The ISACA GWDC Chapter is proud to host our 2023 Women in Technology and Leadership Conference. This conference is our premier annual event centered around the experience of women in technology and leadership positions. Our technology enrichment topics will focus on awareness and strategies around Cybersecurity, Data Privacy, and Technology Leadership. Specific leadership focus areas include how to pursue IT and Cybersecurity roles in the organization, discuss if the glass ceiling is too low, and how women and advocates may support women’s career paths in technology. Our speakers are top leaders and experts in the technology field, ready to share their experiences, insights, and tips for succeeding in a rapidly evolving industry. Attendees will have the opportunity to learn about the latest trends and challenges, connect with like-minded professionals, and engage in thought-provoking discussions.
This is an in-person event that will be held at the Hilton McLean Tysons Corner. IT executives, management and operations staff, risk management leaders and professionals, IT auditors, cybersecurity professionals, students or anyone interested in learning more about this topic should attend this event.
There will be a free networking session after this event. A separate RSVP is required to attend the networking session.
Registration closes on March 28, 2023 @ 5 pm.
If your organization is interested in being a sponsor for this event, please contact Bonita Patillo, Special Events Director, for details on sponsorship opportunities. (Go to the Contact Us page select “Special Events” under “I have a question about”)
10:00 AM – 11:00 AM
Never Trust, Always Verify: The Zero Trust Approach to Cybersecurity
Presenter: Sushila Nair (Capgemini)
Zero Trust is a cybersecurity model that assumes that all resources and services, both internal and external, are not inherently trustworthy, and therefore require strict access control and continuous verification. It’s a departure from traditional perimeter-based security models, which assume that everything inside the network is safe by default.
This presentation will cover the key principles of Zero Trust, including the principle of never trusting, always verifying, the importance of strong identity and access management, and the need for continuous monitoring and analysis of all network activity. We will also discuss the various components of a Zero Trust architecture and how it differs from traditional security models.
Additionally, the presentation will provide an overview of the steps required to implement a Zero Trust architecture, the benefits of Zero Trust, and how Zero Trust can help organizations meet regulatory and compliance requirements. We will also discuss how auditors can assess the effectiveness of a Zero Trust architecture.
By the end of this presentation, attendees will understand the importance of implementing a Zero Trust architecture and how it can help improve their organization’s cybersecurity posture. They will have a solid understanding of the key principles, architecture, and benefits of Zero Trust, as well as how to implement it and how to assess its effectiveness. Overall, the goal is to provide attendees with the knowledge and tools they need to take the first steps toward a Zero Trust architecture.
11:00 AM – 12:00 PM
Taking an Identity-centric Approach to Zero Trust
Presenter: Christine Owen (Guidehouse)
“Identity is the new perimeter” is being repeated over and over again, because it’s true! A viable Zero Trust Architectures requires a mature, enterprise-wide IAM program so an organization can understand who is accessing its resources. Christine will discuss the different IAM tools necessary, and how they interact together to create the foundation of Zero Trust.
12:00 PM – 01:00 PM
01:00 PM – 02:00 PM
Presenter: Cortney Worthy (Zoom)
During this session, Cortney will cover the following topics:
Understanding the difference between Data Governance, Data Privacy and Data Security and why it matters to your organization.
Why a Data Governance Framework is Foundational to an Organization’s Data Security Strategy? And what Role does Identify Management play In Data Governance?
02:00 PM – 03:00 PM
Presenter: Terry Grafenstine (Citi)
Topic description to be posted soon!
03:00 PM – 04:00 PM
See yourself in IT & Cyber: Different career options in Cyber Security
Presenter: Ruchi Shewaramani (WA Health Benefit Exchange)
During this session, Ruchi will cover the following topics:
- See yourself in cyber security? Why not?
- Careers in cyber security.
- Challenges for women in IT/ Cyber
04:00 PM – 05:00 PM
Panelists: Cortney Worthy (Zoom), Sarah Abedin (BreaktheTide)
During this session, panelists will discuss the following questions:
- Is the glass ceiling still too short?
- How to better support and mentor women in technology.
05:00 PM – 07:00 PM
Immediately following this event, the GWDC will host a networking event. A separate RSVP is required for the networking event.
Vice President – North American Cybersecurity Practice at Capgemini
CISSP, GIAC GSTRT, CISA, CISM, CRISC, CDPSE, CCSK, CCAK
Sushila Nair is Capgemini’s Vice President, North American Cybersecurity practice. Capgemini is a global leader in providing secure digital transformation for our clients. Sushila has most recently served as the Vice President for cybersecurity offers at NTT Data Services and has held the role of a CISO for 10 years. Sushila has over 30 years of experience in computing infrastructure, business and security risk analysis, preventing credit card fraud, and served as a legal expert witness. Sushila has been featured in global technical events including RSA, Segurinfo and ISACA’s global conferences, co-authored books and is regularly quoted in the press. She plays an active role in supporting best practices and skills development within the cybersecurity community through her work with ISACA and CSA.
Sushila is part of the ISACA global emerging trends working group and vice president of ISACA Greater Washington, D.C. Chapter. Sushila Nair was named by IT Security Guru as one of the Most Inspiring Women in Cyber 2022!
Director at Guidehouse
Christine C. Owen is a recovering attorney who found solace as the Zero Trust Lead at Guidehouse. She is interested in securing people, things, applications, devices, and the cloud taking an identity-centric approach. Christine oversees and manages client engagements to provide enterprise IAM and Zero Trust solutions.
Christine learned IAM principles while consulting for an IAM program that encompassed the entire Federal government. She then moved into a sandbox, teaching First Responders how to secure their systems; her work resulted in the ICAM Educational Series, published on the DHS S&T website. In her downtime, Christine enjoys bourbon, her grumpy Westie, and chatting about IAM with anyone who will listen.
Leader of Data Governance & Compliance at Zoom Video Communications
Cortney Worthy is a passionate Data Governance & Management executive with 14+ years experience. A Mississippi native, Cortney relocated to the DC Metro area after obtaining a degree in Finance from the University of Memphis and started a career in government consulting. She has successfully led the stand up of several Chief Data Offices across multiple government agencies to include the Department of Defense, Department of State, and United States Citizenship and Immigration Services. Cortney currently serves as the Leader of Data Governance & Compliance at Zoom Video Communications where she leads the maturation of data governance capabilities. Cortney’s self-proclaimed super power is her ability to “build relationships of influence to lead organizations to data driven insights with governance as a foundation”. When she’s not working tirelessly to ensure your data is safe and secure, she serves as a Girl Scout Leader mentoring the next female generation of developers, engineers, data scientists, and leaders. You can also find her making her way up the charts on the Peloton leader board!
Chief Information Security Officer at WA Health Benefit Exchange
Ruchi Shewaramani is a cyber security executive with 15+ years of experience in Information Technology Security, Identity and Access Management (IAM), Governance, Risk and Compliance (GRC) across Healthcare, Education and Financial institutions. She holds a Masters in Software Engineering from Seattle U. In the last decade, she has managed the security program for various Health and Human Services Agencies in the District of Columbia (DC) and Washington state and successfully cleared numerous federal audits. She specializes in leading HealthCare agencies to secure their data, be compliant with state/federal partners and provide digital trust to the citizens they serve. She is currently serving as the Chief Information Security Officer for WA Health Benefit Exchange and as a Board member for ISACA Greater Washington DC Chapter.
Chief Auditor, Technology and Business Services at Citi
CPA, CISSP, CISA, CIA, CRISC, CGEIT, CGAP
Terry Grafenstine was appointed as the Chief Auditor for Technology and Business Services in November 2020. She is responsible for leading the Internal Audit teams covering technology infrastructure, cyber, resilience, platforms and applications within businesses and functions, and global business services. Terry joined Citi in April 2019 as the Chief Auditor of Cyber, Third Party Risk Management, and Business Continuity.
Terry has over 25 years of experience in the internal auditing and information technology profession. Before joining Citi, Terry was a Managing Director in Deloitte’s Risk and Financial Advisory practice where she provided strategic advisory services to Chief Audit Executives across all commercial industries and IT audit, risk, and governance advisory services to first line executives in the defense and national security space. Prior to joining Deloitte, Terry served for eight years as the appointed Inspector General of the U.S. House of Representatives, where she designed, managed, and delivered audit and investigative services, including the annual financial statement audit and a comprehensive cyber assurance program.
