Information Security and Cybersecurity are elevated risks in most organizations. Ever changing landscape of the cyber threat and regulatory landscape, organizations need to stay on top of risk awareness and control monitoring. In this session we will walk through different types of risk assessments and management/Board reporting for consideration.
This session will demonstrate how Risk Management plays an important role in protection of company assets and customer data. This discussion will include the following key objectives:
- Importance of Cybersecurity Risk Assessment and Monitoring
- Difference between IT Risk and Information Security/Cybersecurity Risk
- Information Security and Cybersecurity Risk Assessments available by Industry and across Industries
- Reporting that can help Management and Board Committees provide oversight over the Information Security and Cybersecurity Program
Time & Agenda:
2:00 PM - 2:30 PM – Registration & Networking
2:30 PM – 4:30 PM – Information & Cybersecurity Risk Management & Reporting Presentation (2 CRC CEUs available) – Presented by: Audrey Magennis, CISA, CRISC, CDPSE; Director, Cherry Bekaert Advisory LLC
4:30 PM – 6:00 PM – Networking, Appetizers & Beverages
About the presenter:
As a Director in Cherry Bekaert's Information Assurance & Cybersecurity practice, Audrey leverages her well-versed information technology background to guide clients through software development project management and network migration, as well as with internal audit processes. With over 20 years of experience in information technology, Audrey performs and manages Virtual Information Security Officer (VISO) and IT internal audits for a variety of service industries, such as financial services, education, insurance, and professional services.
Prior to joining Cherry Bekaert, Audrey served as a senior director at a boutique regulatory compliance and advisory firm, where she led their technology, risk, information technology audit, and cybersecurity practice. While in this role, she managed product development via life cycle implementation, established operations and security procedures for IT departments across industries, and provided a range of advisory and assurance services to clients. Audrey is a Certified Information Systems Auditor (CISA), Certified in Risk Information Systems Control (CRISC), and a Certified Data Privacy Solutions Engineer (CDPSE).
Look forward to seeing you there!