16-18 October 2019 | Geneva, Switzerland

Register now

THIS YEAR’S VENUE

Palexpo Convention Centre

Palexpo Convention Centre

As the program is developed, we will continue to add information—check back frequently for updates!

35

CPE Hours Available

Grow Your Network. Enhance Your Knowledge.

Connect with the most dynamic minds and practitioners in information systems audit, control, security and cybersecurity.

Stay ahead of emerging trends and gain new tools, guidance and insight that will help set the course for the future of information systems and cybersecurity—and for your role in vitally important fields that assess, manage, protect, and drive the success of enterprises worldwide.

Join us during ISACA®'s 50th-Anniversary Year for our EuroCACS/CSX Conference to be held 16-18 October 2019 in Geneva, Switzerland. Advance your knowledge, skills and career in information systems, business and beyond in this first combined CACS and CSX event that offers a greater focus on expertise developed through ISACA's Cybersecurity Nexus™ (CSX).

Secure your place today and save the most on a dynamic global event that brings together the best of ISACA's highly successful CACS and CSX conferences!

 

What's in it for you?

Grow Your Network

Enjoy direct access to leaders and fellow professionals, and interaction with our expert speakers in the breakout sessions and innovators and solutions providers in the Expo Hall.

Enhance Your Knowledge

In addition to fresh perspectives on IS/IT audit, control, risk and governance, this year's programme will dive deeper into information security and cybersecurity's impact across all fields of information systems and technology. Conference track sessions and workshops will feature topics that are current and timely, subject matter that is cutting edge, a thought-leadership perspective that understands today’s industry challenges and is on the leading edge of new ideas.

Who should attend?

EuroCACS/CSX 2019 brings together experts and practitioners in the areas of audit, security, cybersecurity, compliance, risk, privacy, control and IT, from a wide range of industries, including finance, banking, tech services, government, insurance, medical and more.

EuroCACS/CSX sessions are for professionals at any point in their career, with three learning levels, hands-on labs, technical and soft-skill training, lectures, panel discussions and more. There is something for everyone at EuroCACS/CSX 2019.

What is in it for your organisation?

Embrace fresh insights, tools and solutions you can apply immediately in your organisation with your choice of 50+ track sessions.

Share your experiences with fellow conference attendees and bring back their tactics, techniques and stories of hard-earned successes to enlighten and energize your team. Add to your professional value and ready your organisation's ability to see and shape what is coming next for the world of information systems, cybersecurity, technology and business.

Follow @ISACANews and join the EuroCACS/CSX conversation by using the hashtag #EuroCACSCSX.

Like ISACA on Facebook to stay informed.

Follow @ISACANews on Instagram to see behind the scenes photos of the conference.

Follow ISACA’s Company page on LinkedIn for updates.

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a 3-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 35 CPE credits; 18 by attending EuroCACS/CSX 2019, 3 by attending SheLeadsTech Seminar, and either 14 for a 2-day pre-conference workshop or 7 for a 1-day pre-conference workshop. ISACA conferences are Group Live and do not require any advanced preparation.

Please note that the session scanners at the Conference do not track CPE credit hours. You will still need to allocate your CPE hours in myISACA following the conference. Certificates of Attendance will be accessible via your MyISACA account. To view your certificate, log into your account and navigate to the myDOWNLOADS & CERTIFICATES tab. There you will find a “MY CPE CERTIFICATES” section where all of your ISACA event CPE Certificates will live.

Your Certificate of Attendance details the maximum number of CPE hours you could have earned by attending this event. CPE policies for each ISACA certification, as well as details on how to report your CPE hours, are available here on ISACA’s website. Reporting can also be done by submitting information on the annual renewal invoice.

Programme

As the programme is developed, we will continue to add information to this page—check back frequently for updates!

Click here for a downloadable version of our Programme

What to Expect

Opening Keynote - Anders Sorman-Nilsson

Anders is a global futurist and innovation strategist who helps leaders decode trends, decipher what's next and turn provocative questions in to proactive strategies. Don’t' miss this highly energetic and fascinating opening keynote address!

Engaging Sessions

Choose from 50+ cutting-edge sessions offering new tools and techniques, and fresh perspectives on information systems audit, control, risk and governance, and others that leverage expertise developed by ISACA’s Cybersecurity Nexus™ (CSX) to provide deeper focus on information security and cybersecurity.

Closing Keynote – Jon Duschinsky

Jon was voted the world's second most influential communicator on social innovation. He will share his expertise by Sparking Change - which involves creating the ideas that amplify the connection between what an organization does and the impact it can have in the world.

50th Anniversary Opening Platform

Featured at ISACA’s CACS conferences and other major events in 2019, ISACA marks its 50th Anniversary with a high-impact multimedia experience. Aligned to ISACA’s anniversary theme, “Honoring Our Past. Innovating Our Future, the live presentations include videos, interactive experiences and inspiring leadership remarks and reflections. ISACA recaps its history, putting the spotlight on founding member interviews, historical artifacts, as well as prompting discussions on progress, challenges and visions of the future.

Cyber Hunt

The Cybersecurity Nexus Cyber Hunt is a live competition which pits participants against each other in a race against themselves and the clock to respond to a multipronged attack while concurrently conducting a penetration test against diverse asset sets. Participants will need to leverage capabilities from all cybersecurity domains, Identify, Protect, Detect, Respond, and Recover, in an attempt to outwit and outsmart other competitors and achieve the highest score!

Interactive Workshops

ISACA will be hosting a variety of 2-day and 1-day workshops immediately before the EuroCACS/CSX Conference in 2019 to help you maximize your time, travel and CPE!

2-day Pre-Conference Workshops (14 CPE)
Monday, 14 October & Tuesday, 15 October 2019

  • WS1—COBIT 2019 Foundation Course
  • WS2—Cybersecurity Audit Certificate Programme
  • WS3—Accelerated CSX® Cybersecurity Practitioner Certification

1-Day Pre-Conference Workshops (7 CPE) 
Tuesday, 15 October 2019

  • WS4—Forensics for Auditors
  • WS5—7 Critical Factors for Effective Security Program

SheLeadsTech Seminar

SheLeadsTech is holding a ½ day summit on Friday, 18 October following the EuroCACS/CSX event. Join us from 12:30-17:30 as we hear from dynamic speakers. The event begins with a networking lunch and ends with a reception. The event is inclusive and we encourage everyone to join us. We hope to see you there!

SheLeadsTech

Do you have a topic that you think should be offered at this conference? We want to know! Tell us about it by submitting your idea on Twitter using #EuroCACSCSX


Go Green!

NETWORKING RECEPTION IN THE INNOVATION EXCHANGE

Unwind with colleagues in a festive hour of networking and fun!

Register now

SCHEDULE

Your Conference Itinerary

Manage Your Itinerary Order is being processed View Your Itinerary

Sessions are still being scheduled for this conference.

{{ filter.GroupName }}

{{ day.DayOfTheWeek }}
{{ day.Date }}

You have updated your Itinerary. Please click update to confirm changes.

{{ timeslot.Title }}

Moderators

{{ speaker.SpeakerName }}

{{ speaker.SpeakerTitle }}

Panelists

{{ speaker.SpeakerName }}

{{ speaker.SpeakerTitle }}

{{ session.Time }}

{{ session.SessionLocation }}

{{ tag.TagValue }}

{{ session.Title }}

{{ session.Introduction }}

{{ session.Price | currency }}

Log in to manage sessions Register to manage sessions

You have updated your Itinerary. Please click update to confirm changes.

No results found

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a 3-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 35 CPE credits; 18 by attending EuroCACS/CSX 2019, 3 by attending SheLeadsTech Seminar, and either 14 for a 2-day pre-conference workshop or 7 for a 1-day pre-conference workshop. ISACA conferences are Group Live and do not require any advanced preparation.

Please note that the session scanners at the Conference do not track CPE credit hours. You will still need to allocate your CPE hours in myISACA following the conference. Certificates of Attendance will be accessible via your MyISACA account. To view your certificate, log into your account and navigate to the myDOWNLOADS & CERTIFICATES tab. There you will find a “MY CPE CERTIFICATES” section where all of your ISACA event CPE Certificates will live.

Your Certificate of Attendance details the maximum number of CPE hours you could have earned by attending this event. CPE policies for each ISACA certification, as well as details on how to report your CPE hours, are available here on ISACA’s website. Reporting can also be done by submitting information on the annual renewal invoice.

Conference Registration Fees

Act quickly to take advantage of early savings.

Full Conference Registration

Register for the full conferences before 11:59PM CT on Friday, 11 October 2019. Optionally attend the workshops the day before and day after the conference.

Member Price: US $1,900.00 + VAT Non-Member Price: US $2,100.00 + VAT Your Price: Login to find out your price

Workshop Only

ISACA will be hosting a variety of 2-day and 1-day workshops immediately before EURO CACS/CSX Conference in 2019 to help you maximize your time, travel and CPE! Information on these workshops will be posted soon, so be sure to check back for more details!

Member Price: Prices vary based on workshop. See individual workshop for details. Non-Member Price: Prices vary based on workshop. See individual workshop for details. Your Price: Login to find out your price

Cancellation Deadline: Friday, 13 September 2019

Volunteers Needed!

