/leadership-series/feb2021/
By using this site you agree to our use of cookies. Please refer to our privacy policy for more information.Close
grc summit banner

Integrated Risk Management: Addressing Cyber Threats & Challenges

February 24, 2021, 10:30 AM - 1:45 PM EST

Join Now

Register Now



Integrated Risk Management: Addressing Cyber Threats & Challenges


As organizations gradually deal with the ‘new normal’, cybersecurity and cyber risk professionals face two very diverse challenges: on the one hand, taking on the role of change agents for better security practices across their organizations, and on the other – having to communicate a clear picture of the organization’s cyber risk posture to senior executives.

This edition of the GRC Leadership series offers you expert perspectives and best practices on how organizations can embrace Integrated Risk Management to address cyber threats and challenges to better prepare for the risks on the horizon. The discussions will revolve around:

  • Integrated approach to address Cyber Threats & Challenges
  • Experiences & Challenges in Operationalizing ISO 27001 and NIST
  • Navigating Cyber Risk Quantification

 






SPEAKERS

Roland CloutierGlobal Chief Security Officer, TikTok and ByteDance

Roland Cloutier

Global Chief Security Officer, TikTok and ByteDance

Roland Cloutier

Roland Cloutier
Global Chief Security Officer, TikTok and ByteDance

As Global Chief Security Officer of ByteDance & TikTok, Roland Cloutier brings an unprecedented understanding and knowledge of global protection and security leadership to one of the world's largest leading media, social, and online technology companies. With over 25 years of experience in the military, law enforcement, and commercial sector, Roland is one of today’s leading experts in corporate and enterprise security, cyber-defense program development, and business operations protection.   
 
Roland has functional and operational responsibility for cyber, information protection, data defense, operational risk, workforce protection, crisis management, and investigative security operations worldwide.  
 
Prior to ByteDance / TikTok, Roland serve 10 years as Corporate Vice President and Global Chief Security Officer  at ADP, a global provider of comprehensive payroll services and human resources management solutions spanning more that 120 countries across the globe.  
 
Prior to ADP, Roland served as Vice President and CSO of EMC, was a United States Air Force Combat Security Specialist, and an Aerospace Protection and Anti-Terrorism Specialist for the Department of Defense. He also specialized in fraud and healthcare crime as part of the United States Department of Veterans Affairs.  
 
Roland continues to lead by example in the development of the security industry through practitioner excellence.  He was most recently honored as the RSA Conference 2016’s Excellence in the Field of Information Security Award Winner.  He was also named the #1 Security Executive of the Year by ExecRank, Tech Exec Networks' Information Security Executive of the Year, and one of the Most Influential People in Security by Security Magazine.  
 
Paving the way for the world’s next generation of security leaders, Roland is also the distinguished author of his book, ‘Becoming a Global Chief Security Executive Officer’ where he shares his expertise on how to advance the practice of security executive management, security program architecture and how to effectively plan for the future demands of leadership in global security. 
 
Roland is a member of the Executive Security Action Forum, The Security World 50, and serves on the Board of Directors Cyber Subcommittee for Blue Cross Blue Shield Association, the Board of The International Consortium of Minority Cybersecurity Professionals (ICMCP), and the Board of The National Cyber Forensics Training Alliance (NCFTA).   As a U.S. Air Force veteran, he takes 
the time to give back and volunteer for veteran organizations such as the American Legion, and 100 Nights of Remembrance. 

Carlos PereiraHead of Governance - Global Security, Facebook

Carlos Pereira

Head of Governance - Global Security, Facebook

Carlos Pereira

Carlos Pereira
Head of Governance - Global Security, Facebook

Carlos Pereira is the Head of Governance within the Global Security at Facebook. Distinguished Risk Management executive with 20+ years of industry and risk consulting experience working with Fortune 100 companies. Verifiable expertise in: Governance and Oversight Management, Enterprise Risk Management, Operational Risk, Vendor Risk, IT Risk. Honorary speaker at several industry Risk Management Conferences. Accomplished ERM experience in: conducting detail risk and control assessments; Enterprise Risk Management implementation; leading expert on the 2017 COSO Framework; DOL Fiduciary Rule; Sarbanes Oxley (SOX) testing and validation; Control Self Assessments (CSA); implementing Enhanced Prudential Standards (EPS) for foreign banks owned in the U.S.; Internal Controls definition and testing; Risk metrics and measures; Operational Improvements and Excellence, Audit & Compliance integration. Regulatory and business compliance, Operation and risk systems monitoring, and Project management. Carlos has several risk management certifications, possesses a MBA, and is multi-lingual.

Tony Martin-VegueSenior Information Security Risk Engineer, Netflix

Tony Martin-Vegue

Senior Information Security Risk Engineer, Netflix

Tony Martin-Vegue

Tony Martin-Vegue
Senior Information Security Risk Engineer, Netflix

Tony Martin-Vegue is a writer, speaker and risk expert with a passion for data driven decision making. He brings his expertise in economics, cyber risk quantification and information security to advise senior operational and security leaders on how to integrate evidence-based risk analysis into business strategy.  He has led risk teams for several companies and in the words of his son, has spent much of the last 20 years “Fighting criminals on the internet.” Tony serves on the Board of the Society of Information Risk Analysts and is the co-chair of the San Francisco chapter of the FAIR Institute – two professional organizations dedicated to advancing risk quantification. Tony can be found at www.tonym-v.com

Angela Johnson De WetHead of Risk across New Technology and Technology Change, Lloyds Banking Group

Angela Johnson De Wet

Head of Risk across New Technology and Technology Change, Lloyds Banking Group

Angela Johnson De Wet

Angela Johnson De Wet
Head of Risk across New Technology and Technology Change, Lloyds Banking Group

Prior to working at Lloyds, Angela worked At Deutsche Bank in the Cloud, Anti-Financial Crime Analytics, Data Quality and Finance Risk and Regulatory Reporting change and transformation teams.

Before joining Deutsche Bank, Angela worked as a Senior Manager at EY across Asia Pacific and EMEIA within the Financial Services Organisation focusing on Corporate Banking and Capital Markets transformation and advisory programmes. Angela started her career at IBM in Australia working as a developer, tester, designer and then business analyst and project manager.

Angela has an honours degree in Mechanical Engineering (Mechatronics / Robotics) and Computer Science from the University of Melbourne, Australia.

Ram RamadossSenior VIce President - Privacy, Information Security and Health IT Regulatory Oversight, CommonSpirit Health

Ram Ramadoss

Senior VIce President - Privacy, Information Security and Health IT Regulatory Oversight, CommonSpirit Health

Ram Ramadoss

Ram Ramadoss
Senior VIce President - Privacy, Information Security and Health IT Regulatory Oversight, CommonSpirit Health

Thirty years of information technology and management experience; worked across many industries with more specialization in Telecom and Healthcare. Provides leadership oversight and governance for privacy, information security and Health IT Regulatory Oversight  for CommonSpirit Health hospitals, physician practices, Home Care, Senior Living Facilities, and Health Plans.

In-depth and diverse experience of privacy, information security, cyber risk management, security engineering, security architecture, IT auditing, compliance, threat/vulnerability management, systems engineering, IT architecture, data leakage prevention, Health IT Regulatory Oversight, program management and business process strategy areas. Built robust privacy and information security programs, created strong synergy opportunities and improved maturity of the programs to align with industry leading practices in key areas.

Strong background in managing international data protection program. Ongoing engagement of IT, Digital, Cybersecurity, Clinical, Operations, Internal Audit, Risk Management, and Legal in influencing privacy, information security/Health IT Regulatory Oversight compliance culture and enforcement of strong controls. Ongoing leadership and involvement with due diligence and integration efforts for CommonSpirit  Health. Instilled a culture of independent evaluation of technologies/vendors among the IT/business leadership teams.

Served as a core team member of the Department of Health and Human Services' National Healthcare Cybersecurity Taskforce. Speaker for International Information Security Conference, HIMSS, IAPP, ISACA and regional conferences.

Joachim FritschiChief Information Security Officer, GLS Group

Joachim Fritschi

Chief Information Security Officer, GLS Group

Joachim Fritschi

Joachim Fritschi
Chief Information Security Officer, GLS Group

Joachim Fritschi is the Chief Information Security Officer of the GLS Group (General Logistics Systems). He has built up this global function from the ground up and is leading Information Security activities worldwide including strategy, governance, risk management, operations, architecture and assurance.

Prior to joining GLS in 2016, Joachim was at Vodafone and Thomas Cook in various Security Management roles leading Information Security teams. Joachim has a strong technical background and over 20 years’ experience in Information Security, is CISSP and CISM certified and is a graduate of the Technical University Darmstadt (Germany) in computer sciences.

Olivier BusoliniHead of IT Risk and Cybersecurity, BNP Paribas, Switzerland

Olivier Busolini

Head of IT Risk and Cybersecurity, BNP Paribas, Switzerland

Olivier Busolini

Olivier Busolini
Head of IT Risk and Cybersecurity, BNP Paribas, Switzerland

Olivier Busolini has been involved in IT security for 25 years, in the private and public sectors, across several industries. He experienced different business dynamics, and developed leadership in IT risk and security management, as an integrated part of operational risks, data governance and digital business activities. He has been holding CISO roles for Swiss banks for the last 10 years. He focuses on managing technology risks and security from a business risk perspective, to deliver cost efficient risk assurance.

Cynthia CoxSecurity Compliance and Strategy Leader, Marqeta Inc

Cynthia Cox

Security Compliance and Strategy Leader, Marqeta Inc

Cynthia Cox

Cynthia Cox
Security Compliance and Strategy Leader, Marqeta Inc

Cynthia Cox is currently the Security Compliance and Strategy Leader at Marqeta. She develops and leads programs that drive visibility into the company’s risk posture, reduce information security risks and align with business goals. Cynthia has 18 years of Governance, Risk and Compliance (GRC) experience in policy and standards, measures and metrics, risk management, enterprise resiliency, Customer and Supplier Trust, security certification and compliance. Prior to Marqeta, Cynthia was at Palo Alto Networks, Veritas Technologies, Symantec Corporation and KPMG. Her security framework experience spans Sarbanes-Oxley, PCI, ISO 27001, SOC1, SOC2 and NIST. Cynthia holds the CPA (CA-inactive) and CISA certifications. She graduated from UCLA with a BA in Economics with a specialization in computer science.

Stuart FrostHead of Enterprise Security and Risk Management, Department for Work and Pensions (DWP), UK Government

Stuart Frost

Head of Enterprise Security and Risk Management, Department for Work and Pensions (DWP), UK Government

Stuart Frost

Stuart Frost
Head of Enterprise Security and Risk Management, Department for Work and Pensions (DWP), UK Government

Stuart Frost, BEM, heads up the DWP Enterprise Security and Risk Management organisation, a multi skilled team of Governance Risk and Compliance (GRC) professionals Security Risk Practitioners and Architects working as one to provide a risk driven security programme across a multi-disciplined large scale and diverse organisation.

He is a proven security professional and leader of security teams and programs within a large scale organisation. Stuart is both a certified GRC Professional and Auditor also holding ISACA’s Risk and Information Systems Control (CRISC) and, Certified Information Systems Auditor (CISA) certifications and is ISO27005 ISMS Risk Management (CIS RM) certified. 

Bruce DahlgrenChief Executive Officer, MetricStream

Bruce Dahlgren

Chief Executive Officer, MetricStream

Bruce Dahlgren

Bruce Dahlgren
Chief Executive Officer, MetricStream

Bruce Dahlgren is a global technology executive with an exceptional record of growing and monetizing disruptive technologies, capturing multibillion-dollar business opportunities, and leading go-to-market strategy and operations at large public and small private companies.

In July 2020, Bruce was named CEO of MetricStream, the market leader in enterprise cloud applications for Integrated Governance, Risk and Compliance (GRC). With 500+ customers in more than 35 countries, MetricStream helps organizations drive performance, integrity and resilience with its GRC solutions and services.

Before joining MetricStream, Bruce served as CEO of Xpress Retail, a Trivest portfolio company, where he reversed declining revenue and profit with a new sales effort and expanded customer base. He also secured additional private equity funding to enable growth and technology upgrades.

Previously, as EVP and Chief Revenue Officer of Kony, the leading cloud-based enterprise application and mobility solutions provider, Bruce was instrumental transforming sales and services to a SaaS model, generating annual contract value and revenue growth at twice the market, achieving positive EBITDA and cash flow, and positioning Kony for sale to Temenos, a Swiss Fintech company.

During his more than 10-year career at HP and Hewlett Packard Enterprise – including serving as HPE’s SVP & Managing Director of the Asia Pacific & Japan Region – Bruce was instrumental in the value-creating strategy and execution of splitting Hewlett-Packard into four focused technology entities. He also transformed the unprofitable Asia Pacific region into the best performer and built a startup division into a $5 billion industry leader.

Bruce sits on the Board of Advisors of TVS Digital, a new venture arm of TVS Motor Company, which completed investments in four AI, IoT and predictive analytics companies to create a comprehensive platform for the connected factory. He also sits on the Board of Altizon, an industrial IoT company, advising it on go-to-market strategy and talent development, and building a global partner ecosystem, and on the Board of Scienaptic Systems, a leading AI-powered credit underwriting company, advising on global expansion, client relationships and sales enhancements.

Bruce brings a deep background in P&L management, go-to-market and M&A, with earlier senior management roles at NCR, AT&T and Lexmark.

He received an MBA and bachelor’s degree in business administration from Stetson University and attended the Wharton Executive Education Program. He serves on the Board of Trustees for Stetson University. Throughout his career, Bruce and his family have moved many times, including living in Singapore for five years. He and his wife now reside in the Bay Area and have three grown children.

James HanburySenior Manager - Cyber Security, KPMG LLP (UK), London

James Hanbury

Senior Manager - Cyber Security, KPMG LLP (UK), London

James Hanbury

James Hanbury
Senior Manager - Cyber Security, KPMG LLP (UK), London

James is a cyber risk management SME with extensive experience across Financial Services - including banking, insurance, financial market infrastructure, wealth & asset management. James leads KPMG UK’s cyber risk modelling and quantification service. He has collaborated with, and delivered innovative solutions for a variety of clients to support Board and operational level committee decision making.

Gaurav KapoorCo-founder and COO, MetricStream

Gaurav Kapoor

Co-founder and COO, MetricStream

Gaurav Kapoor

Gaurav Kapoor
Co-founder and COO, MetricStream

Gaurav Kapoor serves as the Co-founder and COO of MetricStream. Gaurav has been involved with the company since its inception and as the COO, is responsible for the overall Go-to-Market Strategy, Sales, Marketing, Customer Advocacy, and the Partner and Community Ecosystem. Until 2010, he also served as the CFO of MetricStream.

Previously, Gaurav held executive positions at OpenGrowth and ArcadiaOne. Prior, he spent several years in business, marketing and operations roles at Citibank in Asia and in the U.S.

He also serves on the board of Regalix, a digital innovation and marketing company. Gaurav has a bachelor's degree in Technology (with Honors) from the Indian Institute of Technology (IIT), a degree in Business from FMS, Delhi, and an MBA from the Wharton Business School at the University of Pennsylvania, where he graduated as a Palmer Scholar.

Jane HarperSr. Director - Information Security Risk and Business Engagement, Eli Lilly and Co

Jane Harper

Sr. Director - Information Security Risk and Business Engagement, Eli Lilly and Co

Jane Harper

Jane Harper
Sr. Director - Information Security Risk and Business Engagement, Eli Lilly and Co

Jane Harper is the Sr. Director of Information Security Risk and Business Engagement for Eli Lilly and Company. 

Jane has over 18 years of Risk, Compliance, Audit and Security experience.  Throughout her career she has established and supported, security, compliance, audit and risk functions for various types and sizes of organizations.   Jane has a diverse experience managing risk and implementing controls unique to heavily regulated industries like insurance, healthcare and financial services. Jane’s career includes developing the strategy, designing the solution, implementing and maintaining various risk, compliance, audit and security programs and practices domestically and internationally.

Jane is not only accomplished but also celebrated as a highly regarded leader in her industry as demonstrated by her various certifications, designations and accolades such as her Notable Women in IT, Crain’s Detroit 40 under 40, Oakland County Elite 40 under 40, and Michigan Chronicle’s Women of Excellence awards. 

Jane has published on a variety of governance topics around managing risk and has also been cited and interviewed by industry publications like Information Week and Detroit Crain’s Business.  She was one of the founding members of the Michigan Healthcare Cyber Security Council where also she co-chaired the third party risk committee.  She most recently was an active member of the HIMSS professional development and workforce committee.  Jane holds several designations and certifications including CRISC, CHC, CISA, ITIL, CRCMP, ISA, PCIP, CISSP and both undergraduate and graduate degrees.

Anindo BanerjeaSr. Vice President, Engineering, MetricStream

Anindo Banerjea

Sr. Vice President, Engineering, MetricStream

Anindo Banerjea

Anindo Banerjea
Sr. Vice President, Engineering, MetricStream

Anindo is responsible for the development of MetricStream’s GRC Platform, the AppStudio toolkit for rapid application development and MetricStream’s suite of GRC products.

Prior to MetricStream, he was the CTO at TBD Networks, a company specializing in network technology, virtualization and data center automation. 

Jonathan QuayleVice President of Sales - UK, MetricStream

Jonathan Quayle

Vice President of Sales - UK, MetricStream

Jonathan Quayle

Jonathan Quayle
Vice President of Sales - UK, MetricStream

Joy BhowmickVice President for Product Management - IT GRC and Cyber, MetricStream

Joy Bhowmick

Vice President for Product Management - IT GRC and Cyber, MetricStream

Joy Bhowmick

Joy Bhowmick
Vice President for Product Management - IT GRC and Cyber, MetricStream