• Thursday, March 14, 2019
    10:30 AM  -  11:20 AM
    Best Practices and Future Direction of Security Awareness Training

    Presenter: Thomas Bagley, CPA, CISA – Senior Manager, Crowe, LLP

    Description: This session will provide an overview and discussion of the SOC for Cybersecurity attestation report, from planning and readiness, to testing and reporting. As part of the discussion, attendees will learn about the process for identifying client opportunities and federal regulations that can initiate a need for the service, as well as how to address common challenges identified as part of the readiness phase.

    Speaker Bio: 

    Tom is an IT Assurance Senior Manager in the Audit group at Crowe LLP, and leads the Dallas, TX office in supporting SOC reporting services for the Southwest Region. Prior to joining Crowe, Tom has 11 years of IT audit experience for the Big 4 Accounting Firms and with Fortune 500 Companies, and maintains both his CPA and CISA.

    Learning Objectives: 

    • Understanding the need for the SOC for Cybersecurity
    • Performing client readiness efforts
    • Executing the examination process
    • Developing an Opinion

    Presentation Method: Group-Live
    Program Level:
    Specialized Knowledge & Applications
    Prerequisites/Advance Preparation:
    Recommended CPE Hours:

    12:20 PM  -  1:20 PM
    Auditors & CISOs, Friends or Foes

    Luncheon registration opens at 11:15 am.  Lunch is served no later than 11:45 am 

    Presenter: Jack Miller - SVP Operations, Specialized Security Services, Inc.

    Description: The presentation will focus on the dynamics between auditors and CISOs and will provide a CISO’s perspective on why this relationship is often contentious and how to optimize the relationship, facilitating smoother audits, actually helping organization effectively manage their risks. While understanding technology, regulations and risks are all required knowledge for an auditor, that knowledge in itself will not make an auditor successful. To be successful, the auditor must understand how to navigate the complex dynamics of the corporate environment. This session will provide key insights to enable auditors to be more successful in accomplishing their audit goals and be more effective auditors.

    Speaker Bio: Jack Miller serves as Senior Vice President, Operations of Specialized Security Services, Inc. Jack utilizes his 20 years of CISO experience to guide his administration team in delivering on our commitment to customer service, to provide customer service excellence and to serve and support clients’ security initiatives. Jack brings executive level information technology & security experience in highly regulated multi-national organizations to S3. He leverages his broad background in various industries including technology, financial services, insurance, healthcare, energy, government & manufacturing to give him exceptional perspective in assisting clients with their unique security challenges. Jack has also provided executive consulting and advisory services to some of Silicon Valley’s top venture capital firms and technology start-ups. Jack holds over a dozen engineering and security certifications, is a published author, regularly speaks at industry events and is often featured in industry trade publications. Jack is an adept communicator, facilitates the development of strong teams, consistently strives to keep the initiatives fresh and at the forefront of technology; understanding our clients’ perspective.

    Learning Objectives:

    • Understand the relationship between the security and audit functions of an organization
    • Develop a positive relationship between individuals outside of the audit function
    • Improve communication skills when working with auditees
    • Increase efficiency in the audit process

    Presentation Method:
    Program Level: Basic
    Category: Specialized Knowledge & Applications
    Prerequisites/Advance Preparation: None
    Recommended CPE Hours: 1

    1:30 PM  -  2:20 PM
    Levers of Human Deception

    Presenter:  Erich Kron, CISSP, CISSP-ISSAP, MCITP and ITIL v3 - Security Awareness Advocate, KnowBe4

    Description:  While reported numbers fluctuate from industry study to industry study, they all agree on one thing: cybercriminals are successfully and consistently exploiting human nature to accomplish their goals. Prudent security leaders know that security awareness and training is key to strengthening their ‘human firewall’ – but they often don’t know where to start. Erich Kron, Security Awareness Advocate for KnowBe4, will discuss emerging industry trends, what you can learn from them and turn into actionable information which you need to train your last line of defense, your employees. 

    Speaker Bio:  Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army's 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in Information Security.

    Learning Objectives:

    • Practical security awareness and behavior management tips
    • Outlining how and where tools are helpful
    • Emerging industry trends
    • How to create a “human firewall”

    Presentation Method: Group-Live
    Program Level: Basic
    Category: Specialized Knowledge & Applications
    Prerequisites/Advance Preparation: None
    Recommended CPE Hours: 1