Topic 1: Building Lean agile Security Risk Management strategies
Brief: In today’s dynamic digital environment, traditional security risk management strategies often fail to keep pace with rapid technological advancements and evolving cyber threats. This presentation will delve into the transformative approach to security risk management adopted at Plaid, focusing on the integration of lean and agile methodologies to foster resilience and enhance business outcomes. By examining the practical challenges and solutions encountered during the development of Plaid's risk management program, attendees will gain insights into effective strategy formulation and implementation that aligns with both security needs and business objectives. Key aspects of our approach include streamlined risk assessment processes, continuous feedback loops, and integration of security practices into the product development lifecycle. These elements not only expedited response times but also ensured that security measures supported rather than hindered business agility. The presentation will also highlight specific case studies where these strategies directly influenced robust business growth and resilience, providing a blueprint for attendees to adapt these principles to their organizational contexts.
Speaker Bio: Kenneth Moras is a cybersecurity leader, with extensive experience in building GRC teams from the ground up at Plaid and scaling large GRC programs at notable organizations such as Meta and Adobe. His expertise also extends to cyber security consulting for Fortune 500 companies during his time at KPMG.
Topic 2: Techniques to Identify and Resolve Conflict Before it Starts
Brief: Conflict is stressful and can distract you from what is important to you. This is also true in the areas of risk management and audits. Traditional conflict training helps people resolve issues often after the conflict has already exploded. This talk will describe the phases of conflict, recognizing your role in management of the conflict, and tools to facilitate better discussions.
Speaker Bio: Wendy is a Senior Risk Analyst in Cyber Security at HP, Inc. She has worked as an individual contributor, manager, and director in the technology field for over 25 years. For the last 10 years, Wendy has worked in the Security field, earning Certified Information Systems Security Professional (CISSP) and PCI Professional certifications. Earning a Master’s degree in Organizational Management from Fielding University, Wendy specialized in Conflict Resolution, along with a 40 hour Mediation training program from Sacramento State University. In 2022, Wendy became a certified mindfulness instructor and practitioner. In summary, presenting negative security findings is not an easy task. Wendy uses her strong technology background, conflict resolution, mediation and mindfulness skillsets in her profession as a Security Analyst, to mediate conflicts within and across various HP organizations, including teams of senior executives.