Shane York is an information security and governance professional with more than nine years of experience in information systems, cyber security, governance, and compliance. His areas of expertise include IT risk management, IT controls identification, implementation, and assessment, and the management of IT security policy and procedures. He has extensive experience with information security industry best practices and frameworks (ISO 27000 Series, COBIT, PCI-DSS, NIST Special Publications, FISCAM, HITRUST etc.), and information security applicable regulatory compliance requirements (Sarbanes–Oxley Act, HIPAA, FISMA, 1974 Privacy Act, etc.). Shane has performed such activities as an external consultant, internal trusted liaison, and employee for various companies across the Telecommunications, Healthcare, Cloud Services, and Federal Government industries.