Topic 1: Frictionless Assessment and Preparedness of NIST sp800-53r5 Compliance
Brief: The NIST NIST.SP.800-53r5 is gold standard of comprehensive information security and privacy controls for federal agencies as well as commercial organizations . At the same time, it covers a big ground with new supplemental Guidelines and important considerations for selecting and baselining controls that are relevant and sufficient for demonstrating compliance and building trust.This is a tall order for anybody attempting at implementing NIST sp800-53r5, and also for any professional assessing or auditing an organization against it.The session attempts to go under the skin of the NIST sp800-53r5 Control Framework and get to the spirit of it to make it easier to use it in a frictionless manner, which is the mantra of our service organization, Frictionless Security LLC.
Speaker Bio: Sanjay Mathur is an accomplished IT security professional who held various technical and business responsibilities with big four consulting, Fortune 1000, and start-ups. Motivated by innovation and risk mitigation, Sanjay has been enabling business to securely achieve its goals. Currently, he is providing consulting and advisory services to startup growth companies. Prior to this, he was managing information security at KLA-Tencor and a business leader at Visa managing IT Audits & IT Security initiatives. In addition, Sanjay has an accomplished global consulting experience. He has MSc and MBA degrees with CISM, CISSP and CRISC certifications. A regular speaker at ISACA Silicon Valley and San Francisco chapters on topics, such as: Mobile security risk mitigation, moving from network-based security to data-driven security, Accelerating IT Audit fieldwork using visual constructs, to name a few. Co-instructor for a Two-day training program on “Trusted E-Systems for FDA and HIPAA Compliance” at UC Berkeley Extension.
Topic 2: The Digital Trust Gap: How Cyber Pros Break Silos to Advance Digital Trust
Brief: Digital trust is sometimes misunderstood as a cybersecurity function; it’s really a part of an ecosystem that harnesses privacy, quality, assurance, risk, and governance to strengthen your enterprise and consumer trust. Learn how cyber professionals can communicate and collaborate with other IT functions in the digital trust ecosystem, and gain access to a new digital trust ecosystem framework.
Speaker Bio: Pamela (Pam) Nigro, CRMA, CISA, CGEIT, CRISC, CDPSE, was recently named Security's 2023 Top Cybersecurity Leaders by Security Magazine. Ms. Nigro serves on the Board of Directors for ISACA as Director, where she was the Chair from 2022 2023. Presently, Ms. Nigro is Vice President of Security at Medecision where she is responsible for all cyber security efforts that secure and protect information important to Medecision and its customers, while ensuring the overall cyber resiliency of the company. Ms. Nigro is also an Adjunct Professor at Lewis University in Illinois where she teaches in the MSIS and MBA programs. Ms. Nigro has achieved her MBA from Illinois Institute of Technology. She has more than 25 years of experience in the healthcare industry and the information technology industry and holds numerous IT certifications.