BEGIN:VCALENDAR VERSION:2.0 PRODID:-//ISACA Greater Washington, D.C. Chapter - ECPv6.16.2//NONSGML v1.0//EN CALSCALE:GREGORIAN METHOD:PUBLISH X-ORIGINAL-URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io X-WR-CALDESC:Events for ISACA Greater Washington, D.C. Chapter REFRESH-INTERVAL;VALUE=DURATION:PT1H X-Robots-Tag:noindex X-PUBLISHED-TTL:PT1H BEGIN:VTIMEZONE TZID:America/New_York BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20240310T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20241103T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20250309T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20251102T060000 END:STANDARD BEGIN:DAYLIGHT TZOFFSETFROM:-0500 TZOFFSETTO:-0400 TZNAME:EDT DTSTART:20260308T070000 END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0400 TZOFFSETTO:-0500 TZNAME:EST DTSTART:20261101T060000 END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTART;TZID=America/New_York:20251115T090000 DTEND;TZID=America/New_York:20251115T170000 DTSTAMP:20260613T215528 CREATED:20250920T152344Z LAST-MODIFIED:20251022T104906Z UID:34798-1763197200-1763226000@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Generative AI for Governance Professionals Workshop DESCRIPTION:  \n \n  \nNovember 15\, 2025\nVirtual Event (Teams)\nEarn up to 7 CPE\n$125 for GWDC Members\n$200 for Non-Members \n  \n  \n\n\n\nGenerative AI for Governance Professionals Workshop \nThis intensive one-day virtual workshop\, Generative AI for Governance Professionals\, will provide participants with a comprehensive understanding of how generative AI can be leveraged to enhance governance\, risk\, and compliance functions. The workshop will cover the use of AI tools to streamline policy development\, automate reporting\, and strengthen internal controls\, with practical exercises to ensure participants can effectively apply these techniques within their governance and compliance workflows. \nRegistration closes on November 13 @ 5PM. \nRegister Today! \n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nEvent Details \n\nDate and Time \n\n\nThe workshop will be held on November 15\, 2025 (Saturday) from 9:00 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVirtual Event \n\n\nThe workshop will be held using Microsoft Teams. \nPrior to the event\, the instructor will email all participants the Teams link for the course along with course materials \n  \n\n\nPricing \n\n\nThe fee for GWDC Members is $125 for the workshop.\nThe fee for all other registrants is $200 for the workshop. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n  \n\n\n\n  \nISACA AI Certifications \nISACA has launced new certifications in the AI space: Advanced in AI Audit™ (AAIA™) and Advanced in AI Security Management™ (AAISM™). Click on the links below to learn more about these certifications and how they can further your career in AI. If you are interested in taking one of these certification exams\, check our events calendar for upcoming review courses. \nLearn more about AAIALearn more about AAISM \n  \n  \n\n\n\nCourse Outline \nModule 1: Introduction to Generative AI for Governance \n\nFundamentals of Generative AI and large language models (LLMs)\nUnderstanding how AI impacts governance\, compliance\, and decision-making\nKey terms and concepts for non-technical governance professionals\n\nModule 2: AI in Governance\, Risk\, and Compliance (GRC) \n\nUse cases of Generative AI in risk assessment and internal controls\nEnhancing policy development\, auditing\, and compliance monitoring with AI\nAutomating documentation\, reporting\, and regulatory submissions\n\nModule 3: Risks and Challenges of Generative AI \n\nEthical\, legal\, and operational risks in AI adoption\nData privacy\, intellectual property\, and confidentiality concerns\nGovernance risks from AI bias\, hallucinations\, and lack of explainability\n\nModule 4: Regulatory and Standards Landscape \n\nOverview of global and U.S. AI regulations (EU AI Act\, NIST AI RMF\, ISO/IEC 42001)\nImpact of AI on SOX\, HIPAA\, GDPR\, and other compliance obligations\nAnticipating changes in the governance environment with emerging AI policies\n\nModule 5: Designing AI Governance Frameworks \n\nCore principles of responsible AI governance\nBuilding AI oversight and internal review mechanisms\nAligning AI governance with enterprise GRC and risk frameworks\n\nModule 6: Vendor and Third-Party AI Risk Management \n\nEvaluating AI tools and third-party providers for compliance\nPerforming due diligence and AI-specific contract reviews\nContinuous monitoring of AI vendors and their data handling practices\n\nModule 7: Implementing AI in Governance Workflows \n\nPractical AI applications for board reporting\, audit committees\, and compliance teams\nCase studies: AI in enterprise governance programs\nMitigating the operational challenges of AI integration\n\nModule 8: Future-Proofing Governance Programs \n\nPreparing for AI-driven organizational transformation\nContinuous improvement and auditing of AI systems\nStrategic roadmap for AI adoption in governance and compliance\n\n  \n\n\n\n  \nInterested in Speaking at a Chapter Event \nIf you are interested in speaking at an upcoming conference\, please visit the Call for Speakers page and complete the form. \nCall for Speakers \n  \n\n\n\nInstructor \n\n \n\n\nJim Wiggins\nAAISM\, AAIA\, AIGP\, CISM\, CISA\, CRISC\, CISSP\, ISSEP\, CGRC (CAP)\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, FITSP-M\, CGEIT\, MCITP\, MCSE: Security\, MCSE: Messaging\, MCSA\, MCDST\, Server+\, Network+\, A+\, CDPSE\, CIPP/US\, PMP\, ICE-CCP\, DACUM Facilitator \nJim Wiggins is a seasoned IT and cybersecurity expert with over 29 years of industry experience\, 24 of which have been dedicated to information security – and\, more recently\, the last 3 years on artificial intelligence. He is the Founder and CEO of Securible\, LLC\, a Washington\, DC-based cybersecurity training and consulting firm specializing in practical\, forward-thinking solutions. Through Securible\, Jim has championed innovative approaches to address emerging threats\, ensure regulatory compliance\, and harness the power of Artificial Intelligence in IT audit\, cybersecurity\, governance and privacy. Throughout his distinguished career\, Jim has trained well over 20\,000 IT and cyber professionals\, underscoring his commitment to education and the advancement of the field. \nIn addition to his leadership at Securible\, Jim also serves as the Founder and CEO of the Federal IT Security Institute (FITSI)\, a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI provides role-based cybersecurity certifications designed to fortify the U.S. federal cybersecurity workforce. \nEnhancing his contributions to the cybersecurity community\, Jim hosts a TV show in the Washington\, DC area called Cybersecurity Today. The program offers expert insights\, in-depth analysis\, and the latest updates on cybersecurity trends and threats\, further establishing his role as a prominent thought leader in the industry. \nRecognized as a Federal 100 award recipient in 2019 and the Federal Information Systems Security Educators’ Association (FISSEA) “Educator of the Year” in 2011\, Jim is widely respected for his commitment to elevating cybersecurity education. \nIn the rapidly evolving arena of Artificial Intelligence (AI)\, Jim has directly trained well over 1\,000 IT and cyber professionals on generative AI fundamentals through intensive sessions with the Department of the Interior’s University\, the Defense Information Systems Agency (DISA)\, the National Risk Management Center (NRMC) within CISA\, and the Greater Washington DC Chapter of ISACA. He leverages AI-driven tools such as ChatGPT\, Gemini\, Dalle\, Midjourney\, and Copilot to translate complex concepts into practical\, governance-focused applications. \nJim holds numerous certifications\, including: \n\nArtificial Intelligence: AAISM\, AAIA\, AIGP\nCybersecurity: CISM\, CISA\, CRISC\, CISSP\, ISSEP\, CGRC (CAP)\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and FITSP-M.\nInformation Technology: CGEIT\, MCITP\, MCSE: Security\, MCSE: Messaging\, MCSA\, MCDST\, Server+\, Network+\, A+.\nPrivacy: CDPSE\, CIPP/US\nProject Management: PMP (Project Management Professional).\nEducation: ICE-CCP (I.C.E. Certified Credentialing Professional)\, DACUM Facilitator\n\nJim is currently finalizing a master’s degree in education from George Washington University with a concentration in Assessment\, Testing\, and Measurement. \n \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \n\nPoll Questions \n\n\nParticipants must respond to all the poll questions polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n  \n\n\nCPE Distribution and Evaluation Survey \n\n\nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \n\n\nLearning Objectives \n\n\n\nExplain the fundamentals of generative AI and large language models (LLMs).\nDescribe how AI impacts governance\, compliance\, and decision-making.\nAnalyze use cases of generative AI in risk assessment and internal controls.\nApply AI to enhance policy development and compliance monitoring.\nEvaluate ethical\, legal\, and operational risks associated with AI adoption.\nAssess governance risks arising from bias\, hallucinations\, and lack of explainability.\nSummarize the key provisions of major AI regulations and standards.\nExplain how AI affects compliance obligations under laws such as SOX\, HIPAA\, and GDPR.\nDescribe the core principles of responsible AI governance.\nDesign oversight mechanisms that align AI governance with enterprise GRC frameworks.\nEvaluate AI vendors for compliance with governance requirements.\nPerform due diligence and continuous monitoring of AI third-party providers.\nApply AI solutions to improve board reporting and audit workflows.\nPropose strategies to address operational challenges in AI integration.\nDevelop a strategic roadmap for AI adoption in governance and compliance.\nImplement continuous improvement processes for auditing AI systems.\n\n  \n\n\nCPE-Related Details \n\n\n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/generative-ai-for-governance-professionals-workshop/ LOCATION:Virtual Event CATEGORIES:Workshop ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/09/workshop_gen_ai_governance.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20251113T080000 DTEND;TZID=America/New_York:20251113T140000 DTSTAMP:20260613T215528 CREATED:20250824T152624Z LAST-MODIFIED:20251106T141756Z UID:34440-1763020800-1763042400@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Leading Tech Conference DESCRIPTION:  \n \n  \nNovember 13\, 2025\nGeorge Mason University (Arlington VA)\nEarn up to 4 CPE\nGWDC Member Fee is $125\nNon-Member Fee is $165 \n  \n  \n\n\n\n \nLeading Tech\, a SheLeadsTech Event \nTransforming the Future of Cybersecurity & IT Audit through Innovation \nWelcome to Leading Tech: Transforming the Future of Cybersecurity & IT Audit through Innovation\, a SheLeadsTech event. This premier Washington\, D.C. conference showcases how innovation is redefining the future of cybersecurity and IT audit. Join us in person for dynamic sessions led by an exceptional lineup of female speakers\, connect with industry leaders\, innovators\, and technology enthusiasts to strengthen your professional community\, and walk away with practical insights to help shape the digital landscape of tomorrow. This event offers: \nDynamic Sessions: Dive into forward-thinking strategies and innovative solutions tackling today’s most urgent cybersecurity and technology challenges—while equipping yourself for tomorrow’s risks. Led by an exceptional roster of female experts\, these sessions are designed to spark critical thinking\, inspire challenging questions\, and bridge visionary ideas with real-world execution. \nIn-Person Networking: Forge valuable connections and engage in meaningful conversations with IT and cybersecurity leaders\, practitioners\, students\, and allies. Build relationships that strengthen professional networks and foster a true sense of community. \nProfessional Development: Leave with actionable insights\, practical skills you can implement immediately\, and the opportunity to earn 4 CPE credits—advancing both your expertise and your career. \nIT/Cybersecurity professionals\, cybersecurity students\, auditors\, CISOs\, or business and government leaders should attend this event. \nRegistration closes on November 12 @ 5PM. \nRegister Today! \n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nConference Agenda \nConference agendas may change due to schedule conflicts and other unexpected situations. If a previously published agenda has changed\, the changes will be noted. \n \n\n08:00 AM – 08:30 AM \n\n\nRegistration Check-in\, Networking\, and Complimentary Breakfast \n  \n\n \n\n08:30 AM – 09:45 AM \n\n\nKeynote Address: All Risks\, One Battlefield: Cybersecurity in the AI Era \nKeynote Presenter: Camille Stewart Gloster (CAS Strategies) \nThe boundaries between risks—cyber\, physical\, operational\, reputational—are collapsing. Artificial intelligence accelerates this shift\, allowing attackers to scale\, blend\, and disguise threats across domains. The battlefield is no longer segmented; it is unified\, dynamic\, and relentless. \nThis keynote explores how leaders and teams must adapt to an “all risks\, one battlefield” reality. It highlights how AI amplifies both the threat landscape and the defensive toolkit\, demanding more collaboration across disciplines\, sectors\, and geographies. Drawing on Camille Stewart Gloster’s work with companies from startups to global enterprises\, as well as her experience shaping national strategies at the highest levels of government\, the talk will deliver a vision of what’s next and practical steps to act now. \nLearning Objectives: \n\nRecognizing and responding to the collapse of traditional boundaries\,\nHarnessing AI’s potential for resilience as well as risk\, and\nBuilding collaborative\, innovative defenses that resonate from the boardroom to the SOC floor.\n\nThe future of cybersecurity will be defined not by technology alone\, but by leaders who embrace this unified battlefield with clarity\, creativity\, and courage. \n  \n\n \n\n10:00 AM – 10:55 AM \n\n\nFrom FOMO to Focus: A Strategic Approach to Cybersecurity Innovation \nPresenters: Stacey Champagne (Hacker in Heels) and Anna Wheeler (SSAW\, LLC) \nIn a field driven by constant change\, the pressure to adopt the latest technologies can overshadow the strategic thinking that makes innovation meaningful. In this dynamic fireside chat\, leaders will examine how organizations can build cybersecurity programs that are intentional\, not reactive—where innovation is guided by clear threat models\, realistic resource assessments\, and defined business outcomes rather than industry hype. Together\, we’ll explore the hidden costs of tool-first thinking and uncover practical frameworks for evaluating new technologies through a strategic lens. Attendees will gain insights on how to cultivate organizational discipline around innovation decisions\, calculate true ROI beyond vendor promises\, and create cybersecurity strategies that remain resilient to hype cycles while staying agile enough to capitalize on genuine breakthroughs that align with their mission. \nLearning Objectives: \n\nUnderstand how to evaluate emerging technologies against your organization’s actual threat landscape\, risk tolerance\, and resource capacity.\nLearn practical approaches to building organizational discipline around innovation decisions\, even when facing pressure from leadership or market trends.\nDiscover methods for calculating the true costs and ROI of cybersecurity innovations beyond initial implementation\, including hidden operational and cultural impacts.\n\n  \n\n \n\n11:05 AM – 12:00 PM \n\n\nRed & Blue Team Perspectives: Navigating the Evolving Threat Landscape \nModerator: Toni Benson (Peraton) \nPanelists: Kelly McCracken (Salesforce)\, Lara Meadows (ThreatConnect)\, and Krissy Safi (Protiviti) \nThe threat landscape is evolving faster than ever\, challenging security teams to stay ahead of sophisticated adversaries. Attackers are using AI to move faster\, scale their operations\, and outmaneuver traditional defenses. At the same time\, defenders are innovating with automated detection and response and new approaches to resilience. \nIn this session\, red and blue team perspectives come together to reveal how these shifting threats impact day-to-day operations and strategic decision-making. You’ll leave with both a strategic understanding of emerging risks and practical steps to strengthen your defenses and adapt your security program. \nLearning Objectives: \n\nAnticipate emerging threats and trends across the evolving cybersecurity landscape.\nApply defensive innovations\, including detection\, monitoring\, and automated response strategies.\nIntegrate red and blue team insights to improve controls\, incident response\, and proactive defense measures.\n\n  \n\n \n\n12:00 PM – 12:30 PM \n\n\nLunch (provided) and Networking \n  \n\n \n\n12:30 PM – 01:30 PM \n\n\nFriend\, Foe\, or Force Multiplier? A Debate on Cybersecurity and IT Audit in Action \nModerator: Chaitra Devaraysamudram Krishna (Fannie Mae) \nPanelists: Xin (Cindy) Tu and Kelly Volz (LPL Financial) \nWhen it comes to protecting organizations\, the first line of defense (cybersecurity) and the third line (IT audit) often find themselves in tension. Are they natural allies\, necessary challengers\, or something in between? In this dynamic debate session\, leaders from both functions will tackle real-world business scenarios — from responding to audit findings to prioritizing risk to navigating the intersection of advisory agreements and formal audits — to explore how these roles should (or shouldn’t) collaborate. The audience will gain an unfiltered look at the friction\, the opportunities\, and the innovative paths forward when two critical functions come together. Expect lively discussion\, spirited exchanges\, and fresh insights on how collaboration — or healthy tension — can transform the future of cybersecurity. \nLearning Objectives: \n\nExamine real-world scenarios that highlight both the friction and the opportunity between cybersecurity and IT audit.