Are you interested in volunteering at Euro CACS/CSX 2019?
Check out the volunteer opportunities and save on your CACS/CSX registration today!

Terms and Conditions

Registration and Payment Policy

Registration submissions for this conference and any additional workshops are not processed, and a seat is not confirmed or reserved, until full payment is received. All submissions not paid in full will be placed on a waitlist and priority will be given to paid registrants in a payment first-come, first-serve basis. Space is limited, so it is highly recommended that payment is provided at the time of submission to guarantee a seat within the conference and all related events.

Registration rate is determined by the date payment is received by ISACA HQ and current membership status. Please plan accordingly, as it may take 10 or more business days for a wire transfer or mailed check to reach ISACA. Should we receive payment after a registration rate deadline, your account will be adjusted to reflect the current due amount. Entrance to the conference and all related events is contingent upon full payment.

Discounts for the Conference are available, detailed below. To verify eligibility for any of these discounts, please contact https://support.isaca.org or +1.847.660.5505. Note that discounts cannot be applied retroactively.  All discounts are applied to the main conference registration fee, and cannot be applied to workshop registrations. 

You must be 18 years of age or older to attend this event.

Discounts

Group Discounts

ISACA offers discounts to organisations sending 4 or more employees to a single conference. Please contact the ISACA Conference department for more details at +1.847.660.5505 or https://support.isaca.org. Group registrations cannot be combined with any other registration discount offerings.

Government Discounts

ISACA offers a US $350 conference registration discount to government employees. Please contact the ISACA Conference department for more details and eligibility verification at +1.847.660.5505 or https://support.isaca.org; cannot be combined with any other registration discount offerings.

Academic and Student Discounts

ISACA offers a US $350 discount to academic institution employees and students. Please note that you must be an ISACA Student member in order to receive the student discount; additional membership and qualification details can be found here. For additional registration details and eligibility verification, please contact ISACA’s Conference Department at +1.847.660.5505 or https://support.isaca.org; cannot be combined with any other registration discount offerings.

Cancellation Policy

All cancellations must be received by the published deadline to receive a refund of registration fees. A cancellation charge of US $295 will be subtracted from conference refunds, and US $250 per workshop for a two-day workshop and US $125 for a one-day workshop from workshop refunds. No refunds can be given after the cancellation deadline above. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees.

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, conference fees must be received by the published deadline. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact the ISACA conference department.
Phone: +1.847.660.5505
Fax: +1.847.253.1443
E-mail: https://support.isaca.org

Payment Methods

  1. Pay online at https://conferences.isaca.org/cart

  2. Mail your payment to:
    ISACA
    1055 Paysphere Circle
    Chicago, IL 60674 USA 

  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America
    135 S. LaSalle St.
    Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    * Please include attendees name on the Advice of Transfer.

Disclaimer

ISACA reserves the right to alter or delete items from the programme in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording of presentations and workshops in any form is prohibited.

Please note that any attendee requested paperwork or documentation that ISACA needs to provide information or fill out, can take up to 10 business days.

Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the web site at www.isaca.org/membership or contact the membership department at membership@isaca.org.

NOTE:This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.

Consent for Photos, Audio and Video Recordings Taken at Events or for Marketing Purposes

I agree irrevocably and free of charge that ISACA or any third party who is acting on ISACA’s behalf may create images, videos and/or sound recordings of me (“works”) at the event for marketing purposes. For these purposes, the granting of rights in the works also includes the rights to adapt, reproduce, distribute, perform, making available to the public, broadcast, retransmit or sublicense the works to ISACA’s affiliates. The granting of rights in the works also includes all current and future media, goes beyond the repetition of an event and is not restricted to time or territory. View ISACA’s Privacy Notice >>

Dress

Business casual is appropriate for this and all ISACA conference events.

Justify Your Attendance

Click here for a deeper dive into how EuroCACS/CSX 2019 benefits your enterprise

Volunteers Needed!

Are you interested in volunteering at Euro CACS/CSX 2019?
Check out the volunteer opportunities and save on your CACS/CSX registration today!

 

Watch highlights from the 2018 EuroCACS conference and mark your calendar for 2019!

 

 

Review highlights from the 2018 CACS and CSX conferences to learn more about the sessions, speakers and networking you can expect at EuroCACS/CSX  2019.

CACS 2018 Conferences Report    CSX 2018 Conferences Report

 

Welcome to Geneva

Geneva

Birthplace of the World Wide Web, Geneva is a hub for technology. Take a break from the conference to enjoy the world-renowned architecture around Geneva or take in the natural beauty of the Alps and Mont Blanc.

Geneva's breathtaking views provide the perfect background for a variety of unforgettable experiences. Serving as the ideal starting point to the Alps, this cosmopolitan town also offers a vibrant cultural life and fine dining.

Renowned as the cradle of luxury watchmaking, Geneva's exclusive boutiques offer a unique shopping experience. The city's humanitarian role has also earned it the title of "Peace Capital" and this is the place where business leaders come to meet. Geneva is a place with multiple charms that never disappoint. Let yourself be swept away.

Click here to view a listing of venues and restaurants to visit while in Geneva. Courtesy of Switzerland Chapter member Paul Wang.

Palexpo Convention Centre

All conference events take place at the Palexpo Convention Centre, unless explicitly noted in the event schedule. ISACA highly recommends that attendees stay at the Starling Geneva Hotel, located across the street from the Convention Centre – see full hotel details below.





Explore Now

 

All conference events take place at the Palexpo Convention Centre, unless explicitly noted in the event schedule, but make sure you enjoy everything Geneva has to offer. Explore the conference destination interactive, digital map to plan your downtime in and around the event city, Geneva, Switzerland.

Enjoy a unique new way to view the city. Use this interactive guide to get to know what's around the conference. Explore, experience, and enjoy what Geneva has to offer.

Click here to view an interactive,
digital map of Geneva.

HOTELS

Starling Geneva Hotel

Route François-Peyrot 34
1218 Le Grand-Saconnex
Geneva,
Phone: +41 22 747 02 02
Click Here to Make Your Reservation

Welcome to the heart of the biggest hotel in Switzerland, the unique urban resort in Geneva. On site, the Starling Hotel Geneva invites you to take advantage of the many different facilities dedicated to business, sport and leisure. An experience to enjoy and savour, awaken all your senses on a gourmet getaway in 1 of our 4 restaurants and bar. Close to the city-center, it benefits from easy access to Geneva Airport as well as to Palexpo.

ROOM RATES
Business room for single or double occupancy per room, per night: CHF 240 (service and tax included)
City tax per person/per night: CHF 4 (Rate subject to change depending on law regulations for 2019)
Breakfast included in room rate

HOTEL CUT-OFF DATES
On Monday 8th July 2019, 30% of the rooms booked without names will be released.
On Wednesday 21st August 2019, 60% of the rooms booked without names will be released.
On Monday 9th September 2019, 100% of the rooms booked without names will be released.

Source:https://www.google.com/maps/embed/v1/place?key=AIzaSyBCVx-tEuRnYtbf-giBvHGUjRFcy1dUgKY&q=Starling+Hotel+Geneva

Getting There

With Worldwide by easyJet you can now book flights from far away destinations like New York and Singapore!

easyJet can connect you around the world and across Europe in one handy place with a quick and easy transfer through one of our connection hubs across Europe.

https://www.easyjet.com

Getting Around

By staying in a hotel, youth hostel or at a campsite, you are entitled to receive a personal and non transferable Geneva Transport Card for free, which will allow you to use the whole public transportation system of Geneva for the length of your stay for free. This includes buses, trams, trains and yellow taxi-boats - "Mouettes". Just ask for your card on arrival at reception.

http://www.geneva.info/transport/card/

Thank You to Our 2019 Sponsors!

Platinum

Adobe
Adobe

Making great experiences requires trust. Only Adobe gives everyone — from emerging artists to global brands — everything they need to design and deliver exceptional digital experiences. Learn how we help ensure they are trusted experiences at trust.adobe.com.

Vanguard Integrity Professionals
Vanguard Integrity Professionals

For more than 30 years, Vanguard has safeguarded the mission critical data and applications for the United States and other governments and the world’s largest financial, healthcare and retail organizations. Vanguard Integrity Professionals is the largest independent provider of enterprise security software addressing complex security and regulatory compliance challenges. Vanguard continuously drives innovation in security software and technology to stay ahead of evolving regulatory requirements and an ever-changing threatscape. Led by some of the most knowledgeable minds in the cybersecurity industry our security solutions lead the industry.

Gold

OneTrust
OneTrust

OneTrust is the #1 most widely used privacy, security and third-party risk technology platform trusted by more than 3,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world’s privacy and security laws. OneTrust’s three primary offerings include OneTrust Privacy Management Software, OneTrust PreferenceChoice consent and preference management software, and OneTrust Vendorpedia third-party risk management software and vendor risk exchange. To learn more, visit OneTrust.com or connect on LinkedInTwitter and Facebook.

Silver

ImmuniWeb
ImmuniWeb

ImmuniWeb is a global provider of web, API and mobile application security testing and security ratings. Our award-winning ImmuniWeb® AI platform leverages our proprietary Multilayer Application Security Testing technology for a rapid and DevSecOps-enabled application penetration testing. ImmuniWeb® AI Platform combines the genius of Human Intelligence with the power of Artificial Intelligence and Machine Learning.

Bronze

TACAS Consulting
TACAS

TACAS Consulting provides a range of consultancy services and software solutions in GRC and ITSM areas to its clients globally.

TACAS’s GOLDENHORN GRC Platform can give the business and organization a better understanding of the issues and the ability to make informed decisions that enable the resiliency to improve sustainability, performance, conformance, and maturity by enabling a consilient internal control system.

Supporting Sponsors

Access Informer
Etat de Geneve
SafePaaS
Switzerland Chapter

2019 Speakers

Alberto Grigoletto

Alberto Grigoletto

Chief Risk Officer, Generali IT

Alberto is currently the Head of Generali Group Operational Risk and Chief Risk Officer of Generali IT and Procurement Shared Services company. His current responsibilities include the development and implementation of the Group Capital Internal Model for Operational Risk and the management of the Group Operational and IT Risks framework. He has +20 years of experience in financial industry, also working in business process re-engineering as Head of Organization departments and leading the Project Management Office of Solvency 2 Project. Alberto holds a degree in Statistics from Padua University, Italy.

Ali Pabrai

Ali Pabrai

CEO, ecfirst

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security +, CCSFP, is the CEO of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to organizations worldwide. Mr. Pabrai has presented opening keynote and other sessions at several conferences, including ISACA, ISSA, FBI InfraGard, HIMSS, HCFA, HIPAA Summit, Microsoft Tech Forum, NASEBA Healthcare Congress (Middle East), Kingdom Healthcare (Saudi Arabia), Internet World, DCI Expo, Comdex, Net Secure, Nurse Practitioners Conference, National Council for Prescription Drug Programs (NCPDP), National Council for State Board of Nursing IT Conference, and many others.

Allan Boardman

Allan Boardman, CISA, CISM, CGEIT, CRISC

Director, CyberAdvisor.London

Allan is an experienced business advisor helping organizations manage their information and technology risks. He trained at Deloitte Cape Town where he qualified as a Chartered Accountant before moving to London in 1986. He has held leadership roles in audit, risk, security and governance at various global organizations including GSK, Morgan Stanley, JPMorgan, Goldman Sachs, PwC and KPMG. He is a Past President of ISACA London Chapter and has served on ISACA International’s Board of Directors, Strategic Advisory Council, Leadership Development Committee and chaired its Credentialing and Career Management Board, CISM Certification Committee and Audit and Risk Committee.

Icon

Anand Prakash Jangid, CISA

Managing Partner, AJA

A passionate evangelist for tech-based disruption in Audit & Finance domain, Anand is professionally a Chartered Accountant & Certified Information System Auditor. He is Managing partner at AJA, An Organization with focus in the area of Forensic audit, IS audit, Fraud Analytics and Blockchain for Internal Audit function. Anand was part of the risk management team at Goldman Sachs, covering multiple audits across much geography for different function in the organization. His areas of specialization were Forex audit, DP audits, Anti money laundering, Basel II, BCP and operational risk.

Icon

Anders Kjaergaard, CISA, CISM, CRISC

Director, Grant Thornton Denmark

More than 15 years of experience in IT Security and auditing. Director of IT Audit & Advisory for Grant Thornton, Denmark. Most recent work has been as internal auditor in the financial sector - Central Bank of Denmark and Danske Bank.

Andrea Pompili

Andrea Pompili, CISM

Cy4gate

Andrea Pompili is an information technology specialist that takes care of security. Andrea was well known in his youth to be one of the most famous Italian programmer of old computer games. Once graduated, he started working on enterprise software development, and then on computer security, following security threats and security solutions on strategic projects firstly for Wind Telecommunication and then for Telecom Italia. Currently Andrea is a strategy advisor in security and aims to discover and integrate innovative solutions for this connected world.

Icon

Andrew Neal, CISM, CRISC

Division President, TransPerfect

Andrew Neal is an executive and practitioner in the information security community. Advising on data privacy, security and litigation projects for internal and external clients around the globe, he serves as a trusted subject matter expert for business leaders and legal professionals. Andrew leverages 30 years of business, technical and risk management experience to build programs, lead teams and execute projects internally at TransPerfect and across a wide range of client organizations. An effective communicator and engaging speaker, Andrew presents at international conferences and seminars, and teaches at major universities. He is active in several professional organizations, focusing his efforts on the development of professional standards and the mentorship of other professionals. Living in Dallas, Texas, Andrew currently leads the Information Security and Compliance Services division at TransPerfect, a global business services company.

Asim Fareeduddin

VP, Regulatory Controls & IT Security Assurance, RELX Group

Asim Fareeduddin is Vice President, IT Security & Regulatory Controls Assurance for RELX. Asim has 19 years of experience in privacy, information security, compliance and audit. Asim’s experience includes building and executing audit programs, managing regulatory and injunctive relief compliance, HIPAA/HITECH, EU Data Privacy laws, SOC report, SOX audits, application and network security reviews, privacy and regulatory compliance with data privacy laws, and online privacy protection. Asim also has extensive experience in co-sourcing with external auditors as a value-added partner. Prior to RELX, Asim worked in “Big Four” IT audit/security. Asim earned his B.S. and master’s Degrees in Accounting with a Concentration in Information Systems from the University of Florida. He also holds the following professional certifications: Certified Information Privacy Professional, Certified Public Accountant, Certified Information Systems Auditor and Certified Information Security Manager. Additionally, Asim serves as a Part-Time Instructor at Georgia State University's Robinson College of Business where he teaches master’s level students on Internal Audit and Information Technology Audit.

Christian F. Nissen

Christian F. Nissen, CISM, CGEIT

Senior Consultant, CFN Consult ApS

Christian Feldbech Nissen has 30 years of experience in the IT domain, especially with IT service management, IT governance, IT operations and Information Security. He is recognised as an international thought leader, author and lecturer, but also as an experienced and down-to-earth practitioner striving to make things happen in real life. He has a long proven track record from around 150 of the largest private and public organisations in Denmark. Last, but not least, he holds more than 50 different certifications in IT Management, and has achieved the ITIL Master level, demonstrating that he has contributed with measurable results within all IT service management disciplines.

Claudio Cilli

Claudio Cilli, CISA, CISM, CGEIT, CRISC

University of Rome

Prof. Claudio Cilli is a recognised world leading authority in the areas of National Security and Intelligence, company protection, information systems security and compliance, with over 25 years of experience. He currently advises governments and int’l companies in the cyber-security and critical infrastructures protection areas. University professor and researcher. Lesson arguments include computer science, software compilers, lexical and semantic analysers, information systems analysis and development. Member of the scientific and advisory boards. Teacher in the post-graduate master’s in computer security and IT Governance. Consultant to the U.S. Government and companies who supply the Department of Defense. Consultant at the United Nations. With many big firms, he is responsible of IS Audit and security projects, which include civil and military sectors, software quality and code security, security of the information systems and installations. Designed and implemented systems based on mainframes and distributed architecture, including Disaster Recovery and both data and physical security, information and site protection.

Daniel Gnana

Daniel Gnana, CISA

Sr. Audit Manager, M.

Daniel is a senior consultant in information security governance, risks and compliance. He is also an assessor for ISO/IEC 9001 and 27001 certifications and provides training courses in cyber risks and security.

David Foote

David Foote

Chief Analyst & CEO, Foote Partners, LLC

David Foote is a tech labor trends benchmark research pioneer and one of the most quoted industry authorities on global tech workforce evolution. He has spent more than two decades introducing innovative data-driven benchmark research and analysis focusing on tech/business cross-skilling and management integration, while also pioneering new industry practices for more accurate compensation benchmarking and tracking/forecasting of tech skills supply and demand. He built his reputation at Gartner, META Group, and at several Silicon Valley companies prior to co-founding Foote Partners in 1997. Foote’s research-backed forecasts and analyses reach global audience of millions of business and technology professionals. At Foote Partners he leads a senior team of former Gartner, McKinsey & Company, and Mercer analysts, consultants and researchers in publishing continuously updated tech labor trends and compensation research supported by close research partnerships with 5,450 employers in Europe and North America.

Dina Numan

Head of Advanced Governance & Management Consultancy Service, ScanWave Comprehensive Technical Solutions

12 years of experience in IT Service Management, Quality Assurance, Quality Control, Process Reengineering, IT Governance. Leading COBIT 5 and COBIT 2019 adoption and implementation projects in Jordan.

Icon

Doug Grindstaff

E. Douglas Grindstaff II is a successful executive with a deep experience in the Bio Tech and High Tech industries. Grindstaff has held several Senior Executive and Board positions, in addition to his current role as Senior Vice President of Cybersecurity Solutions with the CMMI Institute, he previously served as CEO of NuSirt Sciences, CEO-in- Residence for Carnegie Innovations Portfolio and President of the Invisible Fence brand. Prior to that, he served as Chairman and President of Bioganic Biopesticide, where he oversaw rapid expansion into the retail marketplace, as well as the acquisition by a well-known consumer brands company. Grindstaff also served as an executive for a number of private and public consumer brand companies, including Kraft Foods, Inc.

Frank Downs

Frank Downs

Director and SME, Cybersecurity Practice, ISACA

Downs, an 11-year cybersecurity specialist, graduated with a bachelor’s degree in English from the University of Maryland, after which he promptly joined the US Department of Defense as a subject matter expert, working with computer networks on a daily basis. Realizing that English and cybersecurity were two very different concepts, Frank proceeded to obtain a master’s degree in cybersecurity from UMBC, after a pit stop at Johns Hopkins to obtain a master’s degree in Government. Eventually, he decided to ease the learning process for individuals transitioning from non-technical backgrounds into cybersecurity by becoming a full-time Intelligence and Operations Consultant for multiple federal law enforcement and intelligence agencies. He is now Director, Cyber Information Security Practices at ISACA, sharing the good news about ISACA’s Cybersecurity Nexus (CSX) platform.

Frans Szabo

Frans Szabo

Sr. Security Specialist, Rabobank

Frans Szabó has almost 30 years of experience in the banking industry. Working in -amongst others- the fields of core IT, Service- and delivery management, Continuity Management and marketing and customer support, Frans has "seen it all". In his previous position Frans protected the bank's customers against fraud through cybercrime. All the bad stuff he learned doing this, is put to use in his current role: Head of Red Teaming. Testing all of the bank's security measures as far as possible.

Graham McKay, CISM, CRISC

Data Protection Program Manager – EMEA, Deloitte

Passionately creating, collating and communicating knowledge to enable privacy and build secure, resilient communities, Graham is a driven, impactful privacy and security leader, developing people and deploying strategies with a business enabling focus. Combining privacy, technical, legal and regulatory expertise he provides expert, actionable, strategic guidance allowing organisations to align their behaviour and culture to deliver a privacy and security focus benefiting employees, stakeholders, clients and communities. Passionate about awareness, training and education, he has delivered transformational programs for privacy, data protection and security, focused on the individual. An international conference speaker he is dedicated to delivering awareness, training and education to the widest possible audience to influence positive behavioural change and increase societal security and privacy.

Guy Herbert

Guy Herbert, CISA

Head of IT Risk and Compliance, Atlassia

Guy has over 25 years working in IT and Technology across the Telecommunications, Finance, Pharmaceutical and Software industries. He has managed risk, compliance, audit and technical delivery teams during this time. Guy has been thinking of better ways for Atlassian to manage IT Risk and Compliance since Sept 2013. Atlassian is an Australian company started 16 years ago that builds software to help teams work better together – products include Jira, Confluence, Bitbucket and Bamboo.

Herbert McMorris

Herbert McMorris, CGEIT, CRISC, CISM, CISA

Lead Practitioner, KirkpatrickPrice

Herbert McMorris is a Lead Practitioner for KirkpatrickPrice. He has over 38 years of industry experience, including network engineering, governance, risk management, and control. Herbert holds several certifications including CISSP, CISA, CISM, CRISC, and CGEIT. Herbert provides services to clients and stakeholders who are seeking to understand compliance and regulatory requirements by helping them navigate the complex world of data security.

Horst Moll

Horst Moll, CISA, CISM, CRISC

Security Manager, Vodafone Deutschland GmbH

Horst Moll is Security Program Manager at Vodafone Germany. Before he joined Vodafone, he worked at the Deutsche Telekom, where he led the ISMS Certification for the German local market unit and was the Lead Architect for the Security Risk Management Process for Deutsche Telekom Group. Beforehand he was working as Information Security Consultant in different industries around the globe. He has a master of electrical engineering (RWTH Aachen) and achieved security certifications including CISA, CISM, CRISC, CISSP, MBCI, ISO/IEC 27001 Lead Auditor. Since 2007 he is a certified ISACA trainer.

Ian Musgrave

Ian Musgrave, CISA

Head of IT and Cyber Assurance, Uniac

Ian manages Uniac’s IT and Cyber Assurance service across its client base in the UK Higher Education sector. His team focuses on reviewing all elements of ICT risk including IT Strategy and Governance, Information Security, Data Protection and Cyber Security. Ian is a Certified Information Systems Auditor, CIA and has achieved PCI Professional status.

Ira Winkler

Ira Winkler

President, Secure Mentem

Ira Winkler, CISSP is President of Secure Mentem and author of Advanced Persistent Security. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. Most recently, CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader.

Jan Anisimowicz

Jan Anisimowicz, CISM, CRISC

Director Audit, Risk & Compliance, C&F Sp. Z O.o.

Experienced senior IT manager with over 20 years of experience in GRC (audit, risk and compliance management), Data warehousing, Business Intelligence, Big Data and data analysis. Broad business and technical perspective in telco, banking, pharma and insurance. A staunch supporter of a pragmatic, lean and cost effective approach to regulatory requirements implementation in the organizations. Active in the space of #FinTech, #InsurTech and #RegTech. Public speaker at international conferences (topics related to IT Security, Risk Management, Compliance, GRC and data privacy). Involved in the process of analysis and verification of how artificial intelligence could support auditors in the space of IoT, Big Data and dispersed IT environments. Strong supporter of blockchain technology, which in his opinion should be widely used based on Smart Contracts with respect to data privacy principles (Privacy By Design). Member of the blockchain working group under the supervision of the Polish Ministry of Digital Affairs. Active participant of international organizations: ISACA (CISM & CRISC certificates), PMI (PMP certificate) and IIA (Institute of Internal Auditors).

Jason Miller

Jason Miller

IT Security Assurance Manager, RELX Group

20+ years in networking, security, audit/assessment; CISSP, CIPP/US, MSIA; Masters in Information Assurance – Norwich University (Northfield, VT) Relevant Experience: +Worked in “Big Four” with Information Security & Cybersecurity Groups +Information Security Assessments +Managing security programs for Banking, Healthcare, & Business Services

Joeseph Vest

Joseph Vest

Director of Training, SpecterOps

Driven by his curiosity, perseverance, and passion for technology, Joe Vest's mantra for his work and teaching is: "Often the journey of an experience can be as valuable as the end." Joe has than 17 years of experience in red teaming, penetration testing, and application security. Experience ranges from authoring and instructing a SANS red team course, to owning and operating a security consulting company, to acting as technical lead for a DOD red team. He has also worked in numerous commercial sectors, which has given him extensive knowledge of cyber threats, tools, and tactics, including threat emulation and threat detection. Today, Joe is the training director at SpecterOps where he uses his experience in red team operations, cyber threat analysis, cyber threat emulation and replication, application security, vulnerability assessment and mitigation, and incident mitigation to train and educate. Joe has a variety of professional certifications. When he's not teaching or evangelizing about cybersecurity, you'll find Joe out skateboarding or paddle boarding with his son.

John Wallhoff

John Wallhoff, CISA, CISM

Advisor/Management Consultant, Scillani Information AB

John Wallhoff (CISA, CISM, CISSP), president ISACA Sweden Chapter, is a management consultant and advisor in IT & Security and Fraud & Corruption. With practical experience in analytics for over 20 years, he has gained a sense of what data can do to an organization and can still get fascinated when having data at his fingertips.

Jorke Kamstra

Jorke Kamstra, CISA

IT Risk Manager, Euroclear

Jorke Kamstra is a fireman wearing a suit and a tie. My focus at Euroclear is on IT cyber resilience, assessment methodology and policy building. As a risk manager I identify, challenge and advice on existing cyber practices. Previously I was a banking regulator, project manager and a Unix system engineer. I am passionate about communication and public speaking and I am convinced that creating a platform for communicating our problems, risks and threats enables us all to learn from feedback and better prepare for success.

Icon

Jose Ramon Coz Fernandez, CGEIT, CRISC, CISM, CISA

Cyber Internal Auditor, European Space Agency

He has over twenty years of experience in the field of ICT covering different positions: auditor, project manager, consultant, architect and analyst. Currently working as GNSS Cyber Internal Auditor at the European Space Agency, and he is a researcher in the Department of Applied Economics at the Complutense University of Madrid. He is professor at several institutions, universities and business schools. He collaborates as a reviewer for several international journals and he is member of several committees and IT associations.

Joseph Mayo, CRISC

Program Manager, J. W. Mayo Consulting LLC

Joseph W. Mayo is an award-winning project manager and Internationally recognized risk management expert. Mr. Mayo is an Information Technology professional with over 28 years of experience. He holds a bachelor’s degree in Information Technology and a master’s degree in Information Systems. Mr. Mayo is a PMI certified Project Management Professional (PMP), Risk Management Professional (RMP), holds Certified in Risk and Information Systems Control (CRISC) credential from the Information Systems Audit and Control Association (ISACA), and is certified by the Risk Management Society (RIMS) as a Certified Risk Management Professional (RIMS-CRMP). Mr. Mayo is the first risk practitioner to be credentialed by the three internationally recognized, risk management credentialing bodies; PMI, ISACA, and RIMS. He is an active industry volunteer who regularly participates in industry working groups and strives to enhance global risk management and project management practices. He is an author, speaker and conference presenter on topics that include risk management, project management, and quality assurance.

Icon

Kaya Kazmirci, CISA, CISM, CRISC, CGEIT

Managing Director, Kazmirci Associates

Kaya Kazmirci specializes in Fintech Governance & Cybersecurity Services and offers related trainings including: CISA, COBIT, CISM, CRISC, CGEIT, CISSP, and ITIL. He is presently teaching at Bosphorous University and was previously the Internal Audit Director in Istanbul Turkey for Avea (Mobile Telco operator). Kaya has a bachelor’s degree in Engineering Sciences Modified with Computer Science and Electronics from Dartmouth College and is a CISA, CISM and CISSP. Kaya has over 30 years of experience in Information Technology and Business. Kaya is one of the ISACA Istanbul Chapter founders and a past Chapter President. He has extensive experience in restructuring the IT function, and implementation of audit methodologies in large banks and telecommunication operators. Kaya’s experiences include extensive reviews of financial management systems including banking, billing and charging, accounting and ERP (SAP & Oracle) systems, and IT organizations. Kaya also has experience in providing technical, operational, organizational, security and theoretical advice to Internet and e-Commerce focused organizations. Kaya is well versed in generally accepted IT standards such as COBIT, Prince2, ITIL, the International Standard 27001 for Information Security Management, and NIST Standards.

Kaya Kazmirci specializes in Fintech Governance & Cybersecurity Services and offers related trainings including: CISA, COBIT, CISM, CRISC, CGEIT, CISSP, and ITIL. He is presently teaching at Bosphorous University and was previously the Internal Audit Director in Istanbul Turkey for Avea (Mobile Telco operator). Kaya has a bachelor’s degree in Engineering Sciences Modified with Computer Science and Electronics from Dartmouth College and is a CISA, CISM and CISSP. Kaya has over 30 years of experience in Information Technology and Business. Kaya is one of the ISACA Istanbul Chapter founders and a past Chapter President. He has extensive experience in restructuring the IT function, and implementation of audit methodologies in large banks and telecommunication operators. Kaya’s experiences include extensive reviews of financial management systems including banking, billing and charging, accounting and ERP (SAP & Oracle) systems, and IT organizations. Kaya also has experience in providing technical, operational, organizational, security and theoretical advice to Internet and e-Commerce focused organizations. Kaya is well versed in generally accepted IT standards such as COBIT, Prince2, ITIL, the International Standard 27001 for Information Security Management, and NIST Standards.

Kodjo Mawugbe Akpondeou

Kodjo Mawugbé Akpondeou, CISA

Manager, EXCO AFRICA

Kodjo Mawugbé AKPONDEOU is a young Manager at EXCO AFRICA, with the challenge of building an IT Audit and Advisory Team in West Africa. He joined EXCO after more than Six years spent at KPMG where he oversaw both IT and Financial audit and Advisory engagements. He worked in many countries in West Africa, such as Ghana, Togo, Côte d’Ivoire, Mali, and Benin. Kodjo is a chartered public accountant and has developed a real passion for IT Audit, but a lot more for IT Security. Therefore, he endeavors to be CISA and CEH certified. He thinks that no one can know it all, so he is a continuous learner. He hopes he will learn a lot from exchanges he will have with highly qualified professionals of ISACA.

Kodjo Mawugbé AKPONDEOU is a young Manager at EXCO AFRICA, with the challenge of building an IT Audit and Advisory Team in West Africa. He joined EXCO after more than Six years spent at KPMG where he oversaw both IT and Financial audit and Advisory engagements. He worked in many countries in West Africa, such as Ghana, Togo, Côte d’Ivoire, Mali, and Benin. Kodjo is a chartered public accountant and has developed a real passion for IT Audit, but a lot more for IT Security. Therefore, he endeavors to be CISA and CEH certified. He thinks that no one can know it all, so he is a continuous learner. He hopes he will learn a lot from exchanges he will have with highly qualified professionals of ISACA.

Leighton Johnson

Leighton Johnson, CISA, CISM, CRISC, COBIT 5

ISFMT

Leighton is the CTO of ISFMT (Information Security Forensics Management Team), a provider of computer security & forensics consulting and certification training, and has presented computer security, cyber security and forensics lectures, conference presentations and seminars all across the United States, Asia and Europe. He is also the founder and CEO of Chimera Security, a research and development company delving into the realms of cryptography, Blockchain, mobile technology and cloud computing to create better and more secure solutions for today’s advanced users and providers. He has over 40 years’ experience in Computer Security, Cyber Security, Software Development and Communications Equipment Operations & Maintenance spanning the industries of retail, government, defense industrial base, banking, and information technology. He retains many professional security certifications, including CISA, CISM, COBIT 5, CAC and CRISC and has taught certification, risk management, forensics and auditing courses around the world over the past 15 years. He performs additional duties as the SC-ISACA Board VP and Chapter Instructor, and he recently was awarded the HQ ISACA Accredited Trainer status by ISACA and APMG.

Leighton is the CTO of ISFMT (Information Security Forensics Management Team), a provider of computer security & forensics consulting and certification training, and has presented computer security, cyber security and forensics lectures, conference presentations and seminars all across the United States, Asia and Europe. He is also the founder and CEO of Chimera Security, a research and development company delving into the realms of cryptography, Blockchain, mobile technology and cloud computing to create better and more secure solutions for today’s advanced users and providers. He has over 40 years’ experience in Computer Security, Cyber Security, Software Development and Communications Equipment Operations & Maintenance spanning the industries of retail, government, defense industrial base, banking, and information technology. He retains many professional security certifications, including CISA, CISM, COBIT 5, CAC and CRISC and has taught certification, risk management, forensics and auditing courses around the world over the past 15 years. He performs additional duties as the SC-ISACA Board VP and Chapter Instructor, and he recently was awarded the HQ ISACA Accredited Trainer status by ISACA and APMG.

Linas Laucius

Linas Laucius, CISA, CISM, CRISC

Lead Cyber Security Auditor, Nasdaq

On 2002 I've started my professional career as a system administrator in Security Service of Lithuania. Later I have decided to expand my technical background and from system administrator I moved to a network engineering area. Around year 2006 Information security became an area of high interest and importance in Lithuania. Therefore, I turned my career this way and after finishing lots of Information Security related courses, in country and abroad, I was promoted to a role, equivalent to CISO, on Lithuanian government owned Enterprise Centre of Registers. I have spent in this role 5 years. Since 2011 I am an ISACA Lithuanian chapter member. Lithuanian territory limited business area and local Lithuanian Enterprise was not a challenge anymore after 5 years. Looking for a new professional opportunities and further professional growth I have joined Information Security team of worldwide company Western Union. I was responsible for a 3rd party risk assessments and participated as an InfoSec expert on assigned technical projects. Part of my job was security architecture. In a few years, on 2016, I've received a new opportunity to join a second-largest stock exchange in the world - Nasdaq in the role of Lead Cyber Security Auditor. With still a great passion and strong enthusiasm I am 3 years in this role already.

On 2002 I've started my professional career as a system administrator in Security Service of Lithuania. Later I have decided to expand my technical background and from system administrator I moved to a network engineering area. Around year 2006 Information security became an area of high interest and importance in Lithuania. Therefore, I turned my career this way and after finishing lots of Information Security related courses, in country and abroad, I was promoted to a role, equivalent to CISO, on Lithuanian government owned Enterprise Centre of Registers. I have spent in this role 5 years. Since 2011 I am an ISACA Lithuanian chapter member. Lithuanian territory limited business area and local Lithuanian Enterprise was not a challenge anymore after 5 years. Looking for a new professional opportunities and further professional growth I have joined Information Security team of worldwide company Western Union. I was responsible for a 3rd party risk assessments and participated as an InfoSec expert on assigned technical projects. Part of my job was security architecture. In a few years, on 2016, I've received a new opportunity to join a second-largest stock exchange in the world - Nasdaq in the role of Lead Cyber Security Auditor. With still a great passion and strong enthusiasm I am 3 years in this role already.

Mahmoud Abouelhassan

Mahmoud Abouelhassan

Senior Manager, E-Finance

Mahmoud is an expert in IT field with 20+ years of Experience focusing mainly on Digital Transformation, Information Security, IT Projects and Operations Management. His experience diversified in several Business areas like Digital Transformation, Data Center services, Cloud and Virtual Hosting, ISO 27001,20000, 9001, 22301, E- Commerce, IT Strategy and Business Transformation, Budgeting and Enterprise Planning. He held several positions like Applications and E-commerce Manager, Data Center Operations Senior Manager, Head of PMO in Raya “one of the largest technology companies in Egypt”, recently he is Senior Manager (Digital Transformation) in E-Finance. Mahmoud one of the main players in the successful transformation like one of the most famous e-commerce websites in Egypt rayashop.com, actively involved in launching Raya Nigeria and Raya Algeria. In addition to Data Center business from the startup to be one of the Key Data Center Providers and one of the key players in the Egyptian Data Center Market, differentiated by its ISO certificates and skilled people, Participated in creating 5 years strategic plan with extensive engagement with the Business. Mahmoud holds B.Sc. from Cairo University, M.Sc. from Middlesex UK in Computer Science, Data Center Expert from Capitoline, and Advancement Management Program from RITTI.

