ISACA Silicon Valley

June 2024 Week 3 In-Person Event (2 CPEs)   When? June 20, 2024   Where? Delta Hotels by Marriott Santa Clara Silicon Valley, 2151 Laurelwood Avenue, Santa Clara CA 95054   Registration Link: https://lnkd.in/gkNHg7rD   Please register now to secure your spot for this in-person event and join us for an evening of learning with our distinguished speakers, delicious dinner, networking & giveaway prizes with our member community. Attendees will have an opportunity to win a $50 gift card along with two $25 gift cards and other giveaways.   Note: Discounted registration fee for members and non-members will end on 06/17/24 at 5 pm PT. After that registration fee will increase for members and non-members. So, please register ASAP! Once registered, there will be no refunds for any cancellation.   Schedule (Timings in PST):   5:30-6:00 PM: Registration/Check-in 6:00-6:50 PM: Session 1 6:50-7:05 PM: ISACA SV Board Announcements / Sponsors 7:05-7:20 PM: Networking Break 7:20-8:10 PM: Session 2 8:10-8:30 PM: Giveaway Prize Drawings. Wrap-up & Networking     Session 1: Building Lean Agile Security Risk Management Strategies   Speaker: Kenneth Thomas Moras, Head of Security GRC, Plaid   In today’s dynamic digital environment, traditional security risk management strategies often fail to keep pace with rapid technological advancements and evolving cyber threats. This presentation will delve into the transformative approach to security risk management adopted at Plaid, focusing on the integration of lean and agile methodologies to foster resilience and enhance business outcomes.    #ISACASV #ISACA #webinar #Security #RiskManagement Session 2: Techniques to Identify and Resolve Conflict Before it Starts   Speaker: Wendy H., Sr. Security Risk Analyst, HP Conflict is stressful and can distract you from what is important to you. This is also true in the areas of risk management and audits. Traditional conflict training helps people resolve issues often after the conflict has already exploded. This talk will describe the phases of conflict, recognizing your role in management of the conflict, and tools to facilitate better discussions. #ISACASV #ISACA #webinar #ConflictResolution

June 2024 #Free Webinar Week 1 (2 CPEs)   Session 1: How to get started with AI Governance   Date & Time: June 06, 2024 6:00 PM PDT - 7:00 PM PDT   Speaker: Chris P., Chief Privacy Officer, County of Santa Clara   There has been much talk about AI in businesses but little regarding operationalizing AI governance. This presentation will discuss how a local government entity implemented AI controls    Register here: https://lnkd.in/gWYJbQq2   #ISACASV #ISACA #webinar #AI #Governance Session 2: Navigating Security Risk Management Challenges: Performing effective Risk Assessments and Influencing without Authority   Date & Time: June 06, 2024 7:00 PM PDT - 8:00 PM PDT Speaker: Shivani Doke, Senior Security Risk Engineer, Autodesk Discuss the lessons learnt while developing an in-house vulnerability prioritization framework. What worked and what did not. How to ultimately get buy-ins and drive adoption from key stakeholders.   Register here: https://lnkd.in/gWYJbQq2   #ISACASV #ISACA #webinar #RiskManagement #Security

May 2024 Week 3 In-Person Event (2 CPEs)   When? May 16, 2024   Where? Delta Hotels by Marriott Santa Clara Silicon Valley, 2151 Laurelwood Avenue, Santa Clara CA 95054   Registration Link: https://lnkd.in/gBsuDT3n   Please register now to secure your spot for this in-person event and join us for an evening of learning with our distinguished speakers, delicious dinner, networking & giveaway prizes with our member community. Attendees will have an opportunity to win a $50 gift card along with two $25 gift cards and other giveaways.   Note: Discounted registration fee for members and non-members will end on 05/13/24 at 5 pm PT. After that registration fee will increase for members and non-members. So, please register ASAP! Once registered, there will be no refunds for any cancellation.   Schedule (Timings in PST):   5:30-6:00 PM: Registration/Check-in 6:00-6:50 PM: Session 1 6:50-7:05 PM: ISACA SV Board Announcements / Sponsors 7:05-7:20 PM: Networking Break 7:20-8:10 PM: Session 2 8:10-8:30 PM: Giveaway Prize Drawings. Wrap-up & Networking     Session 1: A Mathe-magical Shift Left in the SDLC with Formal Methods   Speaker: Mike Skurko, Vice President of Sales, TrustInSoft Jason Landers, Director of Systems Engineering, TrustInSoft   With the existing methodologies of SAST, DAST and Fuzzing it’s not possible to ensure all undefined behaviors (particularly buffer overflows) are found and fixed before business drivers push code to be released. Zero day eradication with formal methods for mathematical proof your code will run as intended.   #ISACASV #ISACA #webinar #SDLC Session 2: How to Secure Data Destruction for End of Life Equipment   Speaker: James Wood, Founder and CEO, AllPrinterRecycling.com There are two ways to properly destroy data on hard drives and media: physical destruction (shredding) or logical destruction (wiping). This presentation illustrates the methods and discusses the costs, practicalities, advantages and disadvantages of each process. #ISACASV #ISACA #webinar #DataDestruction #SecureDisposal

May 2023 #Free Webinar Week 1 (2 CPEs)   Session 1: Zero Trust as a Business Imperative   Date & Time: May 02, 2024 6:00 PM PDT - 7:00 PM PDT   Speaker: 🔐Umar aka Chris Carter🍉, Cyber Risk Advisor and Certified Chief Information Security Officer, ex-VP of Cyber Analytics at Zurich Insurance   In today's rapidly evolving digital landscape, the concept of Zero Trust has emerged as a critical business imperative. Zero Trust is not merely a cybersecurity strategy; it's a holistic approach that encompasses revenue protection, regulatory compliance, resilience, and reputation management.    Register here: https://lnkd.in/dUt5jrHv   #ISACASV #ISACA #webinar #ZeroTrust #Compliance Session 2: Risk Management, Human Aspects of Cybersecurity, Professional Development in Cybersecurity   Date & Time: May 02, 2024 7:00 PM PDT - 8:00 PM PDT   Speaker: Ira Winkler, Field CISO, CYE Assuming risk management: I have contended that the biggest problem is cybersecurity is that CISOs get the budgets they deserve, not the budgets they need. The problem is that generally cybersecurity executives have not learned how to make cost benefit based justifications for their budgets and it leaves them with some modified budget from the prior year. By incorporating business principles, cyber risk quantification, vulnerability management, and several other sciences, they can learn to deserve the budget that they need, and be able to make decisions on the optimization of their budgets.   Register here: https://lnkd.in/dUt5jrHv     #ISACASV #ISACA #webinar #RiskManagement

April 2024 Week 3 In-Person Event (2 CPEs)   When? April 18, 2024   Where? Delta Hotels by Marriott Santa Clara Silicon Valley, 2151 Laurelwood Avenue, Santa Clara CA 95054   Registration Link: https://lnkd.in/dpW2eADU   Please register now to secure your spot for this in-person event and join us for an evening of learning with our distinguished speakers, delicious dinner, networking & giveaway prizes with our member community. Attendees will have an opportunity to win a $50 gift card along with two $25 gift cards and other giveaways.   Note: Discounted registration fee for members and non-members will end on 04/15/24 at 5 pm PT. After that registration fee will increase for members and non-members. So, please register ASAP! Once registered, there will be no refunds for any cancellation.   Schedule (Timings in PST):   5:30-6:00 PM: Registration/Check-in 6:00-6:50 PM: Session 1 6:50-7:05 PM: ISACA SV Board Announcements / Sponsors 7:05-7:20 PM: Networking Break 7:20-8:10 PM: Session 2 8:10-8:30 PM: Giveaway Prize Drawings. Wrap-up & Networking     Session 1: Balancing AI: From Innovation to Responsibility   Speaker: Anisha Tekwani, Microsoft   Corporate leaders, including the CEO, CFO, CPO, etc., are grappling with the rapid evolution of AI. Team members seek guidance on where to begin, aiming for swift implementation. The urgency stems from companies’ concern about missing the “AI Bus”. This talk will explore the delicate balance required for secure and compliant AI adoption.   #ISACASV #ISACA #webinar #AI #Innovation #SheLeadsTech #OneinTech Session 2: Designing a resilient Cybersecurity Program with Cutting-Edge Security Technology and Controls   Speaker: Austine J. Ohwobete, Cybersecurity Strategist and Data Privacy Advocate Unlocking the secrets to building impenetrable fortresses in the digital realm requires more than just bricks and mortar—it demands a strategic fusion of designing, implementing, and operationalizing cutting-edge security technology and rigorous controls. Join Dr. Austine J. Ohwobete, as he unveils the architectural blueprint for designing an implementing a resilient cybersecurity program. This presentation, tailored for the Silicon Valley Chapter of ISACA, delves into the regulatory and technical intricacies of crafting robust cyber-defenses that align with internationally recognized frameworks such as NIST 800-53, ISO 27001/2, PCI-DSS, CIS Controls, GDPR, FISMA, and more #ISACASV #ISACA #webinar #CyberSecurity #Privacy #Controls

2024 ISACA SV CISM Exam Review Course Looking to advance your career in Information Security/ #Cybersecurity or #GRC or #IT Audit/Assurance or security program management? The ISACA® Silicon Valley Chapter has got you covered with a #FREE 5-day/15 hours virtual exam preparation review course for the Certified Information Security Manager® (#CISM) exam. Date & Time: April 17th, April 22nd, April 24th, April 29th and May 1st 2024 | 6:00 PM to 9:00 PM PST Registration closes at 11:59pm on April 14th, 2024 (US Pacific Time) Register Here Today: https://lnkd.in/g36bDy2D Agenda Day 1 (April 17th) Module 1 – Information Security Governance Day 2 (April 22nd) Module 2 – Information Security Risk Management Day 3 (April 24th) Module 3 – Information Security Program Day 4 (April 29th) Module 4 – Incident Management Day 5 (May 1st) Mock Exam Instructors: Sangram Dash, Steve Swenson, & Shobhit M. #ISACASV #ISACA #Networking #Compliance #CPE Adnan D.; Murali Chandrasekhar MBA CISSP CDPSE CISA CRISC PMP PCI ISA; John Lazar, CISA; Anisha Tekwani; Manisha Anarkat CPA, CA; Harsh T.; Aparna Patil; Bhanu Viswanadha, CISM, CCSK, RMP, TOGAF, SPC, DASSM; Kartik Trivedi; Paolo Marquez; Ash Kumar, PMP, CISA, SAFe® Agilist (SA), CPA; Sahil Bhanushali (PCIP-ISA); Vic Bhatia; Sai Bhaskar, CEH, CISM®; Naimish Anarkat, CISA; Larry Halme

March 2024 Week 3 In-Person Event (2 #CPE credits) Date & Time: March 21, 2024 5:30 PM PDT - 8:30 PM PDT Location: 2151 Laurelwood Avenue, Santa Clara CA 95054 Session 1: Compliance as Code: Automating Controls at Scale Speaker 1: Harsh T., Cloud Security Engineer, USAA As organizations continue to move their operations to the Cloud, it has become increasingly crucial for engineering teams to focus on the appropriate management of compliance. As a result, collaboration is especially vital when working to secure the Cloud, as all teams must work effectively to ensure alignment to controls. As an engineer currently specializing in Public Cloud Security, I will discuss the significance of cloud compliance, its associated challenges, and strategies for achieving it through automation, monitoring, and codification. This presentation aims to provide those in the GRC field with more knowledge to engage in informed discussions with engineers, fostering collaboration and ensuring compliance objectives are met efficiently. Session 2: The Iranian cyber attack against Unitronics and what it means to critical infrastructure Speaker 2: Joe Weiss PE CISM CRISC ISA Fellow, Managing Partner, Applied Control Solutions, LLC The definition of a cyber incident is electronic communication between systems and people (displays) that can affect Confidentiality, Integrity, or Availability (the CIA triad). Cyber security starts with the assumption that incidents can be identified as being cyber-related as incident response plans cannot be initiated until an incident is identified as being cyber-related. Information Technology (IT) and Operational Technology (OT) Internet Protocol (IP) networks have cyber monitoring and personnel training. However, control system field devices such as process sensors, actuators, drives, and analyzers have no cyber security, authentication, or cyber forensics. When there is a control system incident, you can’t hide the impact - a pipe bursts, lights go out, a refinery explodes, a train crashes, etc. What Stuxnet proved was a sophisticated attacker can make a cyberattack look like an equipment malfunction, not a cyberattack. Consequently, there is a need for improved control system cyber forensic capability and training to identify the more than 17 million control system cyber incidents that have already occurred as being cyber-related. Register Here: https://lnkd.in/g2CtS8gj #ISACASV #ISACA #Networking #Compliance #CyberAttack

March 2023 #Free Webinar Week 1 (2 CPEs)   Session 1: Information Security - Code Generation - Risks, Rewards, and de-risking the adoption   Date & Time: Mar 07, 2024 6:00 PM PDT - 7:00 PM PDT   Speaker: Aruneesh Salhotra, CEO, Fractional CISO, SNM Consulting Inc.   Leveraging AI code generation technologies offers significant advantages, yet it also poses certain risks. A key concern is the varying quality of the generated code, potentially leading to the presence of bugs or security vulnerabilities. To mitigate these risks effectively, organizations should implement comprehensive testing, conduct manual reviews, adopt diverse toolsets, and promote a clear understanding of the generated code.   Register here: https://lnkd.in/ggvR738g   #ISACASV #ISACA #webinar #Risk Session 2: Security pitfalls of AI, solved by GenAI   Date & Time: Mar 07, 2024 7:00 PM PDT - 8:00 PM PDT   Speaker: Trupti Shiralkar, Founder, TrueNil   Register here: https://lnkd.in/ggvR738g     #ISACASV #ISACA #webinar #GenAI #Security 

Learn how to protect yourself & your business from becoming a victim of cybercrime. Join us for the 7th Annual Official Silicon Valley Cybersecurity Summit, rated Top 5 InfoSec Conference Worldwide, held on Tuesday, February 13, 2024 at the Santa Clara Marriott. ISACA Silicon Valley is a proud partner of this event & for a limited time has secured Exclusive Complimentary Admission (valued at $250/person) for our network! Register before Feb 8 with code CSS24-ISACASV to secure your Free Pass at https://lnkd.in/gwmwF-wA Note: Admission is for C-Suite, Senior Level Executives, Directors, Managers, and other Industry Professionals or Business Leaders. Those in Sales or Marketing and Students are not permitted. Earn up to 8 Continuing Education Credits by attending the day in full. Admission includes a catered breakfast, lunch & cocktail reception. Elvis Chan, Asst. Special Agent in Charge, FBI San Francisco Cyber Branch, and Alon Y. Ben-Ari, Chief Medical Information Officer, U.S Veteran Affairs, will lead the Security Government Keynotes. Learn from additional renowned Subject Matter Experts and thought leaders from IBM Security, Google Cloud, Check Point, Exabeam, and many more who will discuss the latest security threats, best cyber hygiene practices, and innovative solutions to protect your business. Please share/forward this invitation with your IT Security Team and other Senior Level colleagues who would benefit from attending this event. For event details, visit https://lnkd.in/gSBHeiwU Sincerely, ISACA Silicon Valley Board Adnan D., Murali Chandrasekhar MBA CISSP CDPSE CISA CRISC PMP PCI ISA, John Lazar, CISA, Anisha Tekwani FIP,CDPSE,CIPT,CIPM,GLEG,CIPPE,CISA,CPA, Bhanu Viswanadha, CISM, CCSK, RMP, TOGAF, SPC, DASSM, Ash Kumar, PMP, CISA, SAFe® Agilist (SA), CPA, Sahil Bhanushali (PCIP-ISA), Kartik Trivedi, Sai Bhaskar, CEH, CISM®, Paolo Marquez, Aparna Patil, Manisha Anarkat CPA, CA, Vic Bhatia, Naimish Anarkat, CISA

February 2024 Week 1 Webinar (2 CPE) WHEN? February 1, 2024 6:00 PM PDT - 8:00 PM PDT Registration Link: https://lnkd.in/gNQD2uwF Please register now to secure your spot and join us for an evening of learning on an interesting topic with our member community, which is being presented by our distinguished speaker. Please note that there will be polling questions during the webinar and CPE will only be available if (i) one is registered and present for at least 50 minutes of the webinar and (ii) if polling questions have been answered (not mandatory and answers need not necessarily be correct). CPE certificates are usually sent 2 weeks after the event. Please be informed that all CPEs earned at ISACA Silicon Valley Chapter events by eligible ISACA members (whose ID was entered during each event registration) gets uploaded into your respective accounts. As a result of this, you will not have to manually upload your CPEs to ISACA portal. You can view our uploads by logging into the ISACA.org website under MyISACA section. You will then have to individually and manually apply for each of the events, the CPE earned for each of your ISACA certifications. Agenda: 6:00 - 6:10 - Welcome and Introduction 6:10 - 7:00 - Session: Embracing Intelligence Driven Red-Teaming and Cyber Resiliency Testing 7:00 - 7:05 - Break 7:05 - 7:55 - Session: Impact of Corporate Culture in Organization Business, Internal Audit, and Digital Trust 7:55 - 8:00 - Wrap-up Session 1 : Embracing Intelligence Driven Red-Teaming and Cyber Resiliency Testing Speaker 1: Clement Dakat, CISSP, CCSP, CCSK, CISA, GOSI, Manager, Office of the Superintendent of Financial Institutions Canada This session will cover an overview of frameworks and implementation of intelligence driven red teaming and cyber resiliency testing across the UK, EU and Canada. #ISACASV #ISACA #webinar #cyberresiliency #AI #frameworks Session 2 : Impact of Corporate Culture in Organization Business, Internal Audit, and Digital Trust Speaker 2 : Rafael Pérez Marín, Independent Professional In this webinar we will get to know the Corporate Culture concept, along with its extension and impacts on people, processes, and even the internal audit team, from the human behavior perspective. You will know a crazy (but almost real) scenario where you will see the kind of damage that Culture, is not timely tackled, can create to the financial statements, IT projects, and even the "on-going business" principle. #ISACASV #ISACA #webinar #culture #internalaudit