\nDifferentiate when collaboration drives progress versus when pushback or healthy tension strengthens outcomes.\nDiscover how to transform the audit–cybersecurity relationship into a catalyst for innovation\, trust\, and long-term resilience.\n\n  \n\n \n\n01:30 PM – 02:00 PM \n\n\nConference Conclusion and Networking \n  \n\nThe Vendor Hall will be open throughout the conference. \n  \nSpeaker Showcase \n\n \nLeading Tech Speaker Showcase – Toni Benson \nThis video provides an introduction to Toni Benson\, who is the moderator for the session “Red & Blue Team Perspectives: Navigating the Evolving Threat Landscape” at the ISACA-GWDC Leading Tech Conference\, a SheLeadsTech event\, on November 13th\, 2025. \n \n  \n\n  \n\n \nLeading Tech Speaker Showcase – Lara Meadows \nThis video provides an introduction to Lara Meadows\, who is a panelist for the session “Red & Blue Team Perspectives: Navigating the Evolving Threat Landscape” at the ISACA-GWDC Leading Tech Conference\, a SheLeadsTech event\, on November 13th\, 2025. \n \n  \n\n  \n\n\n\n  \nInterested in Joining ISACA and the GWDC? \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \nJoin ISACA today!More about Membership Benefits \n  \n  \n\n\n\nAdditional Event Details \n\nDate and Time \n\n\nThe conference will be held on November 13\, 2025 from 8:00 am to 2:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nIn-Person Event \n\n\nGeorge Mason University (GMU) Arlington Campus (Mason Square)\n3351 Fairfax Drive\, Arlington\, VA 22201 \nParking: Visitor parking is available in the Van Metre Hall (formerly Founders) Garage\, located directly beneath the school. To access the garage\, use the entrance located off of Kirkwood Drive\, in between Fairfax Drive and Washington Boulevard.  Please view the Mason Square parking map for additional information. \nMetro: The nearest Metro station is the Virginia Square-GMU station. It is a 5-minute walk from the metro station to the GMU Campus \n  \n\n\nPricing \n\n\nThe per-person fee for GWDC and Partner Organization Members is $99 for the conference until October 17\, afterward the fee is $125. \nThe per-person fee for Non-Members is $139 for the conference until October 17\, afterward the fee is $165. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n  \n\n  \n\n\n\n  \nSponsorship Opportunities \nIf you are interested in sponsoring this event or sponsoring the chapter as an annual sponsor\, please visit our sponsorship page. \nSponsorship Info \n  \n\n\n\nConference Sponsors \n\n \n\n\n  \nPartner Organizations \nThis event is presented in partnership with: \n\n \n\n\n \n\n  \n\n \n\n\n \n\n  \n\n\n\n  \nInterested in Speaking at a Chapter Event \nIf you are interested in speaking at this conference\, please visit the Call for Speakers page and complete the form. \nCall for Speakers \n  \n\n\n\nPresenters \nAt times presenters for a session may change due to schedule conflicts and other unexpected situations. If a previously presenter has been substituted\, the changes will be noted. \n  \n \n\n \n\n\nCamille Stewart Gloster\nDCEO and Principal @ CAS Strategies\nCISSP\, PMP \nCamille Stewart Gloster is a strategist\, attorney\, and executive recognized for her expertise at the intersection of technology\, cybersecurity\, national security\, and foreign policy. She is the CEO and Principal of CAS Strategies\, a strategic advisory firm helping governments\, companies\, and nonprofits navigate converging risks across AI\, cybersecurity\, and digital governance. \nThroughout her career\, Camille has operated at the leading edge of emerging technologies and their impact on systems\, institutions\, and society. Her work spans technical\, policy\, and operational leadership across sectors. Early in her career\, she worked at Cyveillance\, focusing on internet governance\, cyber defense\, and digital safety. At the Department of Homeland Security\, she advanced democratic resilience and privacy as Senior Policy Advisor for Cyber. At Google\, she led product security strategy for Alphabet and built the Security Policy and Election Integrity teams for Google Play and Android. \nAs Deputy National Cyber Director for Technology & Ecosystem Security at the White House (2022–2024)\, Camille advised the President and led national efforts on AI security\, quantum readiness\, and tech workforce development. She played key roles in the 2023 National Cybersecurity Strategy\, the AI Executive Order\, and the 2024 Data Security Executive Order. \nCamille is also a researcher\, speaker\, and the co-founder of #ShareTheMicInCyber. Her work has earned recognition from Business Insider (AI 100)\, Microsoft (Security Changemaker)\, and Washingtonian (500 Most Influential). She holds a J.D. from American University\, a CISO certificate from Carnegie Mellon\, and CISSP and PMP certifications. \n \n\n \n\n \n\n\nStacey Champagne\nFounder & CEO of Hacker @ Heels \nStacey Champagne is the Founder & CEO of Hacker in Heels\, a company on a mission to elevate women into positions of power within the cybersecurity industry. With over a decade of hands-on experience\, she has built cybersecurity programs at Fortune 500 companies\, startups\, and the federal government\, and continues to lead from the front lines as a Senior Principal Consultant specializing in insider risk management\, cybersecurity strategy\, and incident response. She holds two master’s degrees\, one in Security and Resilience Studies\, Cybersecurity Policy from Northeastern University\, and the second in Criminal Justice\, Cybercrime Investigation and Cybersecurity from Boston University\, as well as multiple industry certifications including CISSP\, GSLC\, GSOM\, and ITPM. For her efforts in coaching and championing women in cybersecurity\, Stacey was recognized as a 2024 Top 20 Cybersecurity Woman of the World by United Cybersecurity Alliance\, and 2023 Cybersecurity Advocate of the Year by Women’s Society of Cyberjutsu. \n \n\n\n \n\n\nAnna Wheeler\nChief Executive Officer @ SSAW\, LLC \nAnna Wheeler is a seasoned cybersecurity strategist with over 20 years of experience bridging the gap between emerging technology\, government\, and commercial sectors. As a dynamic leader and technologist\, she has played a pivotal role in shaping national security initiatives and driving innovative solutions across critical infrastructure. \nWhile serving as a Strategic Initiatives Lead at Leidos\, Anna was ]instrumental in penetrating the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA)\, transforming a strategic growth area into a $6 billion pipeline with $2.5 billion in awarded contracts. Her ability to identify and mitigate challenges years in advance resulted in over $900 million in cost savings while managing a portfolio valued at $15.5 billion. \nAnna’s expertise spans public sector leadership roles at Giant Oak\, Qualys\, Akamai\, and Symantec\, where she developed and executed high-impact strategies\, advised federal agencies\, and built coalitions to enhance cybersecurity resilience. Her deep understanding of risk management\, compliance\, and technology integration has enabled government agencies to stay ahead of evolving threats. \nA U.S. Army veteran\, Anna served as a Blackhawk helicopter crew chief and door gunner\, an experience that shaped her leadership\, adaptability\, and mission-first mindset. She is a sought-after speaker on cybersecurity\, AI\, and national security\, having engaged audiences at Cyber Women on Capitol Hill\, the Offset Symposium\, and AI for Good. \nBeyond her professional roles\, Anna serves on advisory boards for emerging technology companies\, guiding innovation in cybersecurity and risk management. She holds an active Top Secret clearance and continues to drive forward-thinking solutions that safeguard the nation’s digital and physical security. \n \n\n \n\n \n\n\nToni Benson\nDirector @ Peraton\nPMP\, CISSP \nToni S. Benson is a senior cybersecurity and strategy leader with more than 20 years of experience spanning the U.S. Air Force\, federal government\, and private sector. She is recognized nationally for her leadership in building cybersecurity workforce initiatives\, advising C-suite leaders\, and developing technology-driven strategies that empower diverse Teams. \nShe currently serves as a Director at Peraton where she is the Program Manager who leads strategic optimization initiatives across Department of State programs\, supporting innovation\, operations\, and threat intelligence. \nAs a federal government civilian she served in many roles the supported the Cybersecurity and Infrastructure Security Agency (CISA)\, in cyber threat intelligence\, workforce development\, and stakeholder engagement. Toni directed over $42M in federal grants expanding cyber education across the nation\, developed shared curricula for workforce growth\, and advised at White House-level forums. Toni is a Harvard Executive Leadership Fellow\, PMP\, and CISSP whose dynamic presence and storytelling connect strategy to action\, helping audiences see the human side of cybersecurity and leadership. \n \n\n\n \n\n\nKelly McCracken\nSenior Vice President\, Detection and Response @ Salesforce \nKelly McCracken is a highly accomplished executive with over 20 years of experience in the cybersecurity and technology industry\, specializing in establishing and standardizing incident response programs and Security Operations Centers (SOCs). Her expertise includes developing and leading national-level cybersecurity initiatives for the federal government\, notably co-authoring the National Institute of Standards and Technology (NIST) Standard Publication (SP) 800-61\, Computer Security Incident Handling Guide\, rev. 1\, which stands as the national standard for incident response. Ms. McCracken has successfully applied this deep experience to assist Fortune 100 companies in building world-class incident response programs capable of detecting and responding to advanced threats. \nSince joining Salesforce in 2015\, Ms. McCracken has significantly advanced and matured the company’s detection and incident response capabilities. Under her leadership\, she matured the global incident response organization into the Cyber Security Operations Center (CSOC)\, overseeing all of detection and response for Salesforce to maintain Salesforce’s position as the world’s most trusted customer relationship management platform. She oversees a global team of incident handlers\, security event analysts\, security engineers\, threat intelligence analysts\, data scientists\, and communications specialists. \nMs. McCracken holds a Bachelor of Business Administration in Computer Information Systems from James Madison University\, a Master of Science in Information & Telecommunication Systems from Johns Hopkins University\, and a Master of Business Administration from the Kenan-Flagler School of Business\, University of North Carolina Chapel Hill. \n \n\n\n \n\n\nLara Meadows\nGlobal Vice President of Security Architects @ ThreatConnect\nCISSP\, CISM \nLara Meadows is the Global Vice President of Security Architects at ThreatConnect\, a Threat and Risk-Informed Defense Platform. With more than 20 years of experience\, she began her career as a security systems engineer at Trusted Information Systems (TIS)\, the pioneer of the first firewall\, and went on to hold technical leadership roles at Symantec\, Cisco\, HP ArcSight/Micro Focus and Recorded Future. She has built and led global security engineering teams\, helped start-ups grow into Gartner-recognized leaders\, and guided Fortune 500 companies and U.S. federal agencies in strengthening their cybersecurity strategies. A passionate advocate for advancing women in technology\, Lara mentors through organizations like WiCyS\, #GirlsClub\, WiT\, and the PreSales Collective. She holds CISSP\, CISM\, and GIAC certifications. \n \n\n\n \n\n\nKrissy Safi\nManaging Director @ Safi \nI am a creator\, builder and leader of global businesses and highly effective teams\, with over 2 decades of Information Security experience across all domains of security in support of Fortune 500 companies and government agencies\, working throughout numerous international locations. [Ethical] Hacker turned business leader = creative thinker with an entrepreneurial spirit driving the development of multi-million dollar security practices for both private and public sector. \nI serve as Managing Director at Protiviti\, where I lead our Global Offensive Security Services practice. For over five years\, I’ve driven business growth\, nurtured high-performing teams\, and spearheaded initiatives that advance innovation and integrate AI into our solutions. My focus extends beyond operational excellence to shaping strategies that deliver impact both internally and across the industry. \nIn addition to my professional pursuits\, I am deeply committed to fostering Diversity\, Equity & Inclusion within the industry through initiatives such as Women in Cyber and Tech\, P-TECH\, Cyber Patriots\, and Cyber Day for Kids among others. I firmly believe that empowering diverse voices not only enriches our community but also ignites creativity and innovation. \nI serve on the board of the Innovation Center for the St. Vrain Valley School District in Colorado\, where I help shape the future of education. By bringing real-world industry insights into the classroom\, I aim to inspire bold ideas\, empower educators\, and prepare students to thrive in a world driven by innovation and possibility. \n \n\n \n\n \n\n\nChaitra Devaraysamudram Krishna\n IT Internal Audit Director @ Fannie Mae \nChaitra has 18 years of experience in the Technology Audit field\, where she started out as an intern in Fannie Mae’s IT Audit team back in 2006. Chaitra currently serves as a director within the same team. In her role\, she is responsible for overseeing technology infrastructure\, data\, and cybersecurity audits. She regularly collaborates with Infosec and technology infrastructure organizations as part of audits\, issue follow-up\, and continuous monitoring – focused on delivering Internal Audit’s point of view on top risks. She is also involved in problem-solve and team engagement efforts to improve the efficiency and effectiveness of audit processes. \nChaitra’s recent experience includes access management\, vulnerability management\, security configurations\, threat management and incident response\, third-party security\, AWS\, data governance\, including assessment of emerging risks such as GenAI and quantum computing – serving as a trusted partner for technology leadership. She regularly provides thought leadership in the validation of closure of high-risk and regulatory findings. Additionally\, she has participated in several leadership\, career development and cybersecurity panels to inspire and encourage other members of the field. \nChaitra holds a master’s degree in computer science from Louisiana State University. She is also a Certified Internal Auditor\, Certified Information Systems Auditor\, and Certified Information Systems Security Professional. Chaitra enjoys developing team members by helping them build competencies to achieve their career goals. \n \n\n\n \n\n\nXin (Cindy) Tu\nAudit Executive in AI\, Data and IT\, Financial Services \nXin “Cindy” Tu is an Audit Executive in the Financial Services industry with over 18 years of experience. Cindy has spent the last 10 years designing and improving IT and Data Audit Frameworks for Financial Services Companies. Additionally\, Cindy specialized in Data Governance and AI Governance Framework. \nIn her spare time\, Cindy participates actively in industry groups. She serves on the editorial board of CDO Magazine and AI Advisory Board of HotTopics and contributes to Data Governance and AI Governance Framework development by participating in CDMC Working Group and AI\, Data & Analytics Capabilities Working Group at EDM Council and American Bankers Association. \n \n\n\n \n\n\nKelly Volz\nSVP\, Governance Risk and Controls @ LPL Financial\nCISSP \nKelly Volz is the Senior Vice President leading Technology Governance Risk and Controls under the Chief information Security Officer for LPL Financial. She is responsible for policies\, program and third-party assessments\, issues and risk management\, regulatory readiness\, and the business office and works closely with stakeholders across business\, technology\, cybersecurity\, data\, finance\, legal\, risk\, and internal audit. Kelly is living out her passion by operating strategically across the business and making an impact in an innovative company going through transformation. \nKelly joined LPL from EY\, where she was a Managing Director and Regional Leader in the Cybersecurity Practice for the Financial Services Sector. She was the executive sponsor for EY’s relationships with Financial Services Information Sharing and Analysis Center (FS-ISAC)\, Cyber Risk Institute (CRI)\, and was the group diversity champion. While at EY\, Kelly was instrumental in uplifting cybersecurity program governance and maturity\, measuring and reducing risks\, gaining executive buy-in and investment\, leading major initiatives and closing regulatory findings\, and uniting teams across the enterprise towards joint outcomes. \nKelly is a Certified Information Systems Security Professional (CISSP)\, a member of the Association of Certified Fraud Examiners (ACFE)\, and has achieved certificates in Forensic Accounting\, Georgetown University CCPE and Insider Threat Program Manager\, Carnegie Mellon University SEI. Kelly recently spoke at the Executive Women’s Forum (EWF) Annual Conference and FAIR Institute Annual Conference and is the current executive sponsor for Women in Cybersecurity (WiCys) at LPL. \n \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \n\nPoll Questions \n\n\nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n  \n\n\nCPE Distribution and Evaluation Survey \n\n\nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \n\n\nLearning Objective \n\n\nAfter attending this event\, attendees will learn about current and future trends in the technology space. \n  \n\n\nCPE-Related Details \n\n\n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Live\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/leading-tech-conference/ LOCATION:George Mason University – Arlington\, 3351 Fairfax Drive\, Arlington\, VA\, 22201\, United States CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/08/leading_tech.