Mahmoud is an expert in IT field with 20+ years of Experience focusing mainly on Digital Transformation, Information Security, IT Projects and Operations Management. His experience diversified in several Business areas like Digital Transformation, Data Center services, Cloud and Virtual Hosting, ISO 27001,20000, 9001, 22301, E- Commerce, IT Strategy and Business Transformation, Budgeting and Enterprise Planning. He held several positions like Applications and E-commerce Manager, Data Center Operations Senior Manager, Head of PMO in Raya “one of the largest technology companies in Egypt”, recently he is Senior Manager (Digital Transformation) in E-Finance. Mahmoud one of the main players in the successful transformation like one of the most famous e-commerce websites in Egypt rayashop.com, actively involved in launching Raya Nigeria and Raya Algeria. In addition to Data Center business from the startup to be one of the Key Data Center Providers and one of the key players in the Egyptian Data Center Market, differentiated by its ISO certificates and skilled people, Participated in creating 5 years strategic plan with extensive engagement with the Business. Mahmoud holds B.Sc. from Cairo University, M.Sc. from Middlesex UK in Computer Science, Data Center Expert from Capitoline, and Advancement Management Program from RITTI.

Manoj Patel

Manoj Patel

Security & Risk Practice EMEA, ServiceNow

Manoj Patel, serves as Senior Advisor for ServiceNow’s Global CyberSecurity and Risk Practice, focused on solving Enterprise Risk & Cyber Security challenges. Manoj brings a total of 20+ years of experience in CyberSecurity, Integrated Risk Management, and Enterprise Legal Management in different senior positions from multinational organizations. He holds an MBA from UK, M.S. from Germany, and B.Sc. (Physics) from India. He is certified as GRCP and in CyberSecurity. Occasionally, he does exhibition of his paintings in his favorite jazz club – Einstein - in Munich.

Manoj Patel, serves as Senior Advisor for ServiceNow’s Global CyberSecurity and Risk Practice, focused on solving Enterprise Risk & Cyber Security challenges. Manoj brings a total of 20+ years of experience in CyberSecurity, Integrated Risk Management, and Enterprise Legal Management in different senior positions from multinational organizations. He holds an MBA from UK, M.S. from Germany, and B.Sc. (Physics) from India. He is certified as GRCP and in CyberSecurity. Occasionally, he does exhibition of his paintings in his favorite jazz club – Einstein - in Munich.

Marco Salvato

Marco Salvato, CISA, CISM, CGEIT, CRISC

Generali

I am passionate about IT Governance, process design, security management and, of course, risk management. In the past I was a developer, an entrepreneur, and a consultant for over 10 years in KPMG. For the past 10 years I have been working for the Generali Group in IT Security, IT Processes and IT Governance. Since 2018 I have been responsible for Digital Risk at Group level. As a volunteer, I was one of the founders of the ISACA VENICE Chapter where I currently teach the CISA and COBIT 5 modules.

I am passionate about IT Governance, process design, security management and, of course, risk management. In the past I was a developer, an entrepreneur, and a consultant for over 10 years in KPMG. For the past 10 years I have been working for the Generali Group in IT Security, IT Processes and IT Governance. Since 2018 I have been responsible for Digital Risk at Group level. As a volunteer, I was one of the founders of the ISACA VENICE Chapter where I currently teach the CISA and COBIT 5 modules.

Matthias Kraft

Matthias Kraft, CISA, CISM, CGEIT, CRISC

Associate Director - Internal Audit, Fidelity International

Matthias is an Information Security & Technology Audit executive with 15+ years of experience within the IT industry. Matthias is a global citizen with working experiences from Germany, France, Luxembourg and New Zealand where he helped customers achieving potential in the areas of Information Security, Information Risk Management and Information Systems Audit. He currently works as Associate Director Internal Audit for Fidelity International, a global investment and asset management company. Matthias is based in Germany and Luxembourg and holds multiple professional certifications such as CISA, CISM, CGEIT, CRISC and ISO27001LA.

Matthias is an Information Security & Technology Audit executive with 15+ years of experience within the IT industry. Matthias is a global citizen with working experiences from Germany, France, Luxembourg and New Zealand where he helped customers achieving potential in the areas of Information Security, Information Risk Management and Information Systems Audit. He currently works as Associate Director Internal Audit for Fidelity International, a global investment and asset management company. Matthias is based in Germany and Luxembourg and holds multiple professional certifications such as CISA, CISM, CGEIT, CRISC and ISO27001LA.

Mike Dodson

Mike Dodson – EuroCACS 2018

Mike Dodson is VP Worldwide Customer Security Strategy and Solutions at Venafi, where he helps Global 5000 companies and organizations protect their machine identities—securing keys, certificates, and cryptographic systems that form the basis of privacy, security and identity in all enterprises. A Master's degree in computer engineering with additional training in cryptography, combined with 25 years of operational experience and consulting, give Mike a deep and practical understanding of the problems that occur in real-world IT environments.

Mike Dodson is VP Worldwide Customer Security Strategy and Solutions at Venafi, where he helps Global 5000 companies and organizations protect their machine identities—securing keys, certificates, and cryptographic systems that form the basis of privacy, security and identity in all enterprises. A Master's degree in computer engineering with additional training in cryptography, combined with 25 years of operational experience and consulting, give Mike a deep and practical understanding of the problems that occur in real-world IT environments.

Choudhary Neetu

Neetu Choudhary, CGEIT

Project Lead-CMMI, DP World, Jabel Ali Freezone

Neetu Choudhary is a passionate quality and business excellence professional with more than 17 years of experience. She holds a master’s degree in Computer Application with honours. She is an ASQ Certified Six Sigma Black Belt practitioner, EFQM certified assessor, CMMI associate, ISACA certified in the governance of enterprise IT (CGEIT) and ISO 9001-2015 certified lead auditor. She has published several articles and facilitated many presentations on quality, six sigma, business excellence, risks and project management. As a philanthropist, Neetu works on to create a better world for all beings by sharing her distinctive insight through writing and speaking about “peace through parenting”, compassion, world peace and humanity.

Neetu Choudhary is a passionate quality and business excellence professional with more than 17 years of experience. She holds a master’s degree in Computer Application with honours. She is an ASQ Certified Six Sigma Black Belt practitioner, EFQM certified assessor, CMMI associate, ISACA certified in the governance of enterprise IT (CGEIT) and ISO 9001-2015 certified lead auditor. She has published several articles and facilitated many presentations on quality, six sigma, business excellence, risks and project management. As a philanthropist, Neetu works on to create a better world for all beings by sharing her distinctive insight through writing and speaking about “peace through parenting”, compassion, world peace and humanity.

Nigel King

Nigel King, CISA, CISM, CGEIT, CRISC

Nigel is Chief Strategy Officer for SafePaaS, the leading Risk Management platform for large enterprises. Nigel is also Senior Lecturer in Information Technology at Nottingham Trent University. Nigel has recently returned to the United Kingdom after a long career in Silicon Valley where he was Chief Architect and Chief Information Security Officer for PowerSchool, the leading education technology platform in North America and before that he was Vice President for Security and Functional Architecture for Oracle's Cloud Applications.

Nigel is Chief Strategy Officer for SafePaaS, the leading Risk Management platform for large enterprises. Nigel is also Senior Lecturer in Information Technology at Nottingham Trent University. Nigel has recently returned to the United Kingdom after a long career in Silicon Valley where he was Chief Architect and Chief Information Security Officer for PowerSchool, the leading education technology platform in North America and before that he was Vice President for Security and Functional Architecture for Oracle's Cloud Applications.

Pablo Ballarin

Pablo Ballarin, CISA, CISM

Cybersecurity Specialist, Balusian

I provide strategic services related with cybersecurity governance, risk management frameworks and compliance. In the last years I have assisted top companies in different industries (retail, banking, telecommunications, public administrations, media, and entertainment) in Europe and South America. I also work as IT auditor for telecommunications regulators in South America, I'm an Associate Professor and cybersecurity trainer, member of the board of ISACA Valencia and speaker. In the last year I have directed a research related with cybersecurity and privacy issues in Brain Computer Interfaces solutions and ethical issues in AI algorithms.

I provide strategic services related with cybersecurity governance, risk management frameworks and compliance. In the last years I have assisted top companies in different industries (retail, banking, telecommunications, public administrations, media, and entertainment) in Europe and South America. I also work as IT auditor for telecommunications regulators in South America, I'm an Associate Professor and cybersecurity trainer, member of the board of ISACA Valencia and speaker. In the last year I have directed a research related with cybersecurity and privacy issues in Brain Computer Interfaces solutions and ethical issues in AI algorithms.

Prasant Vadlamudi

Prasant Vadlamudi, CISA

Director - Technology GRC, Adobe

Prasant Vadlamudi has more than 12 years of experience in the technology audit and compliance field. He currently works as Director of the “Technology – GRC” group @ Adobe and is responsible for leading the compliance efforts across all of Adobe. He has extensive experience in various cloud-based security and compliance related audits and is very familiar with frameworks like SOC2, ISO, PCI, HIPAA and FedRAMP. Prior to joining Adobe Prasant used to work with the ITRA division at Ernst and Young. Prasant is also the main architect of the Common Control Framework (CCF) by Adobe which is the cornerstone of Adobe’s company-wide compliance strategy.

Prasant Vadlamudi has more than 12 years of experience in the technology audit and compliance field. He currently works as Director of the “Technology – GRC” group @ Adobe and is responsible for leading the compliance efforts across all of Adobe. He has extensive experience in various cloud-based security and compliance related audits and is very familiar with frameworks like SOC2, ISO, PCI, HIPAA and FedRAMP. Prior to joining Adobe Prasant used to work with the ITRA division at Ernst and Young. Prasant is also the main architect of the Common Control Framework (CCF) by Adobe which is the cornerstone of Adobe’s company-wide compliance strategy.

Qadir Abdul

Qadir Abdul

Internal Audit Manager, B2V Gestion

R.V. Raghu

R.V. Raghu, CISA, CRISC

Director, Versatilist Consulting India Pvt. Ltd

R.V. Raghu, CISA, CRISC, is director of Versatilist Consulting India Pvt. Ltd. Raghu cofounded Versatilist, which provides consulting, training and auditing services in information security, IT service management, business continuity and enterprise risk management. Raghu has more than a decade of extensive, hands-on, global experience across various verticals, such as engineering, manufacturing, IT, ITeS, BFSI, chemicals, mining and telecom. He has provided training, consulting and implementation support for establishing management systems compliant to ISO international standards and other frameworks, such as CMMI and COBIT. He is a gold level member of ISACA and is immediate past president of the ISACA Bangalore Chapter, where he has served as director of membership, secretary, vice president previously.

R.V. Raghu, CISA, CRISC, is director of Versatilist Consulting India Pvt. Ltd. Raghu cofounded Versatilist, which provides consulting, training and auditing services in information security, IT service management, business continuity and enterprise risk management. Raghu has more than a decade of extensive, hands-on, global experience across various verticals, such as engineering, manufacturing, IT, ITeS, BFSI, chemicals, mining and telecom. He has provided training, consulting and implementation support for establishing management systems compliant to ISO international standards and other frameworks, such as CMMI and COBIT. He is a gold level member of ISACA and is immediate past president of the ISACA Bangalore Chapter, where he has served as director of membership, secretary, vice president previously.

Rahat Sethi

Rahat Sethi

Manager, Technology GRC, Adobe

Rami Sukkar

Rami Sukkar, CISA, CRISC

Risk Manager, Averda

I am a seasoned IT manager, with a passion for improving the performance of organizations, through the use of best practices’ frameworks in IT, governance, risk and project management. Additionally, I also train employees on topics related to the optimization of IT & project management processes, and Cyber security awareness. Working as an IT Governance and Risk Manager at my current company today, I have helped in the establishment of a corporate governance framework, through the rollout of IT Policies and Procedures using ITIL, a Risk Management framework using ISO 31000, and an IT security platform covering the hardening of Cybersecurity controls and measures, and employee training.

I am a seasoned IT manager, with a passion for improving the performance of organizations, through the use of best practices’ frameworks in IT, governance, risk and project management. Additionally, I also train employees on topics related to the optimization of IT & project management processes, and Cyber security awareness. Working as an IT Governance and Risk Manager at my current company today, I have helped in the establishment of a corporate governance framework, through the rollout of IT Policies and Procedures using ITIL, a Risk Management framework using ISO 31000, and an IT security platform covering the hardening of Cybersecurity controls and measures, and employee training.

Ramzi Sunna

Chairman, ScanWave Comprehensive Technical Solutions

Icon

Robert Findlay

Global Head of IT Audit, Glanbia

Currently the Global Head of IT Audit at Irish dairy and protein leader Glanbia, Bob has over 30 years IT, audit and security experience. Having started in mainframe computer operations for a French Bank in the 1980’s Bob has managed most IT functions including programming, project management and data centre operations in addition to significant stints in IT audit and as Chief Information Security Officer. Bob started working in IT audit in the Audit Commission and has since managed and set up IT audit functions in global businesses, such as British Airways, The Co-operative Group, ARYZTA, Paddy Power and now Glanbia as well as spells consulting for EY.

Currently the Global Head of IT Audit at Irish dairy and protein leader Glanbia, Bob has over 30 years IT, audit and security experience. Having started in mainframe computer operations for a French Bank in the 1980’s Bob has managed most IT functions including programming, project management and data centre operations in addition to significant stints in IT audit and as Chief Information Security Officer. Bob started working in IT audit in the Audit Commission and has since managed and set up IT audit functions in global businesses, such as British Airways, The Co-operative Group, ARYZTA, Paddy Power and now Glanbia as well as spells consulting for EY.

Rosemary Amato

Rosemary M. Amato, CISA

Head of Demand Management, ING Bank

Being one never afraid to challenge the status quo, Rosemary has spent her career first as a Management Accountant, and then at a Big 4 helping companies grow, innovate, and become a leader in their industry. Currently Rosemary works for ING Bank, in the global office of data management serving in the role of Head of Demand Management. Previously she was a Director within the Central Mediterranean Firm of Deloitte, based in Malta, and prior to that she was based in Amsterdam where she was a Managing Director within Deloitte’s Global Finance organization.

Being one never afraid to challenge the status quo, Rosemary has spent her career first as a Management Accountant, and then at a Big 4 helping companies grow, innovate, and become a leader in their industry. Currently Rosemary works for ING Bank, in the global office of data management serving in the role of Head of Demand Management. Previously she was a Director within the Central Mediterranean Firm of Deloitte, based in Malta, and prior to that she was based in Amsterdam where she was a Managing Director within Deloitte’s Global Finance organization.

Sergiu Zaharia

Sergiu Zaharia

Technology Architect, BearingPoint

Sergiu began his security career in 1999 as IT security engineer with Defense Intelligence, focusing on network security and cryptology, gathering multi-disciplinary experience as Chief Information Security Officer with telco, banking and retail players. As Central Security Director of Telekom Romania, in 2010 Sergiu unified a wide range of security teams into one, directly reporting to the CEO. As a member of Business Continuity Management and Crisis Management groups of excellence in Deutsche Telekom, Sergiu benefited from a know-how transfer from top global cyber resilience experts. Currently he’s developing the Security Center of Excellence in Romania and provides security advice to customers across several sectors. Sergiu has a master’s degree and a merit diploma in IT Security from the Military Technical Academy of Bucharest and started his PhD in 2017, with the aim of improving application security review through machine learning algorithms.

Sergiu began his security career in 1999 as IT security engineer with Defense Intelligence, focusing on network security and cryptology, gathering multi-disciplinary experience as Chief Information Security Officer with telco, banking and retail players. As Central Security Director of Telekom Romania, in 2010 Sergiu unified a wide range of security teams into one, directly reporting to the CEO. As a member of Business Continuity Management and Crisis Management groups of excellence in Deutsche Telekom, Sergiu benefited from a know-how transfer from top global cyber resilience experts. Currently he’s developing the Security Center of Excellence in Romania and provides security advice to customers across several sectors. Sergiu has a master’s degree and a merit diploma in IT Security from the Military Technical Academy of Bucharest and started his PhD in 2017, with the aim of improving application security review through machine learning algorithms.

Surinder Rait

Surinder Singh Rait, CISA, CISM

Senior Corporate IT Auditor, Ericsson

20 years of experience in Information/ Cyber Security being held senior management positions in my past experiences. Currently working as Senior Corporate IT Auditor in Ericsson. Handled global implementations of projects in ISO27001, NIST Cyber Security Framework, DLP, NAC, Global SOC.

20 years of experience in Information/ Cyber Security being held senior management positions in my past experiences. Currently working as Senior Corporate IT Auditor in Ericsson. Handled global implementations of projects in ISO27001, NIST Cyber Security Framework, DLP, NAC, Global SOC.

Icon

Susanne Moeller-Hansen, CISA, CISM

Security Consultant, Future Security

Susanne has more than 10 years of experience with security consulting regarding cyber-, data- and information security and GDPR. She started working as internal IT auditor, continued to compliance, took some years as PCI DSS auditor, and have for the last 5 years provided consulting on Cyber and information security, and some compliance such as GDPR. She has worked with both private companies, especially within the financial sector and within the public sector. At the latest she has worked with cyber- and it-security consulting, especially with GDPR, ISO27001/2 implementation and as security consultant at a number of organisations. Susanne primarily works on the strategic, organisational and documentational level in an organisation. She is not one who herself implements technical solutions, but primarily acts as a link between technicicans and management and ”translates” security issues and requirements so that both management and technical employees understands.

Susanne has more than 10 years of experience with security consulting regarding cyber-, data- and information security and GDPR. She started working as internal IT auditor, continued to compliance, took some years as PCI DSS auditor, and have for the last 5 years provided consulting on Cyber and information security, and some compliance such as GDPR. She has worked with both private companies, especially within the financial sector and within the public sector. At the latest she has worked with cyber- and it-security consulting, especially with GDPR, ISO27001/2 implementation and as security consultant at a number of organisations. Susanne primarily works on the strategic, organisational and documentational level in an organisation. She is not one who herself implements technical solutions, but primarily acts as a link between technicicans and management and ”translates” security issues and requirements so that both management and technical employees understands.

Tichaona Zororo

Tichaona Zororo, CISA, CISM, CGEIT, CRISC, COBIT 5 Certified Assessor

Director, Board of Directors, ISACA

Tichaona Zororo, CISA, CISM, CGEIT, CRISC, COBIT 5 Certified Assessor, CIA, CRMA, is an IT Advisory Executive with EGIT | Enterprise Governance of IT (Pty) Ltd., an IT Advisory firm (South Africa). He has several years of in-depth experience in mainstream IT, IT auditing, cybersecurity, IT governance and IT risk across private and public sectors in Africa, Europe, the USA and Asia. Zororo is an advisor to a number of boards of directors, IT and business leaders across the globe on governance of enterprise IT, cybersecurity, IT auditing, IT risk, innovation and digital transformation. He was involved in the development of numerous ISACA white papers and COBIT 5 publications. A renowned COBIT expert, advisor and accredited trainer, Zororo is credited for being the first COBIT 5 Certified Assessor in Southern Africa. He has served on the ISACA Framework Committee, CGEIT Test Enhancement Subcommittee and the External Advocacy Committee. He is a recipient of the ISACA 2017 Harold Weiss Award for Outstanding Achievement, which recognizes an individual for sustained contributions to the advancement of the governance of enterprise IT. Zororo was voted a top speaker at 2017 Asia Pacific CACS and 2017 Africa CACS conferences. He is the Immediate Past President of the ISACA South Africa chapter.

Tichaona Zororo, CISA, CISM, CGEIT, CRISC, COBIT 5 Certified Assessor, CIA, CRMA, is an IT Advisory Executive with EGIT | Enterprise Governance of IT (Pty) Ltd., an IT Advisory firm (South Africa). He has several years of in-depth experience in mainstream IT, IT auditing, cybersecurity, IT governance and IT risk across private and public sectors in Africa, Europe, the USA and Asia. Zororo is an advisor to a number of boards of directors, IT and business leaders across the globe on governance of enterprise IT, cybersecurity, IT auditing, IT risk, innovation and digital transformation. He was involved in the development of numerous ISACA white papers and COBIT 5 publications. A renowned COBIT expert, advisor and accredited trainer, Zororo is credited for being the first COBIT 5 Certified Assessor in Southern Africa. He has served on the ISACA Framework Committee, CGEIT Test Enhancement Subcommittee and the External Advocacy Committee. He is a recipient of the ISACA 2017 Harold Weiss Award for Outstanding Achievement, which recognizes an individual for sustained contributions to the advancement of the governance of enterprise IT. Zororo was voted a top speaker at 2017 Asia Pacific CACS and 2017 Africa CACS conferences. He is the Immediate Past President of the ISACA South Africa chapter.

Tony Gee

Security Researcher and Consultant, Pen Test Partners LLP

Tony has over 13 years of security experience, he has worked both as an internal blue team consultant within the finance industry and for the technology partner for the world leading Oyster card system and more latterly as an external security tester and auditor. Tony speaks the world over at technology events highlighting key risks with the internet of things, automotive and maritime and key payment systems. Tony is able to illustrate and demonstrate critical issues in these systems in a way the audiences of all levels can understand. He has spoken at PCI events in Europe and Asia, at the SC Congress in London, ISACA CSX Europe, technical conferences such as BSides and many other partner events, including speaking at the US Congress, European Central Bank and the European Parliament.

Tony has over 13 years of security experience, he has worked both as an internal blue team consultant within the finance industry and for the technology partner for the world leading Oyster card system and more latterly as an external security tester and auditor. Tony speaks the world over at technology events highlighting key risks with the internet of things, automotive and maritime and key payment systems. Tony is able to illustrate and demonstrate critical issues in these systems in a way the audiences of all levels can understand. He has spoken at PCI events in Europe and Asia, at the SC Congress in London, ISACA CSX Europe, technical conferences such as BSides and many other partner events, including speaking at the US Congress, European Central Bank and the European Parliament.

Tracy Celaya

Tracy Celaya

President, GO Consulting Int’l

Dr. Celaya is President of Go Consulting Int'l and a sought-after IT & Business Consultant. She's an innovative leader and energetic speaker with 20 years of experience in IT Security, Program Management, Organizational Development, and Change Management, with her research in cloud computing, HR, and Information Security. She is a U.S. Air Force veteran with a background in electronic intelligence. Her clients consider her their “Secret Weapon” as she helps organizations define & implement their security strategy and develop a solid organizational culture of security. She is author of two publications regarding cyber security and cloud computing in human resources, and an international top-rated speaker featured at ISACA CSX Europe & U.S., ISACA CACS, RSAC US, RSAC Asia-Pacific, ISSA, OWASP, DevOps.com, and SecureCISO.

Dr. Celaya is President of Go Consulting Int'l and a sought-after IT & Business Consultant. She's an innovative leader and energetic speaker with 20 years of experience in IT Security, Program Management, Organizational Development, and Change Management, with her research in cloud computing, HR, and Information Security. She is a U.S. Air Force veteran with a background in electronic intelligence. Her clients consider her their “Secret Weapon” as she helps organizations define & implement their security strategy and develop a solid organizational culture of security. She is author of two publications regarding cyber security and cloud computing in human resources, and an international top-rated speaker featured at ISACA CSX Europe & U.S., ISACA CACS, RSAC US, RSAC Asia-Pacific, ISSA, OWASP, DevOps.com, and SecureCISO.

Tuan Phan, CISSP

Partner, Caplock Security LLC

Tuan Phan is a partner with Caplock Security LLC with strong expertise in the implementation and management of emerging technologies, information assurance programs, technical projects and operations, and risk management across several industries including government, software, specialty product, drug and medical device manufacturing. Tuan has consulted with state and Federal agencies including Oregon Public Employees Retirement System, Centers for Disease Control and Prevention, National Credit Union Administration, and Federal Retirement Thrift Investment Board on information security and assurance. As the practice leader for blockchain technology at Caplock Security LLC, he leads the development of several proofs of concept using Hyperledger Fabric and Ethereum private blockchains and advises clients on the security implementation of smart contracts and blockchain infrastructure. Tuan has shared his experience on numerous topics on cybersecurity, blockchain security, IT governance, and regulatory compliance at several industry conferences and seminars. Tuan has also authored several articles on blockchain and regulatory compliance topics in several industry magazines and journals and served as SME reviewer for ISACA Blockchain Audit Program.

Tuan Phan is a partner with Caplock Security LLC with strong expertise in the implementation and management of emerging technologies, information assurance programs, technical projects and operations, and risk management across several industries including government, software, specialty product, drug and medical device manufacturing. Tuan has consulted with state and Federal agencies including Oregon Public Employees Retirement System, Centers for Disease Control and Prevention, National Credit Union Administration, and Federal Retirement Thrift Investment Board on information security and assurance. As the practice leader for blockchain technology at Caplock Security LLC, he leads the development of several proofs of concept using Hyperledger Fabric and Ethereum private blockchains and advises clients on the security implementation of smart contracts and blockchain infrastructure. Tuan has shared his experience on numerous topics on cybersecurity, blockchain security, IT governance, and regulatory compliance at several industry conferences and seminars. Tuan has also authored several articles on blockchain and regulatory compliance topics in several industry magazines and journals and served as SME reviewer for ISACA Blockchain Audit Program.

Vadim Gordas

Vadim Gordas, CISA, CRSIC

Head of IT & InfoSec Risk, Zopa Financial Services

Vadim is an Information Risk Management Specialist with over 12 years’ experience in information security, data protection and information security compliance. He holds a GCHQ-certified MSc degree in Information Security from ISG Royal Holloway, University of London and various industry certifications. Most recently his research is focused on measuring the human risk and ensuring that enterprises can make targeted interventions to manage the people aspects of security.

Vadim is an Information Risk Management Specialist with over 12 years’ experience in information security, data protection and information security compliance. He holds a GCHQ-certified MSc degree in Information Security from ISG Royal Holloway, University of London and various industry certifications. Most recently his research is focused on measuring the human risk and ensuring that enterprises can make targeted interventions to manage the people aspects of security.

Act Quickly to Save $100! Use Promo Code: EURO19CA

Register now
FOR SPONSORSHIP AND EXHIBITOR OPPORTUNITIES
Contact ISACA's Sponsorship Department:

Please address Sponsorship questions to: sponsorship@isaca.org

QUESTIONS
Contact ISACA's Customer Experience Center:

Tel: +1.847.660.5505

https://support.isaca.org/

MEDIA INQUIRIES
Contact ISACA's Communications Department:

Tel: +1.847.660.5512 or
+1.847.660.5564

news@isaca.org

Quick Links

Conference