The purpose of the webinar will be to provide participants an overview of information security risk management, including reviewing market and emerging trends, risk management concepts, risk quantification approaches, and board reporting. We will walkthrough a framework to manage information security risks, including discussing the evolution and application of the framework based on emerging trends, maturing capabilities, and heightened board attention. In addition, we will cover hot topics such as defining risk tolerance levels and incorporating risk quantification into risk reporting. We will share examples as well as walkthrough a relevant case study. Participants will gain an understanding of the framework and how the framework may be applied depending on nature and maturity of organization.
|
Agenda
|
|
6:00 - 6:05 - Welcome and Introduction (including announcements)
|
|
6:05 - 6:45 - Session: Information Security Risk Management
|
|
6:45 - 6:55 - Q & A
|
|
6:55 - 7:00 – Wrap-up
|
Speakers
Marios Damianides, Partner, E&Y
Partner in the Consulting practice of EY and US East Cyber Security Leader. He has over 30 years of professional services experience leading global teams delivering security, business, and large scale IT transformation programs. He has assisted several fortune 500 clients in implementing agile security programs and architectures as well as broadening their protection and business improvement programs.
- Specializes in the Media & Entertainment and Technology sectors. Has served clients such as Sony, Disney, ViacomCBS, IPG, Omnicom, Honeywell, McGraw Hill, Canon, Siemens, Verizon, Wal-Mart and TI.
- Worked in six EY offices (USA and South Africa) with a focus on security, governance, information systems, and business and IT processes.
- Bachelor of Commerce (Economics), Post Graduate degree in Accounting, University of Kwazulu Natal
- Masters in MIS, Rand Afrikaans University
- CPA (USA); Chartered Accountant (SA); CISA; CISM
- Member AICPA, SAICA
- Past Chairman of the Board of ISACA
- Board member and Executive Committee member of the Board at the Lighthouse Guild
Daniel Prior, Senior Manager, E&Y
Daniel Prior is a Senior Manager in EY’s Consulting practice. Dan has over 13 years of experience performing engagements related to risk management, IT risk management, third-party risk management, financial/ERP and governance, risk and compliance (GRC) system implementations, application security, internal controls, process improvement and business transformation. Dan has delivered services for an array of clients and industries, including Fortune 50 companies operating in the banking, insurance, consumer products, life sciences, telecommunications, technology, professional services and media and entertainment sector.
- Education: B.S., Accounting & Management Information Systems, Boston College
- Certified Public Accountant
Alison Webb, Senior Manager, E&Y
Alison is currently is a Senior Manager in EY’s Consulting practice. She recently transitioned from focusing on risk analytics to helping organization’s transform their risk management functions, including recently leading the global implementation of an organization’s user access management platform for a large Education company. EY was engaged to accelerate the onboarding of 85+ SOX systems and their data into a normalized model from 3 years to 13 months. The data focuses on quarterly reviews of privileged access and automated SOD conflict identification. Additionally, Alison established an EY team to lead the Program Management Office for this implementation which covered day to day operations, UAT execution, key business requirement gathering and overall Program execution for 50+ professionals across 5 countries and 3 companies (including a 3rd party System Implementor).
Outside of engagement work, she has supported the development of the EY’s Trust by Design solution, which bridges EY’s capabilities across risk management disciplines.
Alison has been co-leading the development of EY’s Compliance as a Service solution for the HS&W sector, specifically Healthcare Providers. She is also leading the Compliance workstream for a significant COVID-related Financial Recovery Program at a Large Provider Network client. This workstream provides an independent review of high-risk financial recovery programs to proactively identify any findings in preparation for submitting agency attestations and filings.
In her spare time, Alison is an avid skier, golfer, tennis player, traveler and co-chair of a major fundraiser that supports the health and wellness of young girls. Bachelor’s Degree – Industrial Engineering, Lehigh University