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20251112T120000 DTEND;TZID=America/New_York:20251112T130000 DTSTAMP:20260613T215528 CREATED:20250823T154448Z LAST-MODIFIED:20251101T141718Z UID:34281-1762948800-1762952400@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Back to Basics Webinar: Risk Management DESCRIPTION:  \n \n  \nNovember 12\, 2025\nVirtual Event (Zoom)\nEarn up to 1 CPE\n$5 for GWDC Members\n$10 for Non-Members\nComplimentary student registration (no CPE) \n  \n\n\n\nBack to Basics Webinar Series \nRisk Management \nThe Back to Basics Lunch & Learn Webinar Series is a webinar series designed for students\, young professionals and members and non-members who are looking to refresh concepts\, switch careers and diversify their professional portfolio and stand out in a competitive job market. These bite-sized\, actionable sessions focus on the skills that don’t always come with a certification—but make a big difference in landing the job or leadership role you want. \nWe’ll cover the topics that are the heart and essence of ISACA as a professional organization\, from IT Audit\, IT Governance\, Data Management\, Risk Management\, Disaster Recovery/ Business Continuity and IT Forensic basics. These concepts sessions can also serve as a refresher for seasoned professionals in the industry. \nTarget Audience: Risk Managers\, Compliance Officers\, CISOs\, and Security Leaders at organizations preparing for or undergoing CMMC assessments\, particularly those seeking practical implementation guidance grounded in real-world assessment experience. \nAll sessions are short\, high-impact\, and recorded for later viewing on our YouTube channel. For those attending 1 CPE will be awarded. Join us and get insights to grow your brand\, expand your opportunities\, and take your career to the next level. \n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nPricing and Registration \nFor the Back to Basics webinars\, we are offering two different ways to join the webinar: Professional registration and student registration. \n\nProfessional registration \nProfessional registration is for those who want to attend the webinar and earn CPE credit (1 CPE). \nThe registration fees are: \n\nGWDC Members: $5 per person.\nNon-Members: $10 per person\n\nRegistration closes on November 11th @ 5 PM. \nProfessional Registration \n\n\nStudent registration \nStudent registration is available to support the students and young professionals in our area. \nAdditional details: \n\nNo registration fee.\nNot eligible to earn CPE.\n\nRegistration closes on November 11th @ 5 PM. \nStudent Registration \n\n  \n\nJoin ISACA and the GWDC! \nTo become a member and take advantage of the member rate for our events\, among other benefits\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \nJoin ISACA Today! \n\n  \nAdditional Event Details \n\nDate and Time \n\n\nThe conference will be held on November 12\, 2025 from 12:00 pm to 1:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVirtual Event \n\n\nThe webinar will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n  \n\n\n\n  \nSponsorship Opportunities \nIf you are interested in sponsoring this event\, or sponsoring the chapter as an annual sponsor\, please visit our sponsorship page. \nSponsorship Info \n  \n\n\n\nAgenda \nAgendas may change due to schedule conflicts and other unexpected situations. If a previously published agenda has changed\, the changes will be noted. \n  \n \n\n12:00 PM – 1:00 PM \n\n\nRisk Management & Practical Implementation Insights for CMMC Compliance \nPresenter: Alex Omeke (Secure Operating Solutions) \nFrom the assessment trenches to the boardroom—a Lead CMMC Assessor’s unfiltered perspective on what’s really happening in CMMC implementations. Alex Omeke pulls back the curtain on common misconceptions\, recurring failures\, and unexpected successes he’s witnessed across dozens of assessments. This candid session combines battlefield lessons from defense contractor environments with practical risk management strategies that actually work in the real world\, not just on paper. \nLearning Objectives: \n\n\n\nIdentify Critical Risk Blind Spots: Recognize the most common CMMC gaps that lead to assessment failures and learn proactive strategies to address them before they become costly problems\nNavigate Assessment Realities: Understand what assessors actually look for beyond documentation\, including the behavioral indicators and operational evidence that demonstrate true security maturity\nOptimize Risk-Based Prioritization: Apply lessons from successful implementations to focus limited resources on controls that deliver maximum risk reduction and assessment confidence\nAnticipate Evolving Requirements: Gain insider perspective on how CMMC assessment criteria are being interpreted in practice and prepare for emerging compliance trends\nBuild Sustainable Programs: Transform one-time compliance efforts into ongoing risk management capabilities that support business growth and contract opportunities\n\n\n\n\n  \nPresenter \nAt times presenters for a session may change due to schedule conflicts and other unexpected situations. If a previously presenter has been substituted\, the changes will be noted. \n  \n \n\n\n\nAlex Omeke\nFounder of Secure Operating Solutions \nAlex Omeke is Founder of Secure Operating Solutions\, a Candidate C3PAO specializing in cybersecurity compliance frameworks. As a Lead Certified CMMC Assessor (CCA) with over 20 years of IT experience\, Alex spent a decade managing and engineering strategic cybersecurity networks on major U.S. military installations for prime defense contractors. Holding 20+ industry certifications including CISSP\, PMP\, and multi-cloud credentials (AWS\, Azure\, Google Cloud)\, he bridges the gap between technical implementation and business strategy. Based in Houston\, Alex translates complex frameworks like CMMC and NIST 800-171 into scalable\, real-world solutions\, regularly leading cloud security discussions and Google Workspace CMMC alignment sessions for defense contractors. \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nEarn up to 1 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \n\nPoll Questions \n\n\nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n  \n\n\nCPE Distribution and Evaluation Survey \n\n\nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \n\n\nLearning Objective \n\n\nAfter attending this event\, attendees will learn or refresh their knowledge of the basics of IT risk management. \n  \n\n\nCPE-Related Details \n\n\n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/back-to-basics-webinar-risk-management/ LOCATION:Virtual Event CATEGORIES:Webinar ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/08/back-to-basics.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20251105T120000 DTEND;TZID=America/New_York:20251105T130000 DTSTAMP:20260613T215528 CREATED:20250823T154535Z LAST-MODIFIED:20251101T140406Z UID:34269-1762344000-1762347600@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Back to Basics Webinar: Data Management & IT Governance DESCRIPTION:  \n \n  \nNovember 5\, 2025\nVirtual Event (Zoom)\nEarn up to 1 CPE\n$5 for GWDC Members\n$10 for Non-Members\nComplimentary student registration (no CPE) \n  \n\n\n\nBack to Basics Webinar Series \nData Management & IT Governance \nThe Back to Basics Lunch & Learn Webinar Series is a webinar series designed for students\, young professionals and members and non-members who are looking to refresh concepts\, switch careers and diversify their professional portfolio and stand out in a competitive job market. These bite-sized\, actionable sessions focus on the skills that don’t always come with a certification—but make a big difference in landing the job or leadership role you want. \nWe’ll cover the topics that are the heart and essence of ISACA as a professional organization\, from IT Audit\, IT Governance\, Data Management\, Risk Management\, Disaster Recovery/ Business Continuity and IT Forensic basics. These concepts sessions can also serve as a refresher for seasoned professionals in the industry. \nAll sessions are short\, high-impact\, and recorded for later viewing on our YouTube channel. Join us and get insights to grow your brand\, expand your opportunities\, and take your career to the next level. \n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nPricing and Registration \nFor the Back to Basics webinars\, we are offering two different ways to join the webinar: Professional registration and student registration. \n\nProfessional registration \nProfessional registration is for those who want to attend the webinar and earn CPE credit (1 CPE). \nThe registration fees are: \n\nGWDC Members: $5 per person.\nNon-Members: $10 per person\n\nRegistration closes on November 4th @ 5 PM. \nProfessional Registration \n\n\nStudent registration \nStudent registration is available to support the students and young professionals in our area. \nAdditional details: \n\nNo registration fee.\nNot eligible to earn CPE.\n\nRegistration closes on November 4th @ 5 PM. \nStudent Registration \n\n  \n\nJoin ISACA and the GWDC! \nTo become a member and take advantage of the member rate for our events\, among other benefits\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \nJoin ISACA Today! \n\n  \nAdditional Event Details \n\nDate and Time \n\n\nThe conference will be held on November 5\, 2025 from 12:00 pm to 1:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVirtual Event \n\n\nThe webinar will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n  \n\n\n\n  \nSponsorship Opportunities \nIf you are interested in sponsoring this event\, or sponsoring the chapter as an annual sponsor\, please visit our sponsorship page. \nSponsorship Info \n  \n\n\n\nAgenda \nAgendas may change due to schedule conflicts and other unexpected situations. If a previously published agenda has changed\, the changes will be noted. \n  \n \n\n12:00 PM – 1:00 PM \n\n\nData Management and IT Governance Revisited \nPresenter: Dr. Sandra Fonseca \nThis session will explore how artificial intelligence and automation are transforming cloud security and what that means for cyber and IT auditors. We will dive into real-world breach scenarios\, such as privilege escalation and lateral movement in hybrid cloud environments\, and show how AI can be used to detect misconfigurations\, flag anomalous behavior\, and enforce compliance at scale. Attendees will walk away with a framework for auditing AI-augmented cloud environments\, including key questions to ask\, controls to validate\, and red flags to watch for in environments using tools like Microsoft Defender for Cloud\, Purview\, and Entra Permissions Management. \n\n  \nPresenter \nAt times presenters for a session may change due to schedule conflicts and other unexpected situations. If a previously presenter has been substituted\, the changes will be noted. \n  \n \n\n \n\n\nDr. Sandra Fonseca \nDr. Sandra Fonseca is an Information Technology Professional with over 30 years of experience in the IT field industry\, 15 of them as Systems Security Manager\, Project Manager\, and later on as Data Architect at a federal agency in Washington\, D.C. Her academic career spans 28 years\, having taught in all modalities\, undergraduate and graduate on traditional brick and mortar classroom\, hybrid\, teleconference\, and online. She has also served as Program Director for IT and Cybersecurity Programs for an Online University in the US. Dr. Fonseca also works as instructional designer subject matter expert in course development\, oversees SME’s course contents\, and collaborates in program assessment mapping. Professional development and engagement in professional organizations is essential\, and has served for the board of directors for professional associations like ISACA\, ISSA\, PMI\, ACFE and ASQ. \nCurrently she volunteers to the GWDC Chapter to the office of the secretary. Dr. Fonseca has a doctoral degree in business with a specialization in management information systems (DBA-MIS)\, and a second doctoral degree in education with a specialization in instructional design (EdD-ID). Her areas of Specialty are: IT\, Accounting\, Audit\, Project Management\, Operations Management\, and Quantitative Research Methods. \n \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nEarn up to 1 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \n\nPoll Questions \n\n\nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n  \n\n\nCPE Distribution and Evaluation Survey \n\n\nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \n\n\nLearning Objective \n\n\nAfter attending this event\, attendees will learn or refresh their knowledge about data management and IT governance. \n  \n\n\nCPE-Related Details \n\n\n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/back-to-basics-webinar-data-management-it-governance/ LOCATION:Virtual Event CATEGORIES:Webinar ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/08/back-to-basics.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20251030T180000 DTEND;TZID=America/New_York:20251030T190000 DTSTAMP:20260613T215528 CREATED:20251014T143044Z LAST-MODIFIED:20251014T143044Z UID:34930-1761847200-1761850800@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Volunteer Kickoff Meeting DESCRIPTION:  \n \n  \nOctober 30\, 2025\nVirtual (Zoom)\nNo CPE\nNo Registration Fee\n  \n  \n  \n\n\n\nVirtual Volunteer Kickoff Meeting \nVolunteering with ISACA-GWDC is more than just giving your time—it’s a hands-on way to grow your career\, expand your network\, and make a real impact in the cybersecurity and IT community. Whether you’re looking to sharpen your leadership skills\, gain experience beyond your day job\, or meet professionals who inspire you\, volunteering offers that “real-world lab” for growth. You’ll learn to influence without authority\, think like a product leader\, and operate with purpose—all while supporting programs that shape the next generation of cyber professionals. And you won’t be doing it alone—we’re here to help you get up to speed and find the right fit for your interests. \n Join us for our virtual volunteer kickoff meeting on October 30th at 6 PM to learn more\, meet the board\, and see how you can get involved. \nBefore the session\, take a moment to read an inspiring article from the ISACA-GWDC President Sushila Nair about how volunteering can supercharge your career. \nThis is your sign to take the next step—your career (and community) will thank you. \nRSVP Today! \n  \nMore about Volunteering \nChapter volunteers are integral part of the Chapter Board and carry out many of the activities necessary for Chapter events\, publications\, and other activities. The Board of Directors has need for dedicated\, energetic volunteers to support Chapter events and services. Even if you have only a few hours a month to volunteer\, your help is needed. \nVisit our Volunteer page for more information about volunteering and the steps to start your volunteer journey with the GWDC \nLearn more about Volunteering \n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nEvent Details \n\nDate and Time \n\n\nThe conference will be held on October 30\, 2025 from 6:00 pm to 7:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVirtual Event \n\n\nThis event will be held via Zoom. You will receive your Zoom link after registering for the event. \n  \n\n\nAgenda \n\n\n\nDiscussion of the board profiles and have volunteers can contribute\nQ&A period to follow\n\n  \n\n\nPricing \n\n\nThere is no fee to attend the event and for GWDC members. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n  \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nThere is no CPE for this event. URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/volunteer-kickoff-meeting/ LOCATION:Virtual Event CATEGORIES:Virtual Event ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/10/volunteer-kickoff-2025.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20251030T083000 DTEND;TZID=America/New_York:20251030T123000 DTSTAMP:20260613T215528 CREATED:20250820T005937Z LAST-MODIFIED:20251028T194944Z UID:34243-1761813000-1761827400@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Cybersecurity Conference 2025 DESCRIPTION:  \n \n  \nOctober 30\, 2025\nVirtual Event (Zoom)\nEarn up to 4 CPE\n$10 for GWDC Members\n$30 for Non-Members \n  \n  \n\n\n\nCybersecurity Conference 2025 \nSecuring the Digital Frontline – From Algorithms to Adversaries \nIn today’s rapidly evolving cyber landscape\, small incidents can have outsized consequences. This year’s Cybersecurity Conference explores how every vulnerability — no matter how minor — has the potential to disrupt critical systems\, compromise national security\, and erode public trust. \nThrough expert-led sessions\, the conference will delve into advanced penetration testing techniques\, the future of encryption in a post-quantum world\, and the interconnected nature of today’s threat environment. Attendees will gain a deeper understanding of how adversaries exploit gaps in technology and human behavior — and what organizations must do to stay resilient. \nWhether you’re in the public or private sector\, this conference will equip you with the knowledge to anticipate emerging threats and build robust\, forward-looking defenses. \nRegistration closes on October 29th @ 5PM. \nRegister Today! \n  \n\n\n\n  \nSponsorship Opportunities \nIf you are interested in sponsoring this event\, or sponsoring the chapter as an annual sponsor\, please visit our sponsorship page. \nSponsorship Info \n  \n\n\n\nEvent Details \n\nDate and Time \n\n\nThe conference will be held on October 30\, 2025 from 8:30 am to 12:30 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVirtual Event \n\n\nThe conference will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n  \n\n\nPricing \n\n\nThe fee for GWDC Members is $10 for the conference.