Events

When: May 18, 2021 - May 18, 2021

Where: Virtual

Description: Innovations by cybersecurity attackers intimidate managers into thinking that they cannot forecast attacks, but publicly sourced data shows that forecasting has more to do with knowing how organizations handle sensitive assets than with attacker innovations. The presenter will show how the audience can use an unmistakable pattern in the data to plan their security programs.

When: May 19, 2021 - May 19, 2021

Where: Virtual

Description: Your Breached Controls May Have Been Reasonable After All Panelists Bill Sampson, Partner at Shook Hardy & Bacon LLP Phyllis Lee, Senior Director for Controls The Center for Internet Security, Inc. (CIS®) Chris Cronin, Partner at HALOCK Security Labs Jim Trilling, Attorney in the Division of Privacy and Identity Protection at the Federal Trade Commission (FTC) David Cohen, Counsel at Orrick, Herrington & Sutcliffe DATE: May 19, 2021 - Wednesday, 10:45 Pacific Time

When: June 15, 2021 - June 15, 2021

Where: Virtual

Description: Having a PCI DSS compliant validation does not stop litigators and regulators from suing you after a breach. To reduce the impact of a breach, organizations have to be able to show lawyers that they were using reasonable security. Attendees will learn: What lawyers ask to see after a breach? How the checkbox approach hurts you after the breach. How to protect yourself and others. Speaker: Viviana Wesley, CISM, PCI QSA, ISO 27001 Auditor Tuesday, 10:30-11am EDT

When: June 16, 2021 - June 16, 2021

Where: Virtual

Description: With PCI DSS 4.0 moving towards a risk-based approach, organizations will have to adapt their frameworks. The Duty of Care Risk Assessment (DoCRA) showcases how you can achieve reasonable security and achieve PCI DSS compliance. By balancing mission, objectives, and obligations, companies can streamline their risk strategies based on their specific work environment. The duty of care approach helps prioritize controls and budget while meeting the needs of all interested parties – card holders, regulators, litigators, business, public. Attendees will learn how to: Conduct your risk assessments so you are ready for PCI DSS 4.0; Estimate the likelihood of risks; Prepare and respond to regulatory investigations and plaintiffs’ lawsuits. SPEAKERS: Viviana Wesley, CISM, PCI QSA, ISO 27001 Auditor; Chris Cronin, ISO 27001 Auditor. Wednesday, 2:45-3:15pm EDT

When: June 17, 2021 - June 17, 2021

Where: Virtual

Description: A recap of our first 2 sessions and a live discussion with attendees on questions. What litigators and regulators have taught a QSA about PCI Compliance and Reasonable Security and DoCRA for PCI DSS: What you should do to prepare. SPEAKERS: Viviana Wesley, CISM, PCI QSA, ISO 27001 Auditor; Chris Cronin, ISO 27001 Auditor. Thursday, June 17, 2021, 10-10:30am EDT

When: July 20, 2021 - July 20, 2021

Where: Virtual

Description: Join us for the 2nd of four events leading up to the Awards Breakfast of October 12th. The four events are Private, intended to support CISO’s and their direct reports, 2021 CISO Nominees, the Program Judges, our CISO Program Sponsors and delegates from esteemed industry partners-AITP, Infragard, ISACA, ISSA, SIM and ChicagoFIRST. This is a Virtual event where you will be able to hear from this year's nominees for the CISO of the Year Award.