Bob’s Burgers”\, “Ted Lasso”\, “Demon Slayer”\, “Abbott Elementary” and “It’s Always Sunny in Philadelphia”. She lives with her husband and son in Maryland. \n\n\n \n\n\nAlbert E. Whale\nSenior Cloud Security / Zero Trust Architect @ Capgemini America\, Inc.\nCISSP\, CEH \nAlbert E. Whale is a Certified Global Coach at Napoleon Hill Institute\, where he support others in their personal development to live their dreams. With over 20 years of experience in cybersecurity\, IT security\, and entrepreneurship\, he has a unique perspective and skill set to help clients achieve their goals and overcome challenges. \nMr. Whale is also a #1 International Best Selling Author of the sequel book #HACKED2\, written with 12 esteemed cybersecurity professionals who offer their views and insights on how to protect personal and business information from cyber threats. He is passionate about sharing his knowledge and experience with others\, and regularly speak at events\, webinars\, podcasts\, and media outlets on topics related to cybersecurity\, personal development\, and entrepreneurship. \n\n\n \n\n\nKevin Donohue\nSecurity Partner Strategist\, Global Security & Compliance Acceleration team @ AWS \nCISSP \nKevin is a Sr. Security Partner Strategist on the AWS Global Security & Compliance Acceleration team\, specializing in shared responsibility and regulatory compliance support for AWS customers and partners. Kevin began his tenure with AWS in 2019 with the AWS FedRAMP program\, where he created Customer Compliance Guides to assist U.S. government customers with their assessment & authorization responsibilities. Prior to AWS\, Kevin worked at PwC in their commercial cybersecurity practice performing risk and compliance assessments across various security standards and industries. Kevin began is security career as a security control assessor at the U.S. Department of State. Kevin holds a B.A. in Political Science and Middle Eastern Studies from Rutgers University and M.S. Management of Security Information Systems from George Mason University. \nIn his spare time\, he enjoys taking advantage of everything to do in DC area from museums to biking with his wife Shannon and daughter Madeline. Originally from New Jersey\, Kevin has been in the DMV for 12 years and currently resides in Alexandria. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent topics in the cybersecurity space. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/2023-cybersecurity-conference/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/cybersecurity_2023-1.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231019T090000 DTEND;TZID=America/New_York:20231020T170000 DTSTAMP:20230911T123034Z CREATED:20230904T145159Z LAST-MODIFIED:20230911T123034Z UID:30822-1697706000-1697821200@isaca-gwdc.org SUMMARY:Artificial Intelligence and Generative AI 101 Seminar DESCRIPTION:In this comprehensive two-day course\, participants will delve into the transformative power of Generative AI\, with a special emphasis on popular platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney. Beginning with a brief overview of Artificial Intelligence and Machine Learning\, the course will lead you through the fascinating world of Generative AI and its role in reshaping industries. Through a mix of theoretical understanding and practical hands-on sessions\, you will master the operational use of these platforms to solve real-world problems and drive innovation in your organization. The course will cover potential challenges\, ethical considerations\, and practical applications of Generative AI\, preparing you for a future-oriented\, AI-driven operational landscape. \nPlease take a moment to hear from the instructor\, Jim Wiggins\, about the course and how it will help you understand the Generative AI landscape more fully.  Jim has over 26 years of cybersecurity experience. \n \nRegistration closes on October 18 @ 3 pm. \nRegister Today! \n  \nCourse Materials\, Format\, and Schedule \nCourse Format \nThis course blends expert lectures\, interactive discussions\, and practical sessions. It fosters a collaborative learning environment and provides access to online resources for self-paced study. \n  \nCourse Schedule  \nThe course spans two days\, 7 hours each day\, inclusive of breaks. Specific scheduling will be provided closer to the course date. \n  \nCourse Materials \nParticipants will gain access to a range of course materials including online resources\, a comprehensive slide deck\, and popular AI platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney. Additional recommended readings and supplementary