\nThe fee for all other registrants is $30 for the conference. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n  \n\n  \n\n\n\n  \nInterested in Speaking at a Chapter Event \nIf you are interested in speaking at an upcoming conference\, please visit the Call for Speakers page and complete the form. \nCall for Speakers \n  \n\n\n\nConference Agenda \nConference agendas may change due to schedule conflicts and other unexpected situations. \n  \n \n\n08:30 AM – 09:30 AM \n\n\nThe Digital Butterfly Effect: From the Dry Cleaners to the D.I.B. \nPresenter: Kurtis Minder (GroupSense) \nA poignant and tangible look at why every cyber incident is meaningful. This talk provides a detailed examination of how cyber attacks are carried out and how even seemingly benign incidents can have a negative impact on national security. \n\n \n\n09:30 AM – 10:30 AM \n\n\nPost-Quantum Cryptography: Fuel for Cryptographic Posture Management (Panel Discussion) \nHost: Dorin Munteanu (InfoSec Global); Panelists: Dr. Vladimir Soukharev (InfoSec Global) and Ted Shorter (Keyfactor) \nCryptography is at the heart of digital trust and\, therefore\, at the heart of digital business. Organizations must recognize that cryptography is now critical infrastructure – infrastructure that must be measured and managed by multifaceted physical and virtual teams. Modern organizations need to identify their cryptographic assets and evaluate whether they are cryptographically secure\, compliant\, adhere to best practices\, and are appropriately used. \nJoin us to explore how a cryptographic inventory serves as both an immediate security enhancement and a strategic foundation for quantum-resistant infrastructure. \n\n \n\n10:30 AM – 11:30 AM \n\n\nSecuring Gen AI RAG Data using Azure AI Search \nPresenter: Eric Johnson (Puma Security\, SANS) \nLarge Language Models (LLMs) and Generative AI have inherent limitations\, such as outdated knowledge\, lack of private data access\, and the potential for hallucinations. In this session\, we will introduce a strategy for overcoming these challenges: Retrieval-Augmented Generation (RAG). Attendees will see how a GenAI RAG application can provide access to real-time\, private data stored in an external knowledge base without needing to fine-tune the base LLM model. \nWith an understanding of the GenAI RAG application\, we will explore an example cloud infrastructure hosting the application using Azure AI Search\, Azure Storage\, and Azure Container Apps. The cloud architecture review will uncover new attack vectors and cloud security misconfigurations that can unintentionally leak RAG data to an attacker. Attendees will see how these vulnerabilities can be used to gain unauthorized access to AI data. Then\, we will look at the cloud security controls needed to authorize access to the RAG data. Attendees will walk away with an understanding of GenAI RAG applications\, the underlying cloud infrastructure powering these AI systems\, and the security controls needed to protect sensitive RAG data. \nLearning Objectives: \n\nReview GenAI RAG application architecture\nIdentify misconfigurations in GenAI RAG cloud infrastructure\nLearn GenAI RAG cloud security controls\n\nThis webcast supports content and knowledge from SEC510: Cloud Security Engineering and Controls. \n\n \n\n11:30 AM – 12:30 PM \n\n\nYour AI is vulnerable & you don’t even know it – Red Team Testing AI \nPresenter: Tyler Wrightson (Leet Cyber Security) \nHackers aren’t just exploiting code anymore\, they’re weaponizing the very AI systems designed to help your organization. The exploits are beyond easy\, even absurd at times\, and available to even non-technical adversaries. In this eye-opening session\, discover how attackers are exploiting AI chatbots and AI Systems and get a better grasp on what organizations should be doing to secure their systems. \n\n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nPresenters \nAt times presenters for a session may change due to schedule conflicts and other unexpected situations. If a previously presenter has been substituted\, the changes will be noted. \n  \n \n\n \n\n\nKurtis Minder\nCEO and Co-Founder @ GroupSense \nKurtis Minder is the CEO and co-founder of GroupSense\, a leading provider of digital risk solutions. He built a robust cyber reconnaissance operation that protects some of the world’s largest enterprises and government organizations. \nKurtis is a recognized expert in ransomware negotiation\, having served as the lead negotiator in some of the largest ransomware\, breach\, and data extortion cases globally. His experiences and insights are captured in his book\, Cyber Recon\, which explores the high-stakes world of cyber threat actor engagement and ransomware response. \nHe holds a FEMA certification in Critical Infrastructure Protection and actively contributes to public good projects. He is a key contributor to RAPIDS\, a regional initiative based in Grand Junction\, Colorado\, focused on measuring and managing the health of the Colorado River through innovative technology and data collaboration. Kurtis’ book “Cyber Recon: My Live in Cyber Espionage and Ransomware Negotiation” (Wiley 2025) is an expose’ on the private cyber espionage industry and the economic impact of cyber attacks to the US economy. \nKurtis’s work has been featured in major media outlets including The New Yorker\, Fortune\, VICE\, WIRED\, CNN\, Good Morning America\, and many others. \n \n\n \n\n \n\n\nDorin Munteanu\nStrategic Advisor @ InfoSec Global (a Keyfactor Company) \nDorin Munteanu serves as Strategic Advisor to InfoSec Global\, a Keyfactor company and Fellow at the Future Government Institute. \nHe is co-founder of the Robotic Process Automation (RPA) Initiative\, Community Director of the Virginia Academic RPA Community of Practice and senior advisor at the Center for Business Civic Engagement at the George Mason University\, in Arlington\, VA. \nDorin also serves as the President of the Romanian-American Chamber of Commerce\, in Washington\, D.C.\, where he founded and is co-chairing the DC Cyber Task Force between the U.S. and Romania. \nDorin is an Advisory Council member at the Krach Institute for Tech Diplomacy at Purdue University. He is an Advisory Board Member to the US-Bulgarian Chamber in America and to the AlphaTech Group\, an initiative designed to engage with promising CEOs of emerging growth companies within the cybersecurity\, big data and analytics industries. Additionally\, Dorin is a member of the Black Sea Working Group (BSWG) at the Center for European Policy Analysis (CEPA). \nHe previously served as a Managing Partner at uRADMonitor network\, an automated Internet of Things (IoT) and Big Data solution. \nBefore\, Dorin has been a Research Associate and Assistant Program Coordinator of the U.S.-Romania Initiative at The Center for European Policy Analysis (CEPA) and Researcher at TD International\, both organizations based in Washington\, D.C.. Dorin holds degrees from Babeș-Bolyai University of Cluj-Napoca\, Romania\, and the School of International Service at American University. He is fluent in Romanian\, Spanish\, Italian\, and Hungarian\, and proficient in French. \n \n\n \n\n \n\n\nDr. Vladimir Soukharev\nVP of Cryptographic R&D @ InfoSec Global (a Keyfactor Company) \nDr. Vladimir Soukharev is VP of Cryptographic R&D at InfoSec Global. He is focused on cryptographic research and development and is inspired by continuous innovation. Vladimir obtained his Ph.D. from the University of Waterloo’s David R. Cheriton School of Computer Science\, specializing in cryptography\, security and privacy under the supervision of David Jao. He was part of the Centre for Applied Cryptographic Research\, CryptoWorks21 and has contributed and published works at world-renowned conferences and in journals\, such as PQCrypto\, Financial Cryptography and the Journal of Mathematical Cryptology. Since completing his formal studies in 2016\, he has dedicated his work life to advancing the knowledge and application of cutting-edge cryptography and cyber security technologies to protect vital information and communications in complex\, highly regulated environments. Vladimir is leading and managing the cryptographic R&D at InfoSec Global\, with main focus on Post-Quantum Cryptography\, Cryptographic Agility\, and Cryptographic Discovery & Analytics. He is also contributing to and is part of government initiatives and standards related to PQC and cryptographic migration\, which include NCCoE\, NIST\, and Quantum-Safe Canada. \n \n\n \n\n \n\n\nTed Shorter\nChief Technology Officer and Co-Founder @ Keyfactor\nCISSP \nTed Shorter is the Chief Technology Officer and co-founder at Keyfactor. Responsible for Keyfactor’s Intellectual Property development efforts\, Ted helps align Keyfactor’s focus with the changing security landscape\, ensuring our clients understand the importance of crypto-agility. \nTed has worked in the security arena for over 30 years\, in the fields of cryptography\, Public Key Infrastructure\, authentication and authorization\, and software vulnerability analysis. His past experience includes 10 years at the National Security Agency\, a master’s degree in computer science from The Johns Hopkins University\, and an active CISSP certification. \n \n\n \n\n \n\n\nEric Johnson\nCo-Founder and Principal Security Engineer @ Puma Security\nFellow @ the SANS Institute \nEric is a Co-Founder and Principal Security Engineer at Puma Security and a fellow at the SANS Institute. His experience includes cloud security assessments\, public cloud architecture\, Kubernetes and cloud native hardening\, cloud infrastructure automation\, static source code analysis\, web and mobile application penetration testing\, secure development lifecycle consulting\, and secure code review assessments. Additionally\, Eric is a member of the IANS Faculty and an AWS Community Builder. Eric is the lead author and an instructor for SEC540: Cloud Native Security and DevSecOps Automation and a co-author and instructor for both SEC549: Cloud Security Architecture\, and SEC510: Cloud Security Engineering and Controls. \n \n\n \n\n \n\n\nTyler Wrightson\nFounder @ Leet Cyber Security \nTyler Wrightson is the author of two books published by McGraw Hill; Advanced Persistent Threat Hacking\, The Art and Science of Hacking Any Organization (2014); Wireless Network Security: A Beginner’s Guide (2012). \nTyler is the founder of Leet Cyber Security\, which exists to fundamentally change the way organizations build their cyber security programs based on three principles: Threat Centric Wisdom\, Pragmatism and The Context of their business. \nLeet focuses on offensive security services such as Penetration Testing and Red Teaming to secure organizations against real world attackers. Tyler has over twenty years of experience in the cybersecurity field across many industries including healthcare and financial services with extensive experience in many areas of technical security including networking\, systems architecture\, offensive security and penetration testing. Tyler holds industry certifications such CISSP\, CCSP\, CCNA\, CCDA\, and MCSE. Tyler has also taught classes for CCNA certification\, hacking and penetration testing\, wireless security\, and network security. Tyler is the founder of ANYCon\, Albany New York’s Annual Hacker conference. He has been a frequent speaker at industry conferences including NY Bankers Association (NYBA)\, NYS CyberSecurity Conference\, Derbycon\, BSides\, Rochester Security Summit\, ISACA\, ISSA\, and others. Follow his security blog at blog.leetsys.com. \n \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \n\nPoll Questions \n\n\nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n  \n\n\nCPE Distribution and Evaluation Survey \n\n\nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \n\n\nLearning Objective \n\n\nAfter attending this event\, attendees will learn about current and future trends in the cybersecurity space. \n  \n\n\nCPE-Related Details \n\n\n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/cybersecurity-conference-2025/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/08/cybersecurity_2025.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20251024T183000 DTEND;TZID=America/New_York:20251024T203000 DTSTAMP:20260613T215528 CREATED:20250920T132404Z LAST-MODIFIED:20251007T142041Z UID:34744-1761330600-1761337800@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Fall Halloween Social DESCRIPTION:  \n \n  \nOctober 24\, 2025\nFlight Club (Washington D.C.)\nNo CPE\nFree for GWDC Members\nRSVP early as space is limited \n  \n  \n\n\n\nFall Halloween Social \nThe ISACA GWDC invites members to join us for our Fall Halloween Social! Come enjoy an evening of networking and fun at Flight Club DC. ???? Members and their guests will experience tech-enabled social darts (choose from six interactive games)\, delicious food\, and drinks. \nCostumes are encouraged but optional—feel free to get festive! Please note this event is 21 and over. \nThis social is free to attend for GWDC members and an optional guest. Since space is limited\, we kindly ask that you only register if you plan to attend. \n✨ We look forward to seeing you at our Fall Halloween Social for darts\, drinks\, food\, and festive fun! \nWe’ve reached the capacity for the event. However\, there is a waitlist you can join. In the event there are any cancellations\, those on the waitlist will be contacted. \nJoin the Waitlist \n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nEvent Details \n\nDate and Time \n\n\nThe conference will be held on October 24\, 2025 from 6:30 pm to 8:30 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVenue Information \n\n\nFlight Club DC\n641 New York Ave NW\nWashington\, DC 20001 \n  \nParking Information \nThe venue offers discounted parking nearby at:\n650 L Street NW\nWashington\, DC 20001 \nDiscounted parking is valid from 4:00 PM – midnight only and will not extend beyond midnight. Instructions for accessing discounted rates: Flight Club Discounted Parking. \n  \nNearest Metro \nFlight Club DC is located near the Federal Triangle Metro Station (Red\, Blue\, and Silver lines). \n  \n\n\nPricing \n\n\nThere is no fee to attend the event and for GWDC members and one optional guest. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n  \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nThere is no CPE for this event. URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/fall-halloween-social/ LOCATION:Flight Club\, 641 New York Ave NW\, Washington\, D.C.\, DC\, 20001\, United States CATEGORIES:Social Events ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/09/social_fall_halloween.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20251024T083000 DTEND;TZID=America/New_York:20251025T170000 DTSTAMP:20260613T215528 CREATED:20250908T222404Z LAST-MODIFIED:20251022T210246Z UID:34646-1761294600-1761411600@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:AAIA Review Course 2025 DESCRIPTION:  \n \n  \nOctober 24 – 25\, 2026\nVirtual Event (Zoom)\nEarn up to 16 CPE\n$400 for GWDC Members\n$600 for Non-Members \n  \n  \n\n\n\nAdvanced in AI Audit™ (AAIA™) Review Course \nThe GWDC is sponsoring an intensive 2-day virtual review course for the Advanced in AI Audit certification exam. This review course will provide practical advice on preparing for the AAIA exam and specific instruction regarding the job practice areas addressed by AAIA as defined by ISACA® Global. \nThe AAIA Certification Training is designed for IT audit professionals. It’s built to give participants the precise knowledge and practical skills they need to audit artificial intelligence systems effectively. \nThis course guides participants through the full AI audit lifecycle. The course covers everything from AI governance and risk management to understanding AI operations and applying specific auditing tools and techniques. The emphasis is entirely on hands-on application\, so participants can confidently design\, execute\, and manage AI-driven audits that meet stringent standards for ethics\, security\, and compliance. \nThis event is ideal for professionals planning to sit for the AAIA exam. Attendees are encouraged to prepare in advance to maximize the benefits of the course. \nIt is also beneficial for those seeking knowledge in information security and auditing of AI. \nRegistration closes on October 23 @ 5PM. \nRegister Today! \n  \n\n\n\n  \nThe AAIA and Exam Registration \n \nBe one of the first experienced IT auditors to embrace AI and level up their careers with the new ISACA Advanced in AI Audit™ (AAIA™) certification. Designed exclusively for professionals with CISA® and other qualified high-level audit certifications\, AAIA empowers you to stand up to today’s AI challenges and become an AI audit leader that more organizations demand. \nParticipants that wish to gain the AAIA certification must hold an active CISA\, CIA (IIA)\, or CPA (AICPA) certification\, which is subject to audit. \nMore about the AAIA \n  \n\n\n\nEvent Details \n\nDate and Time \n\n\nThe course will be held on October 24 – 25 from 8:30 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVirtual Event \n\n\nThe course will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n  \n\n\nPricing \n\n\nThe fee for GWDC Members is $400 for the course.