Topic: Why Your Security Training Doesn’t Work & Building Trust with SOC 2 and HITRUST
Check-In: 2:30 PM
__________________________________________
First Session @ 3:00 PM
Title: Why Your Security Training Doesn’t Work—and How to Fix It
Learning Objectives:
By the end of this, attendees will be able to:
1. Identify why traditional security awareness programs fail
2. Design role-based, behavior-driven training programs
3. Influence business leaders to take ownership of cyber risk
We are pleased to introduce our first guest speaker, Agathe Merle, Security Manager, Cybersecurity at Abbott.
Agathe Merle is a cybersecurity professional with several years of experience supporting U.S. Fortune 100 companies, as well as American state government agencies and elected officials. She has held multiple roles within cybersecurity operations, collaborating with stakeholders across global organizations to strengthen security posture and resilience.
Her interest in cybersecurity stems from the field’s dynamic and ever-evolving nature, which continuously presents new challenges and opportunities for innovation. Originally from Martinique, a French Caribbean island, Agathe brings a diverse, global perspective to cybersecurity and organizational culture.
____________________________________________________________________
Second Session @ 4:00 PM
Title: Building Trust with SOC 2 and HITRUST
Learning Objectives:
By the end of this, attendees will be able to:
1. Identify the key benefits of SOC 2 reporting and HITRUST certification, and explain how each helps organizations demonstrate trust, meet regulatory and customer expectations, and strengthen security and privacy programs.
2. Differentiate between SOC 2 and the available HITRUST certification options, including when each framework is most appropriate, to determine the best fit based on organizational risk profile, industry, and stakeholder needs.
3. Evaluate practical next steps for pursuing SOC 2 or HITRUST, including readiness considerations, common decision points, and how to effectively engage and work with an external assessor firm..
We are pleased to introduce our second session speakers, Keith Jackson, Senior Manager at Cherry Bekaert, and Dan Sembler, Market Leader & partner at Cherry Bekaert Advisory LLC
Keith Jackson brings over 10 years of experience providing IT audit, risk, and compliance, and IT security consulting services to organizations of various sizes in the healthcare, retail, manufacturing, information technology and banking sectors. He uses an in-depth understanding of regulatory requirements and risks that companies face across these industries to help organizations assess and remediate gaps and successfully complete regulatory audit requirements. He is well versed in regulatory compliance frameworks such as HITRUST, HIPAA, SOC 1, SOC 2, NIST, ISO, and COBIT.
As a senior manager, Keith manages IT audit, regulatory compliance audit, and cybersecurity audit projects efficiently and effectively to achieve desired outcomes for both the Firm and the client. This includes maintaining constructive working relationships with clients and serving as a trusted partner to help solve complex IT, regulatory, and operational problems.
Dan Sembler is an Advisory Partner in the Firm's Information Assurance and Cybersecurity domain, overseeing SOC 1 and SOC 2 examinations and readiness assessments, cybersecurity due diligence assessments, and other attestation engagements on third-party criteria.
Dan has also led engagements in the Risk Advisory domain through ICFR risk assessments, internal audit co-sourcing, SOX 404 consulting and readiness assessments, and pre/post-system implementation reviews.
His client base ranges from large accelerated publicly traded companies to startup ventures, which operate within Cherry Bekaert’s Technology, Health & Life Sciences, and Professional Services industry groups. Dan also assists Cherry Bekaert’s Assurance & Accounting Service Group through the performance of IT risk assessment and due diligence procedures for financial audits of clients across the Firm’s focused industries.
______________________
Happy Hour: 5:00 - 6:30 PM
______________________
📅 Date: April 16, 2026
🕕 Time: 2:30 PM - 6:30 PM
📍 Venue: 10 S. Wacker Drive, ZO Conference Room, Chicago 60606
CPE: 2 CPE Credits will be earned by participating in this event.
Registration: FREE
Click on the Register Here button below to register for this in-person event.
Note: ISACA members are requested to register using the same email address as listed in their ISACA profile for direct CPE uploads.
Parking Suggestions:
A parking garage is available at the location for a fee, or public transportation is conveniently located nearby.
We look forward to seeing you at the event on April 16th!