Webinar: Topic 1: Build CSC; Topic 2: Prepare security compliance program for SMB (2 CPEs)

When:  Jul 11, 2024 from 18:00 to 20:00 (PT)
Associated with  Silicon Valley Chapter

Topic 1: Building and Scaling Continuous Security-Compliance

Brief: A practical guide on building and scaling a world class security programs. 

Speaker Bio: Chintan Patel is an accomplished product executive with hands-on experience on building planet scale security and cloud infrastructure products. He is currently the Head of Product and Design at LVT and prior to that, Chintan has held leadership positions at Vanta, Salesforce, Microsoft and Cisco. Some of the notable security products he worked on are the isolation platform for Windows 10, containerization strategy for Azure control plane, cloud-native and multi-substrate security platform for all Salesforce products, #1 continuous compliance monitoring solution etc. He has received MS in Computer Science from the University of Minnesota and executive education at the Kellogg Business School. 

Topic 2: Preparing an effective info security compliance program for a small-and-medium business (SMB) to build trust for their service-offering

Brief: Typically, small, and medium businesses (SMBs) are hard pressed on budget, time, and resources. Yet, they have demands of the third-party risk management (TPRM) programs of their potential corporate buyers to demonstrate trust around their service-offerings. This requires an information security and compliance program, and preparedness for an independent and objective audit and certification of their management assertion on the trustworthiness of their services. Based on a couple of real-life scenarios of our clients, this presentation will discuss the challenges, roadblocks, and pitfalls in setting up an info security compliance program for an SMB. It offers a strategy to leverage internal and external resources for the best results. Additionally, we shall discuss the importance of having a metric to evaluate the value of the program and justify its cost. Presentation Outline: 1. Introduction: Rude awakening for SMBs: Why do we need SOC2 compliance for getting an order? 2. Back tracking from a potential corporate sale to their third-party risk management questionnaire to SOC2 certification to having an info security compliance program 3. Compliance Program? Compliance of what? 4. How do we justify and finance a compliance program: What is the pay-back? 5. A use case: Developing minimum viable security and an info security compliance program to build trust around the service-offering 6. The metric to evaluate effectiveness of the info security compliance program for a SMB 

Speaker Bio: Sanjay Mathur is an accomplished IT security professional, who held various technical and business responsibilities with big four consulting, Fortune 1000, and start-ups. Motivated by innovation and risk mitigation, Sanjay has been enabling business to securely achieve its goals. Currently, he is providing information security consulting and advisory services to growth companies through Frictionless Security. Prior to this, he was managing information security at KLA-Tencor and a business leader at Visa managing IT Audits & Information Security initiatives. In addition, Sanjay has accomplished global consulting experience. He has MSc and MBA degrees with CISM, CISA, CISSP and CRISC certifications.