ISACA North Texas December Monthly Meeting

Dates: 12/20/2024

Time: 10:30 a.m. - 2 p.m. Central Time

CPE: 3

Fee:

• ISACA Member Cost: $40.00
• Non-Member: $50.00

Agenda:

• 10:30 am - 11:30 am - How to get started with Cyber Risk Quantification (for FREE!)
• 11:30 am - 12:00 pm - Lunch
• 12:00 pm - 1:00 pm - TBD
• 1:00 pm - 2:00 pm - Adapting to the emerging risk landscapes with AI assurance

Session 1: How to get started with Cyber Risk Quantification (for FREE!)

This presentation help you get started with cyber risk quantification (without spending any money). We will walk through how to come up with reasonable baseline data using publicly available sources (Cyentia! Verizon DBIR!). We’ll feed this data into a (free) FAIR based model (FAIR = Factor Analysis of Information Risk). All resources used for presentation will be made available to participants. No special software or costs for any of the tools or data used. Case study and data specific to the nonprofit sector will be used, and we'll include instructions and recommendations for how to come up with data even if that’s not your sector.

Learning Objectives:

• Attendees will be able to leverage at least one high quality data source as a starting place for risk quantification for an organization in their industry.
• Attendees will be able to leverage at least one free open-source tool or modeling approach provided by (or referenced by) the presenter.
• Attendees will have an idea of how they can improve upon the data and model(s) provided in this talk.

Speaker: Josh Marker, Security Risk Manager

Session 2: TBD

<>

Key Takeaways

<>

Speaker: <>

Session 3: Adapting to the emerging risk landscapes with AI assurance

As artificial intelligence (AI) continues to transform industries, organizations face an evolving risk landscape that requires adaptive strategies and stronger assurances. In this session, Thoropass will explore how companies can effectively manage AI-related risks through strategic frameworks, best practices, and automation.

Key Takeaways

• The Current AI Risk Landscape
• AI Frameworks & Best Practices
• Key Controls & Adapting to AI Requirements
• Utilizing Automation & Framework Overlap

Speakers: Sneha Nair, Senior Account Manager and Zach Rutz, Senior Manager
Thoropass

Speaker Bios:

Josh Marker: Josh Marker is a Cyber Risk Manager at SAP focused on growing a cyber risk quantification program. Josh has been working on risk quantification for six years and has a decade of technology experience. He can speak fluently in Spoonerisms.
LinkedIN: https://www.linkedin.com/in/joshm314/

Speaker 2: TBD

Sneha Nair: Sneha is a Senior Account Executive with Thoropass and helps companies of all stage and size automate, streamline and simplify their compliance and audit process for SOC, ISO 27001, HITRUST, PCI DSS, HIPAA and other security/privacy frameworks.

She recently moved from NYC to DFW area and is excited to connect with regional leaders, and present for the first time at the ISACA in-person meeting.
LinkedIN: https://www.linkedin.com/in/snehanair8/

Zach Rutz: 8+ years as an accomplished IT assurance manager with expertise in IT auditing, enterprise and risk management, and a strong background in the insurance, healthcare, and professional services industries.

Served as HITRUST methodology lead for a national practice and lead client implementations of HITRUST and SOC audits and assessments. Certified CSF Practitioner (CCSFP), Certified HITRUST Quality Professional (CHQP), and Certified Information Systems Auditor (CISA)

LinkedIn: https://www.linkedin.com/in/zacharymrutz/

Host or Publisher North Texas Chapter of ISACA