materials will be provided during the course. \n  \nAgenda \n\nDay 1 \n\n  \n  \n\n Introduction and Course Overview (30 minutes)\n\n\n Presenter Introduction\n Course Objectives and Outcomes\n Course Materials and Format\n\n\n History of Artificial Intelligence and Generative AI (1 hour)\n\n\n Evolution of Artificial Intelligence\n Development of Machine Learning and Deep Learning\n The Emergence of Generative AI: A Historical Perspective\n\n\n Overview of Common Generative AI Platforms (2 hours)\n\n\n Introduction to ChatGPT\, Bard\, DALLE-2\, and Midjourney\n Features and Unique Capabilities of Each Platform\n Break (15 minutes)\n Comparative Analysis: Strengths\, Weaknesses\, and Appropriate Use Cases for Each Platform\n\n\n Gaining Access to Platforms (1 hour)\n\n\n Procedures for Accessing AI Platforms\n Subscriptions\, Costs\, and Managing Organizational Access\n Break (30 minutes – Lunch)\n\n\n Introduction to Prompting (1 hour)\n\n\n Understanding Prompts and Their Role in Generative AI\n Constructing Effective Prompts: Best Practices\n\n\n Prompt Engineering (1.5 hours)\n\n\n Techniques for Advanced Prompt Engineering\n Hands-on Exercise: Crafting and Testing Prompts on Different Platforms\n Break (15 minutes)\n Review and Feedback on Prompt Engineering Exercise\n\n  \n\nDay 2 \n\n  \n  \n\n Recap of Day 1 and Overview of Day 2 (30 minutes)\n Practical Applications of Generative AI (2 hours)\n\n\n The Impact and Potential of Generative AI across Various Domains\n Real-world Use Cases and Success Stories\n Break (15 minutes)\n Exercise: Brainstorming Possible Applications in Participants’ Context\n\n\n Ethical Considerations and Risks in Generative AI (1 hour)\n\n\n Understanding the Ethical Landscape of AI\n Identifying and Mitigating Risks in Using Generative AI\n Break (30 minutes – Lunch)\n\n\n Hands-on Session: Operationalizing Generative AI (2.5 hours)\n\n\n Accessing Platforms and Setting Up for a Task\n Crafting Prompts for a Given Task\n Review and Feedback on Hands-on Exercise\n Break (15 minutes)\n\n\n Future Trends in Generative AI and Closing Remarks (1 hour)\n\n\n The Road Ahead: What to Expect from the Future of Generative AI\n Opportunities for Further Learning and Specialization\n Course Review\, Q&A\, and Feedback Session\n\n  \nInstructor \n\n \n\n\nJim Wiggins\nFounder and Principal @ Securible\, LLC\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security\, FITSP-M \nJim has over 26 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 21 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS ). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Microsoft Teams.  \n The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 14 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nLearning Objectives \nBy the end of this course\, participants will: \n\n Understand the core concepts of Artificial Intelligence\, Machine Learning\, and Generative AI.\n Familiarize themselves with popular Generative AI platforms like ChatGPT\, Bard\, DALLE-2\, and Midjourney.\n Gain practical experience in leveraging these platforms for solving organizational challenges.\n Understand the potential challenges\, ethical considerations\, and potential misuse of Generative AI.\n Explore practical applications and future trends of Generative AI within an operational framework.\n\n  \nCourse Outcomes \nUpon completion of the course\, participants will be able to: \n\n Articulate the foundational principles of AI\, Machine Learning\, and Generative AI.\n Employ popular AI platforms to drive innovative problem-solving and operational excellence in their organizations.\n Navigate potential challenges and ethical considerations associated with the use of Generative AI.\n Apply their knowledge of Generative AI to foster innovation and future readiness in their organizational landscape.\n Stay updated on the latest advancements and future trends in Generative AI\, leveraging these for ongoing improvements and innovation.\n\n  \nCPE-Related Details \n\n Prerequisites and Advance Preparation:  None. A basic understanding of computers and technology is recommended.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/seminar-ai-101/ LOCATION:Virtual Event CATEGORIES:Special Seminars ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/ai_seminar_2023.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231014T083000 DTEND;TZID=America/New_York:20231104T170000 DTSTAMP:20230905T162900Z CREATED:20230904T145021Z LAST-MODIFIED:20230905T162900Z UID:30808-1697272200-1699117200@isaca-gwdc.org SUMMARY:CISA Fall 2023 Review Course DESCRIPTION:The GWDC is sponsoring an intensive 4-day virtual review course for the Certified Information System Auditor® (CISA®) exam.  