April 2018 Monthly Meeting
Session 1 - Data Protection
Abstract:
This presentation will focus on DLP role in data protection. The speaker will be presenting past, present and future variations of DLP with relavant usecases.
Speaker:
Steve Chan, Product Evangelist, Proofpoint
Steve is the product evangelist for Proofpoint's Information Protection solution suite, which combines cybersecurity and compliance disciplines. He leads a product focused, cross functional team targeting strategic accounts, addressing needs in data loss prevention, compliance, and advanced threats. Steve also advises the Proofpoint Enterprise Archive team with domain knowledge and insight, specifically supporting strategic account sales, providing competitive insight, and market context in the areas of e-discovery, compliance, supervision, and information governance for email and other forms of unstructured data across social, mobile, and collaboration channels. Steve has been an advisor to government organizations such as the SEC, and presents at key conferences and industry roundtables around the country.
Steve has held executive roles with firms in the big data, e-discovery, and information governance industries.
Before working in enterprise software, Steve founded two game development firms and consulted with folks from Pixar and Disney, completing projects for Apple, nVidia, Time Warner, Atari, Naughty Dog, and UCSF. He served as a primary investigator on two government-funded research projects for 3D medical visualization and training. And in 2001, he was the managing director of the Independent Game Festival. His work has been published in over twenty periodicals and books
Session 2 - Road to Compliance: Case Studies for SOC2 and GDPR compliance
Abstract:
SOC2: Detailed review of implementation of SOC2 in one organization. Challenges and solutions you can apply today to your organization and clients.
GDPR: How to choose a DPO (mandatory Data Protection Officer)? In-house or out-of-house? How will they fit into your current compliance team? Case studies and what firms are doing to comply with this GDPR requirement. How to provide expert advice when others ask you, what to do about the DPO?
Speaker:
Dr. Sarah Lewis Cortes, Head of Infosec and Privacy, InmanTechnologyIT
Dr. Sarah is Head of Infosec and Privacy Services at Inman TechnologyIT. She earned her undergraduate degree at Harvard University, studied Forensic Sciences at Boston University Medical School, and holds a PhD in Computer Science, Cybersecurity from Northeastern University, specializing in the Darknet, Privacy and Privacy Law as well as IT Security, topics on which she has published extensively. She conducts training and research with the FBI, the Alameda County Sheriff’s Office Department Digital Forensics and Multimedia Evidence, the FBI and other LEAs. She has implemented and overseen major security and privacy programs and operations in regulated industries, achieving compliance in SOC2, SOX, PCI and GDPR, and other laws and regulation and IT control frameworks.
Prior to undertaking her PhD, Sarah was a Senior Vice President for Security, IT Audit and Disaster Recovery at Putnam Investments, an investment management firm with over $400 billion in assets under management, 79 mutual funds, 96 institutional clients, and over seven million shareholders and retirement plan participants. She oversaw Putnam’s recovery on 9/11 when then-parent company Marsh & McLennan’s World Trade Center 99th floor data center was destroyed. She also supervised over and 65 compliance and IT audits per year as well as incident investigations. As a senior executive and later consultant for Putnam and other Fortune 500 firms, Sarah also had responsibility for major applications development, data center and other operations, with over 100+ staff and $50m budgets. Before that, Sarah was a Sr. VP for Data Center and Security Operations and Compliance with BNY Mellon Bank, a global investments company with $1.6 trillion in assets under management, previously a part of Shearson/Lehman/American Express, the giant financial services conglomerate.
Cancellation / Refund Policy:
ISACA Silicon valley aims to keep the costs minimum for such events. Also due to prior payments made to conference venue and instructor, no cash refund will be provided. If you cancel your registration one day prior to the event, a credit will be given to attend a future event in 2018 (Conference / Training). No credit will be given for the cancellation request on the day of the event or later.
ISACA SV Job Portal: Looking for your next career move? Search for jobs at http://www.isaca.org/chapters8/Silicon-Valley/Resources/Pages/Jobs%20Board.aspx
Do you have an opening in your company/team? ISACA helps you reach 3000+ members and non-members including ISACA certified professionals working on Information Security/ Internal Audit/ Risk Management. Post your job opening at ISACA Silicon Valley website. Send us the job opening details to marketingdirector@isaca-sv.org
Join our LinkedIn Group: https://www.linkedin.com/groups/114346
Follow us on Twitter: https://twitter.com/isacasv
ISACA Membership Renewal:
If you haven't done already, please log on to www.isaca.org to renew your 2018 ISACA annual membership. We appreciate everyone who have renewed their membership!
ISACA Certification Renewal:
To complete your certification renewal, visit www.isaca.org/reportCPE to submit CPEs.