Terry has held numerous leadership roles to support the auditing, accounting, and information technology profession, including as ISACA’s Global Chair (2017-2018) and as a member of the AICPA board of directors. She currently serves on both the IIA’s North American and Global Boards of Directors. Terry speaks globally on a wide range of subjects, including cyber security, internal auditing, accounting standards, resilience, leadership, and risk. In 2019, the Institute of Internal Auditors (IIA) recognized Terry as one of the “Top Ten Audit Thought Leaders of the Decade” and inducted Terry into their Hall of Distinguished Audit Practitioners, the highest honor given by the IIA’s North American board for the accomplishments and contributions made by individuals to advance the internal audit profession. She has received numerous awards and accolades, including FedScoop’s “Golden Gov Federal Executive of the Year,” the Greater Washington DC Society of CPAs “Government CPA Leader of the Year”, the NY Metropolitan ISACA Chapter’s “Joseph J Wasserman Cyber and Governance Leader of the Year,” and ISACAs “Common Body of Knowledge” and “Best International Conference Speaker of the Year” awards.
Terry holds a bachelor’s degree in Accounting from Saint Joseph’s University and is a Certified Public Accountant (CPA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified In Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), and Certified Government Auditing Professional (CGAP). Terry has been with Citi IA for 4 years, has 29 years of auditor experience and 2 years of non-auditor experience.
Founder and CEO of BreaktheTide
CISA, CGEIT, CRISC, CDPSE
Sarah Ahmad Abedin is the Founder and CEO of BreaktheTide, a 501c(3) nonprofit organization in the United States. BreaktheTide (www.breakthetide.org) provides a fundraising platform for nonprofit organizations to help raise funds for empowering women, children and underprivileged communities. She is a Board member of Sambhali U.S., a nonprofit organization in the United States. Sambhali U.S. is a volunteer organization for Girls and Women Empowerment in Jodhpur, India. Sarah is also a Board member of Gultaz Memorial School and College in Doulatpur, Chattogram, Bangladesh.
Sarah is an Information Technology and Cybersecurity expert by profession with extensive management and leadership experience on a broad range of complex, fast-paced environments in public and private sectors. She started her career as an IT Auditor for the State of Michigan Office of the Auditor General and over the next 30 years she has worked in various capacities for global companies like KPMG, Financial Industry Regulatory Authority (FINRA), NASDAQ Stock Market, IBM and others. Sarah specialized in IT Security, Cybersecurity, Enterprise Governance, Risk, Compliance and Privacy in addition to her audit experience (internal and external). Her expertise is in the US Federal Law (NIST, FISMA, FedRAMP, US Data Privacy law, SOX, HIPAA), COBIT with an emphasis on Strategy, Governance, Risk, Compliance, Security and Privacy.
Sarah has always been passionate to work in the developmental areas for empowering girls and women. She has been a mentor and a founding Advisory Council Member of ISACA’s SheLeadsTech (2017-1018). She was also the first Bangladeshi American President (2013-2016) of the Greater Washington DC (GWDC) Chapter of ISACA, the largest chapter in the world. She was a Member of Privacy Advisory Group of ISACA (2020-2021) and Governance Committee of ISACA (2019-2020). She was an Expert Reviewer of COBIT 2019 Framework (Introduction & Methodology; Governance & Management Objectives). She started the annual Women in Leadership & Technology conference for GWDC in 2016 and hosed this event every year since 2016 to present.
Sarah was an Adjunct professor at the University of Maryland Global Campus (Fall 2012) and an Advisory Board Member of University of Maryland Global Campus, Graduate School of Management and Technology (Financial Management & Accounting).
Sarah obtained her BBA in Accounting Information Systems from Eastern Michigan University and MBA in Electronic Business from Carey Business School of Johns Hopkins University.
Hilton McLean Tysons Corner
7920 Jones Branch Drive
McLean, Virginia 22102
Hotel Website | Phone Number: (703) 847-5000
The hotel offers complimentary parking (Ballroom Entrance / South Parking location).
The hotel offers free shuttle pick up service from Tysons Corner Metro Station. To arrange a pickup, call the hotel at 703-847-5000.
Event Questions and Policies
If you have any registration questions about this event, please contact the chapter using the Registration Contact Form.
If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.
Cancellation and Refund Policy
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.
If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.
Earn up to 6 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
- Learning Objective: After this event, attendees will have a better understanding of Women in Technology and Leadership current trends and practices.
- Prerequisites: None
- Advance Preparation: None
- Program Knowledge Level: Basic
- Delivery Method: Live, in-person
- Field of Study: Information Technology – Technical