This review course will provide practical advice on preparing for the CISA exam and specific instruction regarding the job practice areas addressed by CISA as defined by ISACA® Global. The dates of this course are four (4) consecutive Saturdays: October 14\, 21\, 28 and November 4\, 2023 from 8:30 am to 5 pm Eastern. \nPlease take a moment to hear from one of the instructors\, Jim Wiggins\, about the course and how it will help you prepare for the CISA exam.  The instructors Jim Wiggins and Tyler Harding combined have over 40 years of audit\, IT\, and cybersecurity experience and are ISACA accredited instructors. \n \nThis event is intended for anyone sitting for the CISA Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on October 13\, 2023 @ 3pm.  \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nAgenda \n\nDay 1 \n\n\nModule 1 – The Process of Auditing Information Systems \nModule 2 – Governance and Management of IT \n\n\nDay 2 \n\n\nModule 3 – Information Systems Acquisition\, Development\, and Implementation \n\n\nDay 3 \n\n\nModule 4 – Information Systems Operations\, Maintenance\, and Support \n\n\nDay 4 \n\n\nModule 5 – Protection of Information Assets \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISA exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISA Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISA Review Manual and the CISA Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n CISA Review Manual\n CISA Review Questions\, Answers & Explanations Manual\n CISA Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISA page as part of their study program.  \n  \nInstructors \n\n \n\n\nJim Wiggins\nFounder and Principal @ Securible\, LLC\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security\, FITSP-M \nJim has over 26 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 21 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS ). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n\n \n\n\nTyler Harding\nSenior Manager @ Amazon Supply Chain \nCPA\, CISA\, CISM\, CISSP\, CAP\, GGEIT\, FITSP:A\, FITSP:M \nTyler Harding is a Senior Manager and leads a commercial and DoD compliance program at Amazon Supply Chain (supplychain.amazon.com). The Compliance team’s goal is to earn customer’s trust and maintain compliance with multiple information security certifications such as ISO 27001\, AICPA SOC 2\, HiTRUST\, and NIST SP 800-171. Prior to his role at Amazon Supply Chain\, Tyler was the DoD Security and Compliance Manager for AWS and led efforts to accredit AWS cloud services to Impact Levels 4 and 5 under DoD’s Cloud Computing Security Requirements Guide (CC SRG). \nBefore joining Amazon in 2019\, Tyler spent over 20+ years in public accounting firms such as PWC\, KPMG\, and Kearney & Company in their respective IT audit practices and led engagement teams through many SOC 1\, FISMA\, and financial statement audits. \nAs a recovering IT auditor\, Tyler now enjoys his Summers and Falls swimming\, cycling\, and playing an occasional round of golf! Tyler has also supported the ISACA Greater Washington D.C. Chapter for over 20 years by teaching CISA\, CISM\, and CGEIT review courses. \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Microsoft Teams.  \n The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 32 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n Learning Objective: After completing the course\, students will be prepared to sit for the CISA exam.\n Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/cisa-fall-2023-review-course/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/cisa_fall_2023-1.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231007T083000 DTEND;TZID=America/New_York:20231021T163000 DTSTAMP:20230911T123117Z CREATED:20230904T145026Z LAST-MODIFIED:20230911T123117Z UID:30818-1696667400-1697905800@isaca-gwdc.org SUMMARY:CISM Fall 2023 Review Course DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certified Information Security Manager® (CISM) Exam. The CISM® review course will provide practical advice on preparing for the CISM exam and specific instruction regarding the job practice areas addressed by CISM as defined by ISACA® Global. The dates of this course are three (3) consecutive Saturdays from October 7\, 14\, and 21\, 2023 from 8:30 am to 4:30pm Eastern. \nPlease take a moment to hear from the instructor\, Jim Wiggins\, about the course and how it will help you prepare for the CISM exam.  Jim has over 26 years of cybersecurity experience and is an ISACA accredited instructor. \n \nThis event is intended for anyone sitting for the CISM Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on October 6 @ 3 pm. \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nAgenda \n\nDay 1 \n\n\nModule 1 – Information Security Governance \nModule 2 – Information Security Risk Management \n\n\nDay 2 \n\n\nModule 3 – Information Security Program \nModule 4 – Incident Management \n\n\nDay 3 \n\n\nModule 5 – Exam Preparation Strategies \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISM exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISM Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISM Review Manual and the CISM Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n CISM Review Manual\n CISM Review Questions\, Answers & Explanations Manual\n CISM Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISM page as part of their study program.  \n  \nInstructor \n\n \n\n\nJim Wiggins\nFounder and Principal @ Securible\, LLC\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security\, FITSP-M \nJim has over 26 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 21 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS ). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nVirtual Meeting Information \n\n This event will be presented online through Microsoft Teams.  \n The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 21 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nCPE-Related Details \n\n Learning Objective: After completing the course\, students will be prepared to sit for the CISM exam.\n Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/cism-fall-2023-review-course/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/cism_fall_2023.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231007T083000 DTEND;TZID=America/New_York:20231007T170000 DTSTAMP:20240911T150804Z CREATED:20230906T163131Z LAST-MODIFIED:20240911T150804Z UID:30856-1696667400-1696698000@isaca-gwdc.org SUMMARY:CET Cloud Fundamentals Review Course: An ISACA CommunITy Giveback Event DESCRIPTION:The GWDC will be hosting a one-day virtual CET cloud fundamentals course for CommunITy Day. Earn CPEs whilst giving someone in our community a better life. All proceeds from the CET training will go to scholarships managed by One In Tech\, an ISACA Foundation. The training starts at $30 but any amount that you provide will go to helping someone in our community. Let’s help someone have a better life while learning all about the cloud. \nIndividuals with little to zero years’ experience in cloud and those seeking to increase their knowledge and skills in Emerging Technology Topics should attend this event.  It’s also intended for anyone preparing for the CET Cloud fundamentals certificate exam. \n  \nCourse Payment and Registration \nThis course is being presented as part of ISACA’s CommunITy Day\, which provides offers an opportunity to celebrate our purpose as digital trust professionals by enabling the positive potential of people. When ISACA Members\, families and friends spend a few hours one day a year giving back to their local communities\, we can truly change the world! \nPayment and registration for this course will be through One In Tech\, through the link below. A minimum donation of $30 is needed to attend the course; however\, if you would like to contribute more\, there is an opportunity to do so.  You can read about the donations that will go to OneInTech here. You can request donations to go to scholarships for universities in your area by specifying the ISACA chapter that you belong to on the donations page.  \nTo learn more about One In Tech\, an ISACA Foundation\, visit their website at https://oneintech.org/. \nRegistration confirmation emails will be sent about a week after registration.  Course details will be by the instructor prior to the event. \nRegistration closes on October 6 @ 3PM.  \n  \nRegister Today! \n  \nAgenda \nModule 1 – Cloud Computing Models \n\nCloud Components\nCloud Service Implementation Considerations\nCloud Deployment Models\nModule 2-Cloud Service Models\n\n\nSoftware as a Service\nPlatform as a Service\nSolution Stacks\nInfrastructure as a Service\n\nModule 3-Cloud Governance \n\nBusiness Drivers to Cloud \nRisks Associated with cloud solutions\nCloud Vendor Selection and Management\nPortability of Services\n\nModule 4-Cloud Service supports \n\nDistinguish between service implementation and support in the cloud\nDescribe the testing and validation requirements for post-cloud implementation\nArticulate the special role that configuration management plays in cloud computing\nIdentify resource management challenges with cloud computing implementations\n\n  \nCET Cloud Fundamentals Certificate Exam \nThe exam will be offered via Computer-Based Testing (CBT). \nRegistration for the exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CET Cloud Fundamentals Certificate and Exam Registration \n  \nExam Preparation \nFor students who wish to take the CET- Cloud fundamentals exam\, it is highly recommended that the prospective candidates should purchase the official study guide and labs here as the exam includes hands on elements. \n  \nInstructor \n\n \n\n\nSushila Nair\n Vice President – North American Cybersecurity Practice at Capgemini\nCISSP\, GIAC GSTRT\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is Capgemini’s Vice President\, North American Cybersecurity practice. Capgemini is a global leader in providing secure digital transformation for our clients. Sushila has most recently served as the Vice President for cybersecurity offers at NTT Data Services and has held the role of a CISO for 10 years. Sushila has over 30 years of experience in computing infrastructure\, business and security risk analysis\, preventing credit card fraud\, and served as a legal expert witness. Sushila has been featured in global technical events including RSA\, Segurinfo and ISACA’s global conferences\, co-authored books and is regularly quoted in the press. She plays an active role in supporting best practices and skills development within the cybersecurity community through her work with ISACA and CSA. \nSushila is part of the ISACA global emerging trends working group and vice president of ISACA Greater Washington\, D.C. Chapter. Sushila Nair was named by IT Security Guru as one of the Most Inspiring Women in Cyber 2022! \n \n\n  \nVirtual Meeting Information \n\nGroup Internet-Based. Zoom link delivered with registration.\nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\nISACA Greater Washington\, D.C. will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 8 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\nLearning Objective: After completing the course\, students will be prepared to sit for the CET exam.\nPrerequisites and Advance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/communityday-2023/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/cet_cloud_2023.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20231002T144500 DTEND;TZID=America/New_York:20231002T164500 DTSTAMP:20231003T122315Z CREATED:20230827T152204Z LAST-MODIFIED:20231003T122315Z UID:30782-1696257900-1696265100@isaca-gwdc.org SUMMARY:Proposed Changes to GAO’s FISCAM Panel Discussion DESCRIPTION:On July 20\, 2023\, GAO issued an exposure draft of the revised Federal Information System Controls Audit Manual (FISCAM). FISCAM presents a methodology for assessing the design\, implementation\, and operating effectiveness of information system (IS) controls. GAO first issued FISCAM in 1999 and last issued a revision in 2009. GAO is requesting comments on the exposure draft from federal\, state\, and local government officials; managers and auditors at all levels of government; professional organizations; public interest groups; and other interested parties. When issued in final form\, this revision will supersede the February 2009 revision. \nThis panel discussion will provide attendees with an opportunity to learn more about the proposed revisions and ask questions before the comment period ends (comments due no later than October 18\, 2023).  IT advisory or audit professionals that serve or support the Public Sector should attend this event. \nRegistration closes on October 1\, 2023 @ 12pm.   This is a free virtual event. \nRegister Today! \n  \nEvent Sponsor \nThe ISACA Greater Washington D.C. Chapter is proud to have Cotton\, A Sikich Company as the sponsor for this event.  \n \nFounded in 1981\, Cotton is a certified public accounting firm headquartered in historic Old Town Alexandria\, Virginia. Cotton has focused our practice on providing services predominantly for governmental agencies and programs\, and we have continued to expand both our client base and our range of services. Today\, Cotton provides a full range of audit\, accounting\, IT\, and management consulting services. In 2022\, Cotton was acquired by Sikich LLP\, a global company specializing in technology-enabled professional services. With more than 1\,500 employees\, Sikich draws on a diverse portfolio of technology solutions to deliver transformative digital strategies and ranks as one of the largest CPA firms in the United States. From corporations and not-for-profits to state and local governments and federal agencies\, Sikich clients utilize a broad spectrum of services and products to help them improve performance and achieve long-term\, strategic goals. \n  \nAgenda \n\n2:45 PM – 2:55 PM \n\n\nOpening Remarks \n\n\n3:00 PM – 4:40 PM \n\n\nPresentation: 2023 FISCAM Exposure Draft\, follow-up with Q&A \nModerator: \n\n Loren Schwartz\nCPA\, CISA\, CISSP\nPartner\, Cotton\, A Sikich Company\n\nPanelists: \n\n Robert Dacey\nJD\, CPA\, CGFM\nChief Accountant\, GAO\n Nicole McGuire Burkart\nCPA\, CGFM\nAssistant Director\, GAO\n\n\n\n4:40 PM – 4:45 PM \n\n\nClosing Remarks \n\n  \nModerator \n\n \n\n\nLoren Schwartz\nPartner\, Cotton\, A Sikich Company \nCPA\, CISA\, CISSP \nLoren Schwartz joined Cotton in May 2002 and was elected a partner in April 2003. Loren has more than 25 years of diversified information system audit\, financial and operational audit\, privacy\, and risk management consulting experience. He directs many of the firm’s major information technology reviews and audits. \nLoren’s experience includes directing and participating in a wide range of system reviews\, Federal Information Security Modernization Act (FISMA) audits\, financial statement audits\, process re-engineering improvement projects\, and audits of internal management controls of automated information systems. He has directed projects with clients ranging in size from start-up entrepreneurial organizations to Fortune 500 organizations. His industry experience includes both commercial and governmental clients. He also has conducted speaking engagements for well-known industry organizations on a variety of Information Technology (IT) -related topics. \nLoren holds a Bachelor of Science degree in Accounting from Virginia Polytechnic Institute and State University. He is a Certified Public Accountant (CPA)\, a Certified Information Systems Security Professional (CISSP)\, and a Certified Information Systems Auditor (CISA). He is an active member of the American Institute of Certified Public Accountants (AICPA) and the ISACA Greater Washington D.C. Chapter \n\n  \nPanelists \n\n \n\n\nRobert Dacey\nChief Accountant\, GAO\nJD\, CPA\, CGFM\n \nMr. Dacey is Chief Accountant for the United States Government Accountability Office (GAO) and a member of the Federal Accounting Standards Advisory Board. Mr. Dacey has provided leadership for significant GAO efforts in financial accounting and auditing\, as well as audits and testimony related to information security\, homeland security\, and other information technology areas. He previously served as a member of the AICPA Auditing Standards Board and the International Public Sector Accounting Standards Board\, and as Chair of the AGA’s CEAR Board. Mr. Dacey is a CPA and CGFM. He received a B.B.A.\, magna cum laude\, from the University of Cincinnati and a J.D. from the George Mason University School of Law. \n\n\n \n\n\nNicole McGuire Burkart\nAssistant Director\, GAO\nCPA\, CGFM\n \nMs. Burkart is an Assistant Director in GAO’s Financial Management and Assurance team. She leads the information system controls assessments performed in connection with multiple GAO financial audits. She is also involved in the maintenance of GAO’s audit methodologies and led the recent efforts to revise FISCAM. Ms. Burkart served on the AICPA Attestation Standards Task force to clarify the attestation standards\, supporting the issuance of SSAE No. 18 and SAS No. 130. Ms. Burkart is also an alumnus of the AICPA’s second annual Leadership Academy\, Class of 2010. Ms. Burkart is a CPA and CGFM. She received a Bachelor of Science degree\, summa cum laude\, from Elmira College. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 2 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will obtain an understanding of (1) the major proposed changes to FISCAM\, (2) the impact of such changes on IS controls assessments\, and (3) the timeframe for public exposure and next steps. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/fiscam-panel-discussion/ LOCATION:Virtual Event CATEGORIES:Panels ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/08/fiscam_panel_2023.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20230928T083000 DTEND;TZID=America/New_York:20230928T123000 DTSTAMP:20230927T230806Z CREATED:20230917T140643Z LAST-MODIFIED:20230927T230806Z UID:30895-1695889800-1695904200@isaca-gwdc.org SUMMARY:Cloud Security 2023 Conference DESCRIPTION:The GWDC is proud to partner with the DC Chapter of the Cloud Security Alliance to host its annual cloud conference\, Cloud Security 2023. This virtual conference is part of our monthly conference series. \nCloud security and enablement professionals\, IT advisory or audit professionals\, business executives\, cybersecurity professionals\, students or professionals interested in learning more about cloud security should attend this conference. \nRegistration closes on September 27\, 2023 @ 12pm.  \nRegister Today! \n  \nEvent Partner \nThe GWDC is proud to have the DC Chapter of the Cloud Security Alliance as a partner for this event.  For more information on the CSA DC Chapter\, please visit their website at https://cloudsecurityalliance-dc.org/home. \n \n  \nAgenda \n\n08:30 AM – 09:30 AM \n\n\nWho’s Vulnerable in YOUR IT Supply Chain? \nPresenter: David Barnscome (Microsoft) \n“Compromise one to compromise many.” More and more frequently\, nation-state attackers leverage the trusted relationships in an organization’s IT supply chain to achieve compromise of downstream targets. How can you take steps to protect against this type of activity? \nIn this discussion\, we’ll look at some interesting examples of how supply chain compromise has been achieved\, and what it eventually led to. More importantly\, we’ll talk about how you can assess your IT suppliers so that you can have confidence that they are taking the right steps to protect your organization’s data estate. \n\n\n09:30 AM – 10:30 AM \n\n\nThreat Intelligence Integration \nPresenter: George Alves (Defense Acquisition University) \nGeorge Alves discusses how being “threat informed” is critical in the execution of your Zero Trust capabilities and activities whether on-prem or in the cloud. From the Zero Trust Capability Roadmap: this capability requires integration of threat intelligence information and streams about identities\, motivations\, characteristics\, as well as tactics\, techniques\, and procedures (TTPs). This capability will assist Cyber Defenders be more proactive rather than reactive. \n\n\n10:30 AM – 11:30 PM \n\n\nCloud Adversarial Vectors\, Exploits\, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration \nPresenter: Dr. Mari J. Spina (CSA DC Chapter and MITRE) \nCloud security practitioners agree there’s a need for comprehensive threat-informed security guidance to address system assessment\, secure design\, cyber analytics\, and threat mitigation. Due to the rapid development of cloud technologies and service offerings\, it is also necessary to develop a forward-looking adversary perspective that identifies emerging cloud service risks along with detailed detections and mitigations for practitioners to implement. The Cloud Security Alliance (CSA) and the MITRE Corporation have established the Cloud Adversarial\, Vectors\, Exploits\, and Threats (CAVEaT™) collaboration to bring relevant content to the cloud security practitioner. This research explores today’s available frameworks with relevance to cloud systems and proposes a course of action to advance the state of the art in threat-informed security by collaborating with cloud service providers (CSPs)\, international security researchers\, and key subject matter experts. \n\n\n11:30 AM – 12:30 PM \n\n\nContinuous Compliance – Security Assessments the Cloud-Native Way \nPresenter: Michael Wasielewski (Capgemini) \nSecurity assessments for cloud environments have and continue to evolve at a dramatic rate. Just a few years ago security standards for cloud environments were difficult to understand and even more difficult to audit against. Since then\, cloud service providers and their partners have built tools to simplify auditability for their customers and auditors alike; but the pace of change in and of modern cloud environments still vexes many traditional assessment practices. In this talk\, we’ll cover how the next generation of audit tools are adopting a continuous compliance approach for evaluating cloud environments in near-real time\, and how to think differently about what artifacts can demonstrate real risk management as opposed to point in time theater. By the end of the session you’ll better understand how to approach security assessments for modern cloud environments. \n\n  \nPresenters \n\n    \n\n\nDavid Barnscome\nGlobal Partner Solutions Architect for Security\, Compliance\, and Identity @ Microsoft \nDavid is a Global Partner Solutions Architect for Security\, Compliance\, and Identity at Microsoft. In this role\, David is responsible for training and supporting Microsoft partners on the latest security compliance and identity solutions\, including Microsoft 365\, Azure and Windows. \n  \n\n\n \n\n\nGeorge Alves\nProfessor\, Enterprise Cybersecurity @ Defense Acquisition University (DAU)\nCISSP\, CEH \nGeorge Alves has over 35 years of DOD and Acquisition experience. Currently he is a Defense Acquisition University (DAU) Cybersecurity Professor. He holds a Master of Science in Cybersecurity along with various professional certifications such as CISSP and CEH. Before coming to DAU\, he served as the Information Systems Security Manager (ISSM) at the Office of the Comptroller of the Currency under Department of Treasury overseeing IT/Cyber acquisitions and compliance throughout several platforms to include public and private cloud environments. He is a former Navy Civilian of 10 years to include being the Deputy CIO for Cybersecurity at Naval Sea Systems Command HQ in Washington Navy Yard\, DC. There he oversaw the entire NAVSEA enterprise comprised of over 2000 operational\, developmental\, and RDT&E networks\, systems\, and applications both on-premise and in cloud environments. He had a team of almost 40 civilians and contractors to include the first NAVSEA Cyber Scientific & Technical Intelligence Liaison Officer (STILO) in a position he created to integrate intelligence within Cybersecurity. He also spent two years as an Army civilian supporting the Program Manager of DOD Biometrics as the Cybersecurity Lead under the Program Executive Office Intelligence Electronic Warfare and Sensors (PEO IEW&S). There he was involved in the early stages of acquisition supporting the designs\, engineers\, deployment\, and sustainment of enterprise biometric solutions in multiple operating environments enabling identity dominance on the battlefield and across the Department of Defense to include migrating tactical systems into the cloud. He is also a proud veteran retiring after 20 years of Navy active-duty service. Some of his assignments includes serving as the Automated Data Processing Division Officer onboard the USS NASSAU\, and as a Computer Network Defense Leading Chief Petty Officer within Joint Forces Command where he stood up a Global Command\, Control\, Communications\, Computers\, and Intelligence (C4I) Coordination Center after the 9/11 attack. \n\n\n \n\n\nDr. Mari J. Spina\nCloud Security Alliance-DC Chapter Research Committee Chair\nPrincipal Cybersecurity Engineer @ the MITRE Corp\nPMP\, CISSP\, ISSEP\, CCSP \nDr. Mari J. Spina is the Cloud Security Alliance-DC Chapter Reasearch Committee Chair. In this capacity\, she has been leading the charge to develop critical research to advance the state of practice in cloud security for highly regulated industries represented by the CSA-DC Chapter membership. Dr. Spina is also a Principal Cybersecurity Engineer at the MITRE Corp. supporting a multitude of MITRE Federal sponsors including DoD and the IC in the area of Cloud Security. At MITRE\, she leads the Cloud Security Capability Area\, and teaches Cloud Security for the MITRE Institute. She has taught many Information Technology courses for the George Washington University schools of engineering and business. Before joining MITRE\, she worked for government engineering firms including Hughes Aircraft\, SAIC\, ManTech\, NJVC\, and DMI since 1988 where she provided IT systems engineering to a variety of Federal agency missions including those of the Intelligence Community and the DoD. Mari holds a D.Sc. in Engineering Management from the George Washington University\, a MSEE from the University of Southern California\, and a BSME from California State University Northridge. She is also PMI PMP and ISC2 CISSP\, ISSEP\, CCSP certified. \n\n\n \n\n\nMichael Wasielewski\nCapgemini \nMoving from outside of Washington D.C. in the US\, Michael moved to Paris joining Capgemini in December of 2021. Responsible for global cloud security and next-gen secure architecture portfolio development\, Michael brings a robust background ranging from Network Operations and Engineering\, running global Information Security teams and modernizing enterprises through their cloud and workplace journeys\, and executing as a global Cloud Security specialist. When not playing video games with his two kids or struggling to learn French\, Michael wishes he could play more golf or do some more skydiving. \n\n  \nVirtual Meeting Information \n\n This event will be presented through Zoom.\n Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent topics in the Cloud Security space. \n  \nCPE-Related Details \n\n Prerequisites: None\n Advance Preparation: None\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://isaca-gwdc.org/event/2023-cloud-security-conference/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/09/cloud_2023.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT END:VCALENDAR