\nThe fee for all other registrants is $600 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n  \n\n\n\n  \nRe-take Discount \nStudents who take a GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. Contact the Certifications Director through the Contact Form below if you want to take advantage of this discount. \nContact Us \n  \n\n\n\nCourse Outline \nDOMAIN 1: AI Governance & Risk (33%) \nDOMAIN 2: AI Operations (46%) \nDOMAIN 3: AI Auditing Tools and Techniques (21%) \nFor full details on these job practices areas\, visit the ISACA Website \n  \nCourse Materials and Exam Resources \nStudy Materials \nThe instructor highly recommends that students purchase the AAIA Review Manual and the AAIA Review Questions\, Answers\, and Explanations (QAE) Database. These and other the study materials available for purchase from the ISACA Bookstore. \n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the course. \n  \n\nOptional Study Kits for Purchase (New Option!) \nDuring registration\, there will be an option to purchase one of the following study kits to assist students in preparation for the course: \n\nFull Kit: Includes the Review Manual (Digital Copy)\, QAE database\, and a voucher for the Exam. ($849)\nTraining Kit: Includes the Review Manual (Digital Copy) and QAE database. ($319)\n\nPlease note the following about the kits: \n\nThere is no refund for the study kits once purchased.\nThe Review Manual is the digital version and cannot be printed.\nThe QAE database is a 12-month subscription with an option to purchase a subscription extension.\nVouchers for the training kits will be emailed within 72 hours of purchase.\nIf you are not an ISACA member\, you will need to create a free MyISACA account to redeem the vouchers for the kits/exam.\n\nFor further details on the Review Manual and QAE database\, please visit the ISACA Website. \n\n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA AAIA page as part of their study program.  \n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nInstructor \n\n \n\n\nSushila Nair\nCISSP\, GIAC GSTRT\, GSNA GDSA\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila is a globally recognized cybersecurity executive with over 25 years of experience leading security strategy\, building high-performing practices\, and advising global enterprises and government agencies. She currently serves as President of the ISACA Greater Washington D.C. Chapter\, the second-largest ISACA chapter in the world. \nSushila has held leadership roles as CISO in the United Kingdom and Malaysia\, global portfolio and practice lead in the United States for global consulting companies. She has led multi-million-dollar cybersecurity portfolios\, managed global delivery teams\, and driven the development of next-generation cybersecurity services. \nAn active contributor to ISACA Global’s Emerging Trends workgroup\, Sushila is a respected voice in the industry\, regularly featured in top publications and global conferences such as RSA and ISACA. She is the host of the public radio segment Shore Tech Pulse\, where she educates the community on cybersecurity and technology trends. Her awards include ISACA’s Technology for Humanity Award and recognition as a Top Cybersecurity Leader by Security Magazine and Cyber Magazine in 2024. \n \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nEarn up to 16 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \n\nPoll Questions \n\n\nParticipants must respond to all the poll questions polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n  \n\n\nCPE Distribution and Evaluation Survey \n\n\nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \n\n\nLearning Objective \n\n\nAfter completing the course\, students will be prepared to sit for the AAIA Certification exam. \n  \n\n\nCPE-Related Details \n\n\n\nPrerequisites: None\nAdvance Preparation: Students are expected to have prepared for the exam prior to attending the course.\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/aaia-review-course-2025/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/08/aaia_review_2025.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20251018T090000 DTEND;TZID=America/New_York:20251018T170000 DTSTAMP:20260613T215528 CREATED:20250830T025333Z LAST-MODIFIED:20251007T135312Z UID:34501-1760778000-1760806800@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:NIST Privacy Framework Workshop 2025 DESCRIPTION:  \n \n  \nOctober 18\, 2025\nVirtual Event (Teams)\nEarn up to 7 CPE\n$125 for GWDC Members\n$200 for Non-Members \n  \n  \n\n\n\nNIST Privacy Framework Workshop \nThis intensive one-day virtual workshop\, “NIST Privacy Framework\,” scheduled for Saturday\, October 18th\, 2025\, will provide participants with a thorough understanding of how to manage privacy risks and protect individual privacy while achieving organizational objectives. The workshop will cover strategies for implementing privacy practices that align with regulatory requirements. Participants will gain valuable insights and practical knowledge to enhance their organization’s privacy management capabilities. The workshop offers 7 Continuing Professional Education (CPE) credits. \nRegistration closes on October 16 @ 5PM. \nRegister Today! \n  \n\n\n\n  \nMore about the NIST Privacy Framework \nThe NIST Privacy Framework (PF) is a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy. Visit the NIST website for resources and events related to the NIST Privacy Framework \nMore about the Framework \n  \n\n\n\nEvent Details \n\nDate and Time \n\n\nThe workshop will be held on October 18\, 2025 from 9:00 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVirtual Event \n\n\nThe workshop will be held using Microsoft Teams. \nPrior to the event\, the instructor will email all participants the Teams link for the course along with course materials \n  \n\n\nPricing \n\n\nThe fee for GWDC Members is $125 for the workshop.\nThe fee for all other registrants is $200 for the workshop. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n  \n\n\n\n  \nComments from Prior Workshop Attendees \n“It was and is an excellent review of the NIST Privacy Framework 1.0 and how to use it. I also enjoyed listening to the questions of others and the instructor’s answers\, and the overall discussion that ensued. It was an excellent use of my time. Also\, the cost was reasonable\, as a member of the chapter.” – Harvey N \n“I thought this was a great class. I liked that active participation was encouraged and i really appreciated that Jim was willing to share so many materials with the class.” – Jessica C \n“Jim has an interactive presentation style that goes beyond the slides and brings the course material to life.” -Rich R. \n“The presentation slides were very informative and easy to read. Also\, the instructor’s continual active engagement of the attendees.” – Nathan P \n“The instructor was very knowledgeable about the NIST Privacy Framework and offered lots of examples for each module. I feel like I now know and understand the basics and purpose of the NIST Privacy Framework.” – Jacob L. \n  \n  \n\n\n\nCourse Outline \nModule 0: Course Overview and Introduction \n\nIntroduction and Course Overview\nParticipant Introductions\nWhat is the NIST Privacy Framework?\nCourse Schedule\nCourse Format\nLearning Objectives\nExpected Outcomes\nStudent Prerequisites\nCourse Logistics\nRecap\n\nModule 1: Introduction to Privacy and Risk Management \n\nDefining Privacy in the Modern Digital Landscape\nChallenges in Managing Privacy Risks\nEnterprise Risk Management Overview\nThe Role of Privacy in Organizational Goals\nEvolution of Privacy Frameworks\nData Processing Ecosystem Overview\nEthical Decision-Making and Privacy\nKey Stakeholders in Privacy Risk Management\nPrivacy Risk vs. Compliance Risk\nBuilding a Privacy-Driven Culture\nCase Study\nQuiz\n\nModule 2: Core Components of the Privacy Framework \n\nOverview of the Privacy Framework Core\nIdentify-P Function\nGovern-P Function\nControl-P Function\nCommunicate-P Function\nProtect-P Function\nCategories and Subcategories: Structuring Privacy Activities\nLinking Privacy to the Cybersecurity Framework\nGranularity in Privacy Risk Management\nThe Importance of Subcategory Customization\nCase Study\nQuiz\n\nModule 3: Building and Using Profiles \n\nWhat Are Privacy Profiles?\nCurrent vs. Target Profiles\nRole of Profiles in Organizational Privacy\nSteps to Develop a Privacy Profile\nPrioritizing Outcomes and Activities\nUsing Profiles for Self-Assessment\nAligning Profiles with Business Needs\nComparing Multiple Profiles Across Roles\nIntegrating Profiles in Organizational Strategy\nProfiles as a Communication Tool\nCase Study\nQuiz\n\nModule 4: Implementation Tiers and Organizational Maturity \n\nOverview of Implementation Tiers\nPartial Tier: Foundational Privacy Management\nRisk-Informed Tier: Evolving Awareness\nRepeatable Tier: Formalized Practices\nAdaptive Tier: Continuous Improvement\nCriteria for Assessing Maturity Levels\nProgression Through Tiers\nLinking Tiers to Organizational Goals\nCollaboration and Communication for Tiers\nRealizing Privacy Maturity Benefits\nCase Study\nQuiz\n\nModule 5: Privacy Risk Assessment and Mitigation \n\nDefining Privacy Risk Factors\nProblematic Data Actions and Their Impacts\nSteps in Privacy Risk Assessment\nRisk Models for Privacy Management\nLikelihood and Impact Analysis\nResponding to Privacy Risks\nRisk Mitigation Strategies\nUsing Privacy Risk Assessment Methodology (PRAM)\nBalancing Risk Tolerance and Resources\nImplementing Risk Assessment Outcomes\nCase Study\nQuiz\n\nModule 6: Governance and Accountability \n\nImportance of Governance in Privacy\nDeveloping Organizational Privacy Values\nEstablishing Roles and Responsibilities\nPolicies for Privacy Risk Management\nTraining and Awareness Initiatives\nMonitoring and Reviewing Privacy Policies\nStrengthening Cross-Functional Collaboration\nAccountability Across Ecosystem Stakeholders\nEmbedding Privacy in Decision-Making\nReporting on Privacy Metrics and Progress\nCase Study\nQuiz\n\nModule 7: Integrating Privacy into the System Development Lifecycle (SDLC) \n\nAligning Privacy with SDLC Phases\nPlanning for Privacy from the Start\nPrivacy in Design and Build Phases\nDeploying Privacy-Centric Solutions\nOperating with Privacy Safeguards\nDecommissioning with Privacy in Mind\nPrivacy Engineering Objectives Explained\nPredictability\, Manageability\, and Disassociability\nLeveraging SDLC Artifacts for Privacy\nPractical Integration Techniques\nCase Study\nQuiz\n\nModule 8: Engaging in the Data Processing Ecosystem \n\nUnderstanding Ecosystem Roles\nPrivacy in the Data Processing Ecosystem\nIdentifying Stakeholders and Relationships\nPrivacy Requirements Communication\nContracts and Governance in the Ecosystem\nManaging Interdependencies\nUsing Interoperability Frameworks\nAssessing Ecosystem Risk\nAligning Ecosystem Roles with Privacy Goals\nEcosystem-Wide Collaboration and Innovation\nCase Study\nQuiz\n\n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nInstructor \n\n \n\n\nJim Wiggins\n AAISM\, AAIA\, AIGP\, CISM\, CISA\, CRISC\, CISSP\, ISSEP\, CGRC (CAP)\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, FITSP-M\, MCITP\, MCSE: Security\, MCSE: Messaging\, MCSA\, MCDST\, Server+\, Network+\, A+\, CDPSE\, PMP\, ICE-CCP\, DACUM Facilitator \nJim Wiggins is a seasoned IT and cybersecurity expert with over 29 years of industry experience\, 24 of which have been dedicated to information security – and\, more recently\, the last 3 years on artificial intelligence. He is the Founder and CEO of Securible\, LLC\, a Washington\, DC-based cybersecurity training and consulting firm specializing in practical\, forward-thinking solutions. Through Securible\, Jim has championed innovative approaches to address emerging threats\, ensure regulatory compliance\, and harness the power of Artificial Intelligence in IT audit\, cybersecurity\, governance and privacy. Throughout his distinguished career\, Jim has trained well over 20\,000 IT and cyber professionals\, underscoring his commitment to education and the advancement of the field. \nIn addition to his leadership at Securible\, Jim also serves as the Founder and CEO of the Federal IT Security Institute (FITSI)\, a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI provides role-based cybersecurity certifications designed to fortify the U.S. federal cybersecurity workforce. \nEnhancing his contributions to the cybersecurity community\, Jim hosts a TV show in the Washington\, DC area called Cybersecurity Today. The program offers expert insights\, in-depth analysis\, and the latest updates on cybersecurity trends and threats\, further establishing his role as a prominent thought leader in the industry. \nRecognized as a Federal 100 award recipient in 2019 and the Federal Information Systems Security Educators’ Association (FISSEA) “Educator of the Year” in 2011\, Jim is widely respected for his commitment to elevating cybersecurity education. \nIn the rapidly evolving arena of Artificial Intelligence (AI)\, Jim has directly trained well over 1\,000 IT and cyber professionals on generative AI fundamentals through intensive sessions with the Department of the Interior’s University\, the Defense Information Systems Agency (DISA)\, the National Risk Management Center (NRMC) within CISA\, and the Greater Washington DC Chapter of ISACA. He leverages AI-driven tools such as ChatGPT\, Gemini\, Dalle\, Midjourney\, and Copilot to translate complex concepts into practical\, governance-focused applications. \nJim holds numerous certifications\, including: \n\nArtificial Intelligence: AAISM\, AAIA\, AIGP\nCybersecurity: CISM\, CISA\, CRISC\, CISSP\, ISSEP\, CGRC (CAP)\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and FITSP-M.\nInformation Technology: MCITP\, MCSE: Security\, MCSE: Messaging\, MCSA\, MCDST\, Server+\, Network+\, A+.\nPrivacy: CDPSE\, CIPP/US\nProject Management: PMP (Project Management Professional).\nEducation: ICE-CCP (I.C.E. Certified Credentialing Professional)\, DACUM Facilitator\n\nJim is currently finalizing a master’s degree in education from George Washington University with a concentration in Assessment\, Testing\, and Measurement. \n \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \n\nPoll Questions \n\n\nParticipants must respond to all the poll questions polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n  \n\n\nCPE Distribution and Evaluation Survey \n\n\nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \n\n\nLearning Objectives \n\n\n\nUnderstand the foundational components and structure of the NIST Privacy Framework.\nGain knowledge of privacy risk management and its importance in protecting individual privacy.\nLearn strategies for aligning privacy practices with organizational objectives and regulatory requirements.\nDevelop skills to implement the framework in real-world scenarios effectively.\nApply the framework through practical exercises to address privacy challenges and enhance management capabilities.\n\n  \n\n\nCPE-Related Details \n\n\n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/nist-privacy-framework-workshop-2025/ LOCATION:Virtual Event CATEGORIES:Workshop ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/08/nist_privacy_framework_workshop.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250925T083000 DTEND;TZID=America/New_York:20250925T123000 DTSTAMP:20260613T215528 CREATED:20250819T023957Z LAST-MODIFIED:20250925T113911Z UID:34219-1758789000-1758803400@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Cloud Conference 2025 DESCRIPTION:  \n \n  \nSeptember 25\, 2025\nVirtual Event (Zoom)\nEarn up to 4 CPE\n$10 for GWDC Members\n$30 for Non-Members \n  \n  \n\n\n\nCloud Conference 2025 \nNext-Gen Cloud & Mobile Security: Mastering Compliance\, Addressing Emerging Risks\, API Protection\, and Cloud Trends \nIn a world where over 80% of organizational resources are now hosted in the cloud and more than 90% of internet traffic is API-based\, understanding and mitigating cybersecurity risks has never been more crucial. This virtual conference is tailored for cybersecurity professionals\, auditors\, and IT leaders who need to stay ahead of evolving threats and ensure robust security for their cloud environments. \nJoin us for an enlightening day of expert insights\, practical tips\, and actionable strategies that will empower you to enhance your cloud security posture. Our lineup of distinguished speakers will guide you through the complexities of continuous compliance\, API security\, and the latest cloud security trends. \nRegistration closes on September 24th @ 5PM. \nRegister Today! \n  \n\n\n\n  \nSponsorship Opportunities \nIf you are interested in sponsoring this event\, or sponsoring the chapter as an annual sponsor\, please visit our sponsorship page. \nSponsorship Info \n  \n\n\n\nEvent Details \n\nDate and Time \n\n\nThe conference will be held on September 25\, 2025 from 8:30 am to 12:30 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \n\n\nVirtual Event \n\n\nThe conference will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n  \n\n\nPricing \n\n\nThe fee for GWDC Members is $10 for the conference.\nThe fee for all other registrants is $30 for the conference. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \n\n\nEvent Policies \n\n\nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n  \n\n  \n\n\n\n  \nInterested in Speaking at a Chapter Event \nIf you are interested in speaking at an upcoming conference\, please visit the Call for Speakers page and complete the form. \nCall for Speakers \n  \n\n\n\nConference Agenda \nConference agendas may change due to schedule conflicts and other unexpected situations. If a previously published agenda has changed\, the changes will be noted. \n  \n \n\n08:30 AM – 09:30 AM \n\n\nStopping Breaches Before They Start with AI-Powered Cloud Security \nPresenter: Carley Simon (Microsoft) \nThis session will explore how artificial intelligence and automation are transforming cloud security and what that means for cyber and IT auditors. We will dive into real-world breach scenarios\, such as privilege escalation and lateral movement in hybrid cloud environments\, and show how AI can be used to detect misconfigurations\, flag anomalous behavior\, and enforce compliance at scale. Attendees will walk away with a framework for auditing AI-augmented cloud environments\, including key questions to ask\, controls to validate\, and red flags to watch for in environments using tools like Microsoft Defender for Cloud\, Purview\, and Entra Permissions Management. \n\n \n\n09:30 AM – 10:30 AM \n\n\nAI-Powered Enterprise Security Risk Posture Management (ESRPM) in the Cloud: From Compliance to Continuous Digital Trust \nPresenter: Lalit Ahluwalia (DigitalXForce & XForce Galaxy) \nAs cloud adoption accelerates\, enterprises face unprecedented complexity in securing multi-cloud environments while meeting compliance demands. Traditional GRC tools are static and reactive\, leaving organizations vulnerable to evolving threats and regulatory gaps. This session will explore how AI-powered Enterprise Security Risk Posture Management (ESRPM) transforms cloud security and compliance into a real-time\, automated\, and outcome-driven discipline. \nAttendees will learn how to: \n\nContinuously map cloud assets to risks and controls\nAutomate compliance testing and evidence collection\nQuantify security posture in business terms\nEstablish digital trust through AI-driven risk intelligence/li>\n\nThis session is ideal for CISOs\, cloud security leaders\, and risk executives seeking to shift from compliance checklists to measurable cyber resilience. \n\n \n\n10:30 AM – 11:30 AM \n\n\nThe Cloud Changes Everything: Why Your Compliance Strategy Doesn’t \nPresenters: Terrence Williams (SANS) \nStop fighting the cloud with on-premises thinking. While your organization burns budget on third party tools and platforms designed for data centers\, AWS\, Azure\, and Google Cloud offer services that can be strategically automated for continuous compliance that costs fractions of traditional tools—yet most enterprises don’t know these capabilities exist. \nThis session explores the compliance revolution happening in plain sight: native cloud services that automatically enforce NIST controls\, AI that predicts violations before they occur\, and abstraction layers that eliminate vendor lock-in across multi-cloud environments. We’ll talk about whether continuous compliance automation can replace periodic audits and examine what happens when you treat compliance as code instead of paperwork. \nThe cloud isn’t just different infrastructure—it’s a fundamentally different approach to security and governance. While third-party vendors exploit knowledge gaps with expensive “cloud-washing” of legacy tools\, cloud providers deliver genuine innovation through services you’re already paying for. Join us as we explore what’s possible when you leverage the cloud’s native intelligence instead of fighting against it. \n\n \n\n11:30 AM – 12:30 PM \n\n\nAbove the Clouds: Navigating Audit & Compliance in Cloud Services \nPresenter: John Heath (KPMG) \nThe presentation will cover basics of cloud computing types\, service delivery models\, and how an auditor’s consideration of logical access controls\, program change management controls\, and other controls may be influenced by an entity’s use of a cloud service provider to host its systems. \n\n  \n\n\n\n  \nShare this Event \nIf you are interested\, planning to attend\, or attending this event\, please share with your colleagues across your social media networks. \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \n  \n\n\n\nPresenters \nAt times presenters for a session may change due to schedule conflicts and other unexpected situations. If a previously presenter has been substituted\, the changes will be noted. \n  \n \n\n \n\n\nCarley Simon\nSenior Data Security Solutions Engineer & Microsoft Federal \nCarley Salmon is a Senior Data Security Solutions Engineer at Microsoft Federal\, where she empowers Department of Defense customers to meet stringent data security and compliance requirements. With a deep understanding of regulatory frameworks and Microsoft’s security portfolio\, Carley delivers technical demonstrations and strategic guidance that help defense organizations navigate complex cybersecurity landscapes. Her work is grounded in real-world experience\, having served as a Team Chief and founding assessor at the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC)\, where she led assessments aligned to DFARS Clause 252.204-7012 and NIST SP 800-171. \nAn Army veteran and former Blackhawk helicopter pilot\, Carley brings a unique dual perspective as both a warfighter and technologist. Her leadership in the USANG and her hands-on experience in cybersecurity assessments inform her mission-driven approach to securing sensitive information. Carley’s passion for data protection and her commitment to national defense make her a compelling voice in the federal cybersecurity community. \n  \n\n \n\n \n\n\nLalit Ahluwalia\nCEO & Founder DigitalXForce & XForce Galaxy \nLalit Ahluwalia is an award-winning cybersecurity executive\, and entrepreneur with over two decades of experience driving global security\, risk management\, and digital trust transformation. He is the CEO & Founder of “DigitalXForce” and “XForce Galaxy”\, his dream ventures committed to redefine the future of cybersecurity. \nLalit is an industry thought leader\, keynote speaker\, and pioneer in AI-powered Enterprise Security Risk Posture Management (ESRPM) and automated GRC solutions. He has led the North America Security practice for Accenture\, Global Cybersecurity practice at Wipro\, and diverse portfolio of security initiatives for Deloitte and PwC. \nLalit has been recognized at North Texas Top 500 Business Leaders by DCEO and awarded the 40 Under 40 by Business Journals and CIO-CTO – Excellence in Cyber Security award by Dallas Magazine for his contributions in the Cyber Security field. \n \n\n \n\n \n\n\nTerrence Williams\nCertified Instructor @ SANS \nWith a trident of expertise in Digital Forensics and Incident Response (DFIR)\, Computer Science\, and Cloud Environments\, Terrence approaches each class with the resounding belief that if individuals are not making those around them better\, then what are they doing? As an instructor\, Terrence’s commitment is to ensure that every encounter leaves individuals better equipped and empowered than before. This philosophy underscores his teaching approach\, emphasizing the transformative power of cybersecurity and the boundless possibilities that emerge with the right mindset. \nTerrence’s journey into cybersecurity wasn’t a deliberate choice; instead\, it was a path he navigated as a Marine. He found his roots and thrived in the ever-evolving game of chess that is cybersecurity. The constant challenge to stay ahead\, the perpetual growth\, and the desire to continuously learn are the driving forces behind Terrence’s commitment to this career. \nBeyond the technical realm\, Terrence’s interests and hobbies are as diverse as the winds that blow. Engaging in community efforts\, whether through international travel\, exploring new restaurants\, or discovering that hidden bourbon bar\, he finds joy in connecting with people from all walks of life. Coming from a background that limited his exposure to the world\, Terrence now embraces every opportunity to learn about it. \n \n\n \n\n \n\n\nJohn Heath\nDirector\, Audit\, Technology Assurance @ KPMG LLP \nJohn Heath is a Technology Assurance – Audit Director in KPMG’s Federal practice\, bringing over 20 years of expertise in audit and advisory services to the Federal Government\, commercial organizations\, and not-for-profit entities. His career has been predominantly centered on IT support for financial statement audits and System and Organization Control (SOC) examinations. From 2009 to 2011\, John expanded his global experience by delivering audit services for KPMG’s Swiss member firm in Geneva\, Switzerland. \nBeyond his client-facing responsibilities\, John supports various firm initiatives: \n\nNational Training Facilitator: Leading training initiatives to enhance team capabilities.\nRecruitment Support: Actively involved in recruiting top talent.\nTechnology Implementation Leader: Spearheading the rollout of Alteryx Designer for the Federal Technology Assurance – Audit practice.\nQuality Reviewer: Serving as a reviewer for the firm’s quality review program.\nCareer Advisory Leader: Previously Chaired the Career Advisory Board\, and recently joined the Executive Advisory Council for his alma mater’s business school.\n\nJohn holds a Bachelor of Science in Information Systems Management and International Business\, and a Bachelor of Arts in French from Salisbury University\, class of 2005. \n \n\n  \n\n\n\n  \nQuestions about this Event \n\n\nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n  \n\n\n\nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \n\nPoll Questions \n\n\nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n  \n\n\nCPE Distribution and Evaluation Survey \n\n\nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \n\n\nLearning Objective \n\n\nAfter attending this event\, attendees will learn about current and future trends in the cloud security space. \n  \n\n\nCPE-Related Details \n\n\n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/cloud-conference-2025/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/08/cloud_2025.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250730T123000 DTEND;TZID=America/New_York:20250730T133000 DTSTAMP:20260613T215528 CREATED:20250608T132709Z LAST-MODIFIED:20250608T132709Z UID:33982-1753878600-1753882200@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Level Up Webinar - Realign Your Career for Clarity and Impact DESCRIPTION:“Level Up: Elevate Your Brand with ISACA GWDC” is a free webinar series designed to help members and non-members in the tech space stand out in a competitive job market. These bite-sized\, actionable sessions focus on the skills that don’t always come with a certification—but make a big difference in landing the job or leadership role you want. \nWe’ll cover how to use AI to sharpen your interview game\, grow your executive presence\, understand which ISACA certifications best align with your career goals\, and how to tell your story in a way that resonates with recruiters and boards alike. \nAll sessions are short\, high-impact\, and recorded for later viewing on our YouTube channel. No CPEs—just insights to grow your brand\, expand your opportunities\, and take your career to the next level. \nRegistration closes on July 30th @ 12 PM. \nRegister Today! \n  \nWebinar Overview \n\nJuly 30 \nThe webinar will be held on July 30\, 2025 from \n12:30 PM to 1:30 PM. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe workshop will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nComplimentary Attendance \nThere is no fee for this event. \nTo become a member and take advantage of the member rate for our other events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nNo CPEs \nNo CPEs are awarded for this event. \n  \n  \n  \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \n \n\n12:30 PM – 01:30 PM \n\n\nRealign Your Career for Clarity and Impact \nPresenter: Amy Krymkowski (Better Path Consulting) \nThis interactive workshop is designed for professionals who are feeling stuck or facing uncertainty in their careers. Using self-reflection and a powerful assessment tool\, participants will gain clarity on what’s helping or hindering their job satisfaction\, well-being\, and leadership effectiveness. Whether you’re navigating a job transition or looking to realign your current career path\, this workshop will help you uncover areas of misalignment and identify actionable steps to move forward with confidence and purpose. By the end of the session\, you’ll leave with clear insights and an action plan to improve both your professional and personal satisfaction as you take the next step in your career journey. \n\n  \nPresenter \n \n\n \n\n\nAmy Krymkowski\nCEO and Founder of Better Path Coaching \nAmy Krymkowski is the CEO and Founder of Better Path Coaching\, specializing in guiding accomplished midlife professionals through career transitions and transformations. The coaching approach is holistic and human-centered\, helping clients navigate change\, rediscover their purpose\, and build meaningful careers that align with both their values and aspirations. With a background in human resource management\, employee development\, and entrepreneurship\, Ms. Krymkowski bring a wealth of experience in leadership development and executive coaching. My journey has shaped my passion for empowering others to embrace new professional identities that align with their personal purpose and vision. \n \n\n  \nEvent Questions and Policies \n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/level-up-webinar-realign-your-career-for-clarity-and-impact/ LOCATION:Virtual Event CATEGORIES:Virtual Event ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/06/webinar_levelup.png END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250716T123000 DTEND;TZID=America/New_York:20250716T133000 DTSTAMP:20260613T215528 CREATED:20250608T140031Z LAST-MODIFIED:20250714T231410Z UID:34016-1752669000-1752672600@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Level Up Webinar - Your Career Story\, Rewritten: Resumes\, LinkedIn & Cover Letters That Work DESCRIPTION:“Level Up: Elevate Your Brand with ISACA GWDC” is a free webinar series designed to help members and non-members in the tech space stand out in a competitive job market. These bite-sized\, actionable sessions focus on the skills that don’t always come with a certification—but make a big difference in landing the job or leadership role you want. \nWe’ll cover how to use AI to sharpen your interview game\, grow your executive presence\, understand which ISACA certifications best align with your career goals\, and how to tell your story in a way that resonates with recruiters and boards alike. \nAll sessions are short\, high-impact\, and recorded for later viewing on our YouTube channel. No CPEs—just insights to grow your brand\, expand your opportunities\, and take your career to the next level. \nRegistration closes on July 16th @ 12 PM. \nRegister Today! \n  \nWebinar Overview \n\nJuly 16 \nThe webinar will be held on July 16\, 2025 from \n12:30 PM to 1:30 PM. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe workshop will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nComplimentary Attendance \nThere is no fee for this event. \nTo become a member and take advantage of the member rate for our other events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nNo CPEs \nNo CPEs are awarded for this event. \n  \n  \n  \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \n \n\n12:30 PM – 01:30 PM \n\n\nTailoring your Professional Career: Competitive Resume Toolkit \nPresenter: Dr. Carmen I. Figueroa-Medina \nYour experience matters—but how you tell your career story is what opens doors. As more professionals navigate career transitions—especially those shifting from federal roles to the private sector—knowing how to translate your value in a way that resonates with today’s hiring managers is key. \nThis webinar will walk you through the three essential tools of a strong job search: a private-sector-ready resume\, an optimized LinkedIn profile\, and a cover letter that actually gets read. We’ll go over how to reframe government-focused language\, showcase your impact\, and present yourself as the high-performing\, results-oriented candidate employers are looking for. And while federal-to-private transitions are a key focus\, the strategies shared are useful for anyone ready to update their materials and stand out in a competitive job market. \nWhether you’re responding to workforce shifts or proactively planning your next move\, you’ll leave with clear\, actionable tips to confidently tell your story. \n\n  \nPresenter \n \n\n \n\n\nDr. Carmen I. Figueroa-Medina \nCarmen I. Figueroa-Medina has over Twenty (20) years of academic experience teaching human resources management in higher education with years of student career development\, leadership advising dedicated to SHRM Student Chapters (University of Puerto Rico\, Río Piedras Campus & University of Puerto Rico\, Mayaguez Campus). Fourteen (14) years of SHRM Volunteer Leader and HRM Diversity and Inclusion Advocate. 2016 Best Paper Award ABWIC Conference. SHRM Recognition on five (5) Outstanding Student Chapter Merit Awards and five (5) Superior Merit Award (2012-2022). Traumatic Brain Injury Advocate and Member of the Board of Directors of LSG Foundation. \n\n  \nEvent Questions and Policies \n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/level-up-webinar-your-career-story-rewritten-resumes-linkedin-cover-letters-that-work/ LOCATION:Virtual Event CATEGORIES:Virtual Event ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/06/webinar_levelup.png END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250709T123000 DTEND;TZID=America/New_York:20250709T133000 DTSTAMP:20260613T215528 CREATED:20250608T140954Z LAST-MODIFIED:20250608T140954Z UID:34022-1752064200-1752067800@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Level Up Webinar - GenAI Your Job Hunt: Smarter Ways to Land the Role You Want DESCRIPTION:“Level Up: Elevate Your Brand with ISACA GWDC” is a free webinar series designed to help members and non-members in the tech space stand out in a competitive job market. These bite-sized\, actionable sessions focus on the skills that don’t always come with a certification—but make a big difference in landing the job or leadership role you want. \nWe’ll cover how to use AI to sharpen your interview game\, grow your executive presence\, understand which ISACA certifications best align with your career goals\, and how to tell your story in a way that resonates with recruiters and boards alike. \nAll sessions are short\, high-impact\, and recorded for later viewing on our YouTube channel. No CPEs—just insights to grow your brand\, expand your opportunities\, and take your career to the next level. \nRegistration closes on July 9th @ 12 PM. \nRegister Today! \n  \nWebinar Overview \n\nJuly 9 \nThe webinar will be held on July 9\, 2025 from \n12:30 PM to 1:30 PM. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe workshop will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nComplimentary Attendance \nThere is no fee for this event. \nTo become a member and take advantage of the member rate for our other events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nNo CPEs \nNo CPEs are awarded for this event. \n  \n  \n  \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \n \n\n12:30 PM – 01:30 PM \n\n\nGenAI Your Job Hunt: Smarter Ways to Land the Role You Want \nPresenter: Sushila Nair (Cybernetic LLC) \nIn today’s competitive job market\, standing out takes more than just a polished résumé—it takes strategy\, speed\, and insight. In this fast-paced session\, learn how to harness the power of Generative AI to elevate every part of your job search. From drafting custom cover letters to refining your LinkedIn profile\, preparing for interviews\, and tailoring your résumé to specific job descriptions\, AI can become your personal career coach. We’ll show you the do’s\, don’ts\, and real-world use cases so you can job search smarter—not harder. Whether you’re making a career pivot or just getting started\, this session will give you a competitive edge. \n\n  \nPresenter \n \n\n \n\n\nSushila Nair\nCEO of Cybernetic LLC\nCISSP\, GIAC GSTRT\, GSNA GDSA\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is the CEO of Cybernetic LLC and former Vice President of Capgemini’s North American Cybersecurity practice\, where she played a crucial role in driving secure digital transformation on a global scale. With over 30 years of experience in computing infrastructure\, business\, and security risk analysis\, Sushila has established herself as a leading authority in the cybersecurity domain. Her career highlights include serving as Vice President responsible for global security offers at NTT DATA Services\, a decade of leading her own IT and cybersecurity company across major UK cities\, and serving as a Chief Information Security Officer (CISO) and trusted advisor to boards\, where she honed her expertise in protecting organizations from evolving digital threats. Recognized through the top cybersecurity leader award by Security Magazine\, Sushila’s influence in the industry is undeniable. \nAn esteemed thought leader\, Sushila has shared her insights on prestigious platforms such as RSA Conference and ISACA’s global events. Her active participation in ISACA’s global emerging trends working group and her leadership as President of ISACA’s Greater Washington\, D.C. Chapter underscore her dedication to advancing the field of cybersecurity. In 2024\, her commitment to nurturing the next generation of cybersecurity professionals and promoting diversity in the industry was honored with the prestigious ISACA Technology for Humanity Award. \n \n\n  \nEvent Questions and Policies \n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/level-up-webinar-genai-your-job-hunt-smarter-ways-to-land-the-role-you-want/ LOCATION:Virtual Event CATEGORIES:Virtual Event ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/06/webinar_levelup.png END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250626T083000 DTEND;TZID=America/New_York:20250626T123000 DTSTAMP:20260613T215528 CREATED:20241231T184338Z LAST-MODIFIED:20250625T181216Z UID:33380-1750926600-1750941000@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Risk Management Conference DESCRIPTION:Risk management is the cornerstone of effective governance and cybersecurity in an era defined by rapid technological innovation. The Risk Management Conference 2025 is designed to equip professionals in IT audit\, cybersecurity\, and governance with the tools and insights necessary to navigate complex risk landscapes. \nThis conference explores cutting-edge approaches to risk management\, with a focus on the NIST Risk Management Framework (RMF) and other industry-leading frameworks that empower organizations to identify\, assess\, and mitigate risks effectively. Attendees will gain actionable knowledge on: \n\nImplementing and tailoring risk management frameworks to align with organizational goals and compliance requirements\nAddressing the unique risks posed by emerging technologies such as artificial intelligence and cloud computing\nStrengthening governance structures to drive accountability and resilience\nPractical case studies showcasing successful risk management strategies in real-world scenarios\n\nWhether you’re focused on AI risks\, securing cloud environments\, or enhancing your organization’s governance practices\, this conference offers the expertise\, practical guidance\, and collaborative opportunities to advance your risk management strategies. Join us to gain the insights and frameworks you need to navigate today’s risks and prepare for tomorrow’s challenges. \nRegistration closes on June 25th @ 3pm. \nRegister Today! \n  \nConference Overview \n\nJune 26 \nThe conference will be held on June 26\, 2025 from \n8:30 am to 12:30 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe workshop will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $10 \nThe fee for GWDC Members is $10 for the conference.\nThe fee for all other registrants is $30 for the conference. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 4 CPEs \nAttendees can earn up to 4 CPEs for this event. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \n \n\n08:30 AM – 09:30 AM \n\n\nCyber Risk Management in Practice: A Strategic Playbook for CISOs \nPresenter: Russell Eubanks (Cyverity\, SANS Institute) \nBalancing risk reduction with business enablement isn’t just a theory—it’s a challenge cybersecurity leaders face daily. Cyber Risk Management in Practice: A Strategic Playbook for CISOs is a presentation designed for CISOs\, cybersecurity executives\, and program managers who need more than frameworks—they need guidance they can act on. \nIn this session\, Russell Eubanks\, Principal Instructor at the SANS Institute and Managing Partner at Cyverity\, will discuss the practical elements of an effective cybersecurity risk management program. He’ll explain how to evaluate your current cybersecurity posture\, prioritize safeguard investments using a “good\, better\, best” model\, and close the gap between today’s risk realities and tomorrow’s security goals. \nAttendees will be introduced to a structured approach from the Cybersecurity Risk Foundation’s Governance and Risk Model (CRF-GRM)\, a proven methodology for turning cybersecurity strategy into repeatable action. You’ll leave with concrete steps to build a risk-informed roadmap\, embed cybersecurity into business decision-making\, and create a continuous improvement cycle. \nWhether strengthening your existing risk management program or building one from the ground up\, this webcast offers real-world techniques and strategic insight to help you make smarter\, more defensible decisions. \n\n \n\n09:30 AM – 10:30 AM \n\n\nBuilding Strong Governance for Accountability and Resilience \nPresenter: Elizabeth Dunsmoor (Shared Assessments) \nLearn how to strengthen governance structures to drive accountability and organizational resilience. The session will cover: \n\nGovernance Models – Overview of effective governance models and their key components\nAccountability Mechanisms – Strategies for establishing clear accountability and oversight\nResilience Building – Enhancing organizational resilience through robust governance practices\n\n\n \n\n10:30 AM – 11:30 AM \n\n\nA Fireside chat on “AI in the Crosshairs: Legal\, Risk and Cybersecurity Challenges in the Age of Generative AI” \nPresenters: Nick Lockett (ADL Solicitors) and Sushila Nair (Cybernetic LLC) \nArtificial Intelligence\, particularly Generative AI (GenAI)\, is reshaping industries with its innovative capabilities\, from content creation to complex decision-making. However\, with these advancements come significant cybersecurity and legal challenges. In this one-hour fireside chat\, a cybersecurity expert and a legal professional will dive into the complex interplay between AI technology and its risks. \nThe discussion will explore how GenAI is both a tool and a target in cybersecurity\, examining its role in threat detection as well as its misuse for creating deep fakes and automating cyberattacks. From a legal standpoint\, the conversation will delve into data privacy concerns\, intellectual property issues\, regulatory implications\, and ethical considerations surrounding AI use and development\, considering EU\,UK and US AI laws and Codes of Practice and how this impacts on competition in the AI field. Together\, the speakers will offer practical insights into securing AI-driven systems and ensuring compliance with emerging legal frameworks. \nThis engaging dialogue aims to provide actionable strategies for managing AI’s risks while embracing its potential\, catering to professionals navigating this transformative. \n\n \n\n11:30 AM – 12:30 AM \n\n\nRisk and Compliance: A Digital Transformation Journey – Day 0 to Day 5 \nPresenter: Bhargav Trivedi (Capital One) \nThis five-day journey guides organizations through a focused digital transformation of the risk and compliance functions. Starting with Day 0 alignment on vision and priorities\, the process quickly progresses to designing future-state models\, identifying digital enablers\, and integrating data-driven strategies. By Day 5\, organizations emerge with a clear roadmap and executive buy-in to implement agile\, tech-enabled risk and compliance capabilities. \n\n  \nPresenters \n\n \n\n\nRussell Eubanks\nManaging Partner @ Cyverity\nPrincipal Instructor at the SANS Institute \nRussell is a Principal Instructor at the SANS Institute and Managing Partner at Cyverity\, an information security consulting firm specializing in governance and fractional CISO. He is the former CIO and CISO of the Federal Reserve Bank of Atlanta. Russell has developed cybersecurity programs from the ground up and also led extensive cybersecurity teams. Russell actively seeks opportunities to add value to organizations and measurably increase their overall security posture. \n \n\n  \n \n\n \n\n\nElizabeth Dunsmoor\nThird-Party Risk Management (TPRM) Principal @ Shared Assessments \nElizabeth Dunsmoor is a Third-Party Risk Management (TPRM) Principal at Shared Assessments. With over 15 years of experience in the TPRM field\, Elizabeth has designed holistic TPRM programs and assessed risks across various sectors\, such as cybersecurity\, financial services\, manufacturing\, and healthcare. Elizabeth excels at transforming risk strategies into actionable frameworks\, partnering with procurement and corporate teams to strengthen risk resilience. She is also committed to developing cross-functional leadership within the risk management space. In her current role\, Elizabeth trains business leaders on third-party risk program requirements\, third-party capabilities\, and performance expectations. \nAbout Shared Assessments: In our global economy where third-party services are essential\, Shared Assessments is at the forefront of providing thought leadership\, standards\, and education to drive third-party risk assurance. \n \n\n \n\n \n\n\nNick Lockett\nFounding partner @ ADL Solicitors (London) \nNick Lockett\, founding partner of ADL Solicitors in London\, is a barrister and solicitor-advocate with over 30 years of experience in IT law\, including leading roles in top law firms\, Sidley & Austin (London) and McDermott Will\, Emery & Stanbrook (Brussels). Currently within Nick’s Advanced Technology practice\, Nick focuses on the legal and ethical implications of AI and founder of the Centre for Assessment of AI Risk & Opportunity (CAAIRO) and has a forthcoming book\, “Techsistential Risk: AI Law and Ethics\,” (due late 2025). Nick’s extensive experience allows him to navigate the complexities of AI governance\, ensuring compliance with evolving legal frameworks\, and addressing ethical considerations in technology deployment. \n \n\n\n \n\n\nSushila Nair\nCEO @ Cybernetic LLC\nCISSP\, GIAC GSTRT\, GSNA GDSA\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is the CEO of Cybernetic LLC and former Vice President of Capgemini’s North American Cybersecurity practice\, where she played a crucial role in driving secure digital transformation on a global scale. With over 30 years of experience in computing infrastructure\, business\, and security risk analysis\, Sushila has established herself as a leading authority in the cybersecurity domain. Her career highlights include serving as Vice President responsible for global security offers at NTT DATA Services\, a decade of leading her own IT and cybersecurity company across major UK cities\, and serving as a Chief Information Security Officer (CISO) and trusted advisor to boards\, where she honed her expertise in protecting organizations from evolving digital threats. Recognized through the top cybersecurity leader award by Security Magazine\, Sushila’s influence in the industry is undeniable. \nAn esteemed thought leader\, Sushila has shared her insights on prestigious platforms such as public radio\, RSA Conference and ISACA’s global events. Her active participation in ISACA’s global emerging trends working group and her leadership as President of ISACA’s Greater Washington\, D.C. Chapter underscore her dedication to advancing the field of cybersecurity. In 2024\, her commitment to nurturing the next generation of cybersecurity professionals and promoting diversity in the industry was honored with the prestigious ISACA Technology for Humanity Award and Security Magazine’s Top Cybersecurity leader. \n \n\n \n\n \n\n\nBhargav Trivedi\nSenior Director of Software Engineering @ Capital One \nBhargav leads the Enterprise and Operational Risk Management Technology teams within Risk Tech. Over the past 6 years\, he has played a pivotal role in architecting and delivering technology solutions that support Capital One’s risk identification\, assessment\, control monitoring\, and issue management processes. Prior to this\, he spent 5 years in Commercial Bank Technology\, focusing on resilient\, scalable platforms. Bhargav is passionate about the intersection of risk and technology\, particularly in using AI\, automation\, and data analytics to strengthen risk posture\, enable proactive risk management\, and improve control effectiveness. He is a champion of building secure\, transparent systems that empower first and second-line risk teams to make timely\, risk-informed decisions. Bhargav is based in Richmond\, VA. Before joining Capital One\, he was a software architect at American Express\, supporting critical capabilities in the Business Travel division. His early career included roles at GE Commercial Finance and PNC Bank\, where he gained foundational experience in financial risk\, credit systems\, and data governance frameworks. Outside the office\, Bhargav enjoys playing chess\, spending time with his two young boys\, and keeping up with the latest in tech innovation through podcasts. His mission is not only to build software—but to lead the transformation of risk management through technology. \n \n\n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about current and future trends in the IT Audit space. \n  \nCPE-Related Details \n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/risk-management-conference-2025/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/12/conference-risk-management.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250625T123000 DTEND;TZID=America/New_York:20250625T133000 DTSTAMP:20260613T215528 CREATED:20250608T134656Z LAST-MODIFIED:20250619T140551Z UID:34011-1750854600-1750858200@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Level Up Webinar - Reengineering Your Career in Times of Uncertainty: Exploring ISACA Professional Certifications DESCRIPTION:“Level Up: Elevate Your Brand with ISACA GWDC” is a free webinar series designed to help members and non-members in the tech space stand out in a competitive job market. These bite-sized\, actionable sessions focus on the skills that don’t always come with a certification—but make a big difference in landing the job or leadership role you want. \nWe’ll cover how to use AI to sharpen your interview game\, grow your executive presence\, understand which ISACA certifications best align with your career goals\, and how to tell your story in a way that resonates with recruiters and boards alike. \nAll sessions are short\, high-impact\, and recorded for later viewing on our YouTube channel. No CPEs—just insights to grow your brand\, expand your opportunities\, and take your career to the next level. \nRegistration closes on June 25th @ 12 PM. \nRegister Today! \n  \nWebinar Overview \n\nJune 25 \nThe webinar will be held on June 25\, 2025 from \n12:30 PM to 1:30 PM. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe workshop will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nComplimentary Attendance \nThere is no fee for this event. \nTo become a member and take advantage of the member rate for our other events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nNo CPEs \nNo CPEs are awarded for this event. \n  \n  \n  \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \n \n\n12:30 PM – 01:30 PM \n\n\nReengineering Your Career in Times of Uncertainty: Exploring ISACA Professional Certifications \nPresenter: Dr. Sandra Fonseca \nWe are living in times of uncertainty and stress\, but it is during times of uncertainty where we can reinvent ourselves. The time is now to rethink our professional career and pursue alternative paths considering getting professional micro-credentials or professional certifications. During this session we will discuss strategies and tips to reengineer our careers\, and introduce you to ISACA Certifications\, from micro-credentials and professional certifications so that you can decide which one fits best to your professional goals. \n\n  \nPresenter \n \n\n \n\n\nDr. Sandra Fonseca \nDr. Sandra Fonseca is an Information Technology Professional with over 30 years of experience in the IT field industry\, 15 of them as Systems Security Manager\, Project Manager\, and later on as Data Architect at a federal agency in Washington\, D.C. Her academic career spans 28 years\, having taught in all modalities\, undergraduate and graduate on traditional brick and mortar classroom\, hybrid\, teleconference\, and online. She has also served as Program Director for IT and Cybersecurity Programs for an Online University in the US. Dr. Fonseca also works as instructional designer subject matter expert in course development\, oversees SME’s course contents\, and collaborates in program assessment mapping. Professional development and engagement in professional organizations is essential\, and has served for the board of directors for professional associations like ISACA\, ISSA\, PMI\, ACFE and ASQ. Currently she volunteers to the GWDC Chapter to the office of the secretary. Dr. Fonseca has a doctoral degree in business with a specialization in management information systems (DBA-MIS)\, and a second doctoral degree in education with a specialization in instructional design (EdD-ID). Her areas of Specialty are: IT\, Accounting\, Audit\, Project Management\, Operations Management\, and Quantitative Research Methods. \n\n\n \n\n\nSafia Kazi\nPrincipal\, Privacy Professional Practices @ ISACA\nAIGP\, CIPT \nSafia Kazi is a privacy professional practices principal at ISACA. In this role\, she focuses on the development of ISACA’s privacy-related resources\, including books\, white papers\, and review manuals. Kazi has worked at ISACA for more than a decade\, previously working on the ISACA Journal and developing the award-winning ISACA Podcast. \n\n  \nEvent Questions and Policies \n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/level-up-webinar-reengineering-your-career-in-times-of-uncertainty-exploring-isaca-professional-certifications/ LOCATION:Virtual Event CATEGORIES:Virtual Event ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/06/webinar_levelup.png END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250612T120000 DTEND;TZID=America/New_York:20250612T130000 DTSTAMP:20260613T215528 CREATED:20250427T171026Z LAST-MODIFIED:20250430T162134Z UID:33862-1749729600-1749733200@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:2025 Annual General Meeting of the Chapter Membership DESCRIPTION:The ISACA® GWDC Annual General Meeting (AGM) is the Board of Directors’ annual meeting with the GWDC membership. During this year’s AGM\, the Board will provide a year in review for the chapter and present the annual Chapter Awards.  There is no CPE for this event. \nThis virtual meeting will on June 12\, 2025 from 12 – 1:00 pm.  All current GWDC members are invited to attend. Registration is required. An email will be sent to all Chapter Members with the registration link. If you did not receive the email\, contact us using the Registration Questions link below. \nRegistration closes on June 11\, 2025 @ 3pm.  \n  \nAdditional Information \nVirtual Meeting Information \n\nThis event will be presented through Zoom.\nPrior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. \n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/2025-annual-general-meeting-of-the-chapter-membership/ LOCATION:Virtual Event CATEGORIES:Annual Meeting ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/05/agm_2024_2.png ORGANIZER;CN="Mike Howard":MAILTO:itadmin2@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250607T083000 DTEND;TZID=America/New_York:20250607T170000 DTSTAMP:20260613T215528 CREATED:20250105T194819Z LAST-MODIFIED:20250603T002247Z UID:33474-1749285000-1749315600@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Certified Information System Auditor® (CISA®) Review Course (Saturday Sessions) DESCRIPTION:CISA Review Course – Saturday Sessions \nThe ISACA Greater Washington\, D.C. Chapter (GWDC) is hosting an intensive 4-day virtual review course for the Certified Information Systems Auditor® (CISA®) Exam. This course is designed to provide practical guidance on preparing for the CISA exam and will cover the essential job practice areas as defined by ISACA® Global.  \nThis event is ideal for professionals planning to sit for the CISA exam. Attendees are encouraged to prepare in advance to maximize the benefits of the course. \nRegistration for this event has closed.  \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nCourse Overview \n\nJune 7\, 14\, 21 & 28 \nThe course will be held on June 7\, 14\, 21\, & 28\, 2025 (Saturdays) from 8:30 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Teams. \nPrior to the event\, participants must install the Teams app on their respective devices. Participants using the web-based Teams or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $500 \nThe fee for GWDC Members is $500 for the course.\nThe fee for all other registrants is $1\,000 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 32 CPEs \nAttendees can earn up to 32 CPEs for this event. \nParticipants must respond to all the poll questions via the Teams polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \nPlease note\, these are estimates as some domains (especially Domains 4 and 5) may span multiple days. \n\nDay 1: 18% Domain 1 – Information Systems Auditing Process & 18% Domain 2 – Governance & Management of IT\nDay 2: 12% Domain 3 – Information Systems Acquisition\, Development & Implementation\nDay 3: 26% Domain 4 – Information Systems Operations & Business Resilience\nDay 4: 26% Domain 5 – Protection of Information Assets\n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants will receive a Student Workbook\, including the presentations\, case study\, and quiz questions for each domain. Additional resources\, such as exam tips\, vocabulary lists\, and recommended readings\, will also be provided. \n  \nStudy Recommendations \nThe instructor highly recommends that students purchase the CISA Review Manual and the CISA Review Questions\, Answers\, and Explanations Database – 12 Month ahead of the course date. Below are the study materials available for purchase from the ISACA Bookstore: \n\nCISA Review Manual\nCISA Review Questions\, Answers & Explanations Manual\nCISA Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISA page as part of their study program.  \n  \nInstructors \n\n \n\n\nJim Wiggins\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M \nJim has over 28 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 23 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n \n\n\n \n\n\nTyler Harding\nCPA\, CISA\, CISM\, CISSP\, CAP\, GGEIT\, FITSP:A\, FITSP:M \nTyler Harding is an Information Security and Compliance professional with over 25 years of experience. Currently\, Mr. Harding is a Sr. Technical Advisor on cybersecurity and cloud policy with the Department of Defense\, Office of the CIO. Prior to his role at DoD\, he has led security and privacy teams to achieve ISO 27001 certifications and clean SOC 2 attestation reports at Amazon.com. While with Amazon Web Services\, Tyler was the DoD Security and Compliance Manager and led efforts to accredit AWS cloud services to Impact Levels 4 and 5 under DoD’s Cloud Computing Security Requirements Guide (CC SRG). Before joining Amazon in 2019\, Tyler spent over 20+ years in public accounting firms such as PWC\, KPMG\, and Kearney & Company in their respective IT audit practices and led engagement teams through many SOC 1\, FISMA\, and financial statement audits. Tyler holds numerous certifications including his CPA\, CISA\, CISM\, CGEIT\, CISSP\, CGRC\, FITSP:A\, and FITSP:M. \nAs a recovering IT auditor\, Tyler now enjoys his summers and falls swimming\, cycling\, and playing an occasional round of golf! Tyler has also supported the ISACA Greater Washington D.C. Chapter for over 20 years by teaching CISA\, CISM\, and CGEIT review courses. \n\n  \nMore Information on CISA \n \nRegistration for the CISA exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CISA and Exam Registration \n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 32 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\nLearning Objective: After completing the course\, students will be prepared to sit for the CISA exam.\nPrerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/certified-information-system-auditor-cisa-review-course/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/08/review_course_CISA.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250602T083000 DTEND;TZID=America/New_York:20250602T170000 DTSTAMP:20260613T215528 CREATED:20250105T200101Z LAST-MODIFIED:20250105T200101Z UID:33425-1748853000-1748883600@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:CET Cloud Fundamentals Review Course DESCRIPTION:The GWDC will be hosting a one-day virtual course for the Certified in Emerging Technology™ (CET) Cloud Fundamentals Certificate on June 2 from 8:30 am to 5:00 PM. \nThis course covers characteristics\, components\, deployment models\, risks\, and business drivers of cloud computing. Learners gain insight into the principles and concepts of cloud computing\, services models\, cloud governance\, and an overview of critical cloud service considerations. The interactive\, self-guided format blends both knowledge and performance-based training components to provide a truly unique and dynamic learning experience that builds and reinforces the critical skills required to perform real-world technical tasks. \nIndividuals with little to zero years’ experience in cloud and those seeking to increase their knowledge and skills in Emerging Technology Topics should attend this event.  It’s also intended for anyone preparing for the CET Cloud fundamentals certificate exam. \nRegistration closes on June 1@ 3pm. \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nCourse Overview \n\nJune 2 \nThe course will be held on June 2\, 2025 from \n8:30 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $125 \nThe fee for GWDC Members is $125 for the course.\nThe fee for all other registrants is $200 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 8 CPEs \nAttendees can earn up to 8 CPEs for this event. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \nModule 1 – Cloud Computing Models \n\nCloud Components\nCloud Service Implementation Considerations\nCloud Deployment Models\n\nModule 2 – Cloud Service Models \n\nSoftware as a Service\nPlatform as a Service\nSolution Stacks\nInfrastructure as a Service\n\nModule 3 – Cloud Governance \n\nBusiness Drivers to Cloud \nRisks Associated with cloud solutions\nCloud Vendor Selection and Management\nPortability of Services\n\nModule 4 – Cloud Service supports \n\nDistinguish between service implementation and support in the cloud\nDescribe the testing and validation requirements for post-cloud implementation\nArticulate the special role that configuration management plays in cloud computing\nIdentify resource management challenges with cloud computing implementations\n\n  \nInstructor \n\n \n\n\nSushila Nair\nCISSP\, GIAC GSTRT\, GSNA GDSA\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is the CEO of Cybernetic LLC and former Vice President of Capgemini’s North American Cybersecurity practice\, where she played a crucial role in driving secure digital transformation on a global scale. With over 30 years of experience in computing infrastructure\, business\, and security risk analysis\, Sushila has established herself as a leading authority in the cybersecurity domain. Her career highlights include serving as Vice President responsible for global security offers at NTT DATA Services\, a decade of leading her own IT and cybersecurity company across major UK cities\, and serving as a Chief Information Security Officer (CISO) and trusted advisor to boards\, where she honed her expertise in protecting organizations from evolving digital threats. Recognized through the top cybersecurity leader award by Security Magazine\, Sushila’s influence in the industry is undeniable. \nAn esteemed thought leader\, Sushila has shared her insights on prestigious platforms such as RSA Conference and ISACA’s global events. Her active participation in ISACA’s global emerging trends working group and her leadership as President of ISACA’s Greater Washington\, D.C. Chapter underscore her dedication to advancing the field of cybersecurity. In 2024\, her commitment to nurturing the next generation of cybersecurity professionals and promoting diversity in the industry was honored with the prestigious ISACA Technology for Humanity Award. \n \n\n  \nCET Cloud Fundamentals Certificate Exam \nThe exam is be offered via Computer-Based Testing (CBT). \nRegistration and administration of the exam is handled by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \nFor full details on this certificate\, visit the ISACA’s CET Cloud Fundamentals Certificate page. \n  \nExam Preparation \nFor students who wish to take the CET- Cloud fundamentals exam\, it is highly recommended that the prospective candidates should purchase the official study guide and labs here as the exam includes hands on elements. \n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 8 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org. \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\nLearning Objective: After completing the course\, students will be prepared to sit for the CET exam.\nPrerequisites and Advance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/cet-cloud-fundamentals-spring2025/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/08/review_course_cet_cloud.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250519T084500 DTEND;TZID=America/New_York:20250519T170000 DTSTAMP:20260613T215528 CREATED:20250106T021103Z LAST-MODIFIED:20250517T013723Z UID:33542-1747644300-1747674000@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Future Tech DC DESCRIPTION:<< Return to GWDC Events \n  \n \nFuture Tech DC\nMay 19\, 2025 from 8:45 AM to 5:00 PM\nGeorge Mason University\, Arlington VA Campus\n8 CPE\n$175 for Members of Partner Organizations\n$250 for All Other Registrants \n  \n  \n\n\n\nWelcome to Future Tech DC: AI\, Cybersecurity\, and Trust\nThe premier conference that explores the intersection of artificial intelligence\, cybersecurity\, and IT audit. \nJoin us in the heart of Washington\, D.C.\, where innovators\, industry leaders\, and technology enthusiasts converge to shape the future of the digital landscape. This event offers: \n\nInsightful Sessions: Prepare for the challenges of tomorrow\, by delving into the evolving cybersecurity threat landscape\, gaining insights into emerging technologies such as AI\, and discovering strategies for IT audit and cybersecurity professionals to build trust in a digital world.\nTailored Tracks: Choose from General\, Government\, and Workshop sessions\, including hands-on SANS demonstrations.\nNetworking & Professional Growth: Connect with peers\, earn 8 CPE credits\, and gain practical tools to secure your organization.\n\nWhat’s included with the registration fee in addition to conference attendance: Breakfast\, lunch\, parking at GMU Arlington campus \nWho Should Attend this Event?  IT / Cybersecurity professional\, cybersecurity student\, auditor\, CISO\, or business or government leader \nRegistration closed on May 16 @ 6pm.  There is no walk-up registration for this event. \nRegister Today! \n  \n\n\n\n  \nRegistration Bundles Available \n\nProfessional Bundles are available for businesses and organizations to purchase bundles of 10 registrations at the member rate. After purchase\, a discount code will be emailed. \nPurchase Professional Bundle \n\n\nStudent Bundles are available for colleges and universities to purchase bundles of 10 registrations for students at discounted student pricing. After purchase\, a discount code will be emailed. \nPurchase Student Bundle \n\n  \n\n\n\nPartner Organizations \nThis event wouldn’t be possible with the time and dedication of the following partner organizations present this event. These organizations are presented below in no order of significance: \n\n\n\n\n\n\n\n\n\n\n\n\n\nWorkshops Powered By: \n \n\n\nHosted By: \n \n\n  \nAgenda \nTailor your conference experience by choosing sessions in one of the three tracks.  Please note\, no advance selection is required for the General and Government Tracks. Registrants can attend the General and Government sessions on a first come basis on the day of the conference.  SANS Workshops will be selected during registration \nGovernment Track – Government Focus: Federal\, State\, and Local Perspectives\nDive into sessions tailored to the unique challenges and opportunities faced by government entities. Explore innovative strategies for securing critical infrastructure\, enhancing digital services\, and navigating regulatory landscapes at every level of government. \nGeneral Track – Visionary Leaders in AI\, Emerging Tech\, and Cybersecurity\nHear from globally recognized thought leaders who are driving change in artificial intelligence\, emerging technologies\, and cybersecurity. These inspirational talks will provide insights into the future of tech and its role in building a safer\, more innovative world. \nSANS Workshop Track – Practical Skills and Cutting-Edge Tools\nParticipate in interactive workshops and labs that bring theory to life. From building a machine learning network to detect anomalies\, to reverse engineering malware\, and identifying cloud misconfigurations\, these sessions offer practical\, