ISACA OC June 13th 2017 Dinner and AGM Event


Please join us for the ISACA OC AGM and CPE event. Vote for the leadership of your chapter for the next ISACA year.

Speaker information:

Ali Pabrai, Ecfirst
Presentation 1 title: Asymmetric Cyber Program
Pavan Kumar Rao, PWC
Presentation 2 title: Cyber Risk Management

CPE: 3 Total
Ali Pabrai, Ecfirst

Presentation Abstract:
Each mission critical system, such as a database or Web application server, may have over 100,000 vulnerabilities that may be exploited. A typical cyber vulnerability assessment discovers over 10% unique open vulnerabilities that can compromise the asset assessed. It takes just one exploit for the Cyber Risk = Disruptive Business Risk! This today translates to a seven or eight figure compliance or breach risk!
The threat to business today from cyber-attacks is asymmetric. Attack surfaces are increasing. The combination of IoT+DDos cyberattacks will challenge even the best of security defenses.
To ensure enterprises address this asymmetric threat, businesses must implement a credible cybersecurity program. The focus of this brief is to examine core elements of an enterprise cybersecurity program. Objective is for attendees to have an actionable checklist to assess and develop a credible cybersecurity program.
From this brief, you will:
• Walk thru five core areas of a cybersecurity program
• Review elements of a credible cybersecurity plan
• Identify key cybersecurity policies
• Examine seven critical steps for establishing a comprehensive cybersecurity program

Ali Pabrai is a renowned cyber security expert and member of Infragard (FBI). He is a top rated dynamic speaker and chief executive of ecfirst - a compliance and cybersecurity company. ecfirst is an Authorized HITRUST CSF Assessor and a PCI DSS SQA. Ali serves on the HITRUST Assessor Council. Mr. Pabrai is the author of several published works.


Pavan Kumar Rao, PWC

Presentation Abstract:
While information security risks have dramatically evolved over the past few decades, the approach that organizations use to manage them has not kept pace. The traditional information security model — one that is controls and compliance based, perimeter-oriented, and aimed at securing data and the back office — does not address the realities of today. Organizations need to start seeing cyber risk management as an integral aspect of managing their business and controlling risk.

Pavan is a Manager within PwC’s Advisory Practice with primary responsibility for leading cybersecurity and cyber risk management related engagements.
Pavan has more than ten years of experience in Cybersecurity, IT Risk Management, Internal Audit and Software Development areas. He has assisted in enabling financial services clients in managing risk, improving security posture and implementations, and enhancing business processes by embedding information security best practices.
He has been instrumental in implementing the First and Second Line of Defense mandated by the Heightened Risk Management Standard issued by Office of the Comptroller of the Currency (OCC) at a large multi-national Bank.
Pavan has performed several cybersecurity risk assessments for financial services and healthcare clients. He is led many controls assessments based on industry regulations and standards such as FFIEC, ISO 27002, NIST 800-53, NIST
Cybersecurity Framework and PCI DSS 3.0. These assessments included detailed observations, control recommendations and security roadmap to improve the organization’s cybersecurity posture.
Pavan has assisted several clients in responding to Matters Requiring Attention (MRAs) and Matters Requiring Immediate Attention (MRIAs) stemming from regulatory audits. He has led various information security initiatives such as network vulnerability scanning, static and dynamic code
scanning, segregation of duties, access recertification, and business continuity planning

Relevant credentials:
• Masters in Information Networking, Carnegie Mellon University, Pittsburgh PA
• Bachelor of Engineering in Computer Science, BMS College of Engineering, Bangalore India
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Auditor (CISA)


  • When

  • Tuesday, June 13, 2017
    5:30 PM - 8:00 PM
    Pacific Time

  • Where

  • Equinox Sports Club , Irvine
    1980 Main Street
    Irvine, California 92614

Outlook Outlook
iCal iCal
Google Google
Yahoo! Yahoo!