09:10 Cybersecurity Risk and Compliance: Past, Present and Future (P10b) David Lacey, Managing Director, David Lacey Consulting Ltd
09:45 Security & Compliance: A Driving Force Behind Moving to the Cloud (P10c) Michael South, Principal Business Development, Amazon
10:20 Compliance Overview–The Options and What They Mean (P10d) Ryan Mackie, Principal, ISO Practice Director, Schellman & Company; Scott Zelko, Principal, Schellman & Company
11:45 ISO 27000, What’s in It For Me (E11a) James Goldstein, Regional Manager/Chief Assessor U.S., IMSM
12:15 ISO 27001 as a Foundation for a Common Controls Framework (E11b) Daryouche Behboudi, Managing Director, CohnReznick Advisory
11:45 How Do I Get Started with FedRAMP? (C11a) Martin Rieger, Vice President, Cyber Security Services, Emagine IT; Kris Martel, Chief Information Security Officer, Emagine IT
12:15 Assessment and Compliance for the Cloud (C11b) Chris Williams, Chief Cybersecurity Architect, Leidos; Siobhan Moran, Cyber Architect, Principal Consultant, Leidos
13:45 Managing an ISO 27001 Certification Program in the Age of Acquisitions (E12a) Shane York, Senior Security Compliance Manager, Salesforce
14:15 [60MIN] Enterprise Compliance Panel Discussion: Certification Pitfalls and Lessons Learned (E12b) Moderator: Willy Fabritius, Senior Manager – Global Accounts, BSI Panelists: John Linkous, Founder and CEO, InterPoint Group; Heather Reis, VP, Operations and Consulting, ITG; VP, Neil Witek, VP, Security Governance AIM Specialty Health
13:45 Taking Compliance to the Cloud (Tools and Techniques Using ISO Standards) (C12a) Tim Weil, Network Project Manager, Alcohol Monitoring Systems
14:15 Considering a Dramatically Different Paradigm to Ensure Security; How the Dynamic and Abstracted Infrastructure can be More Secure Than Ever (C12b) Robert Ames, Senior Director, National Technology Strategy, VMware; Ranil Dassanayaka, Sr. Director, Architecture & Engineering Government, Education and Healthcare, VMware
14:45 Ensuring Security, Trust and Assurance via CSA STAR (C12c) Anil Karmel, President, Cloud Security Alliance-DC Chapter, CEO, C2 Labs
15:45 Beyond Asset-Based Risk (E13a) Andrea Hill, Security Assessments and Strategy Security Consultant, Revolutionary Security; Angela Osborne, Regional Director, Security & Technology Consulting Practice, Guidepost Solutions
16:15 What Third Party Risk Means To Your Enterprise Compliance (E13b) Tom Garrubba, Sr. Director/CISO, Santa Fe Group
16:45 GDPR: Beyond the Talk, Let’s Get To Execution (E13c) Michael Powell, Solutions Consultant, ZL Technologies
15:45 [60MIN] Cloud Compliance Panel Discussion: Should There be a Standard International Reference Architecture to Make Cloud Compliance Easier? (C13a) Moderator: Martin Rieger, Vice President, Cyber Security Services, Emagine IT; Panelist: Mark Houpt, Chief Information Security Officer, Databank; Anthony Valentine, Senior Program Manager, Information Security Risk & Compliance, LInkedIn; Anil Karmel, President, Cloud Security Alliance-DC Chapter, CEO, C2 Labs
16:45 The Importance of Identity Governance and Administration (IGA) in Compliance Frameworks (C13c) Frank Briguglio, Public Sector Identity Governance Strategist, SailPoint
9:00 Privacy by Design (D20a) Jonathan Cantor, DHS Deputy Chief Privacy Officer, Department of Homeland Security
9:45 Data Protection: Security In The Cyber Environment (D20b) Henry Sienkiewicz, Secure Channels
10:15 Introducing ISO/IEC 27552 Privacy Information Management System (D20c) Kimberly Lucy, Sr. Privacy Program Manager, Microsoft
9:45 ISO 27000 Certification Helping Organizations in GDPR Compliance (R20b) Sanjay Basu, Lead Auditor, Oracle Corp; Neelov Kar, Lead Auditor, PM Game
10:15 The ISO 27000 Ecosystem (R20c) Willy Fabritius, Senior Manager – Global Accounts, BSI
11:00 Minimizing the Impact of Data Breaches in Dev and Test Databases (D21a) Steve Jones, Redgate Software
11:30 Adapting GDPR Requirements to Meet NIST 800-53 Rev. 5 (D21b) Tim Lowman, COO, EmeSec
12:00 Digital Data in the Age of “The Breach” (D21c) Kelly K.J. Kuchta, CEO & Founder, Forensics Consulting Solutions
11:00 Optimizing Compliance Management Using Regulatory Libraries and Mappings: A Perspective on Data Security and Privacy Compliance (R21a) Steve Crutchley, Owner, C2C Smartcompliance; Brian Alexander, Chief Legal Officer, C2C Smartcompliance
11:30 Cross Compliance on a Budget—Strategies for Addressing Multiple Regulatory Frameworks Without Breaking the Bank (R21b) Ed Moyle, General Manager and Chief Content Officer, Prelude Institute
12:00 Security and Compliance Certification—The Hype, Hope & Harsh Reality (R21c) John Sapp, Director, IT Security & Controls—Global CISO, Orthofix
13:30 Blockchain and GDPR – How Do You Forget What Cannot Be Forgotten? (D22a) Joshua Marpet,COO/Founder, Red Lion; Scott Lyons, CEO/Founder, Red Lion
14:00 Presentation TBA (D22b)
13:30 A Frankenstinean Approach to an Information Security Management System: Implementing ISO 27001 with the CIS CSC (R22a) Walter Williams, Director of information Security, Monotype
14:00 How to Leverage Common Criteria for FedRAMP (R22b) Ravi Jagannathan, Security Architect vSphere/ESXi, VMware
Exhibits close at 15:00
Current Frameworks vs. the Threat of Future Technologies (P23) Panelists will look at the recognized frameworks and consider implications related to future technologies such as A.I., BlockChain, IoT. How will consulting and advisory services respond and what revised standards are required? The panel will look at integrating the audit regimes, utilizing cloud, and strategies for success. Moderator: Willy Fabritius, Senior Manager – Global Accounts, BSI Panelists: Tim Lowman, COO, EmeSec; Kimberly Lucy, Sr. Privacy Program Manager, Microsoft; Ryan Mackie, Principal, ISO Practice Director, Schellman & Company; Joe Warren, Global Product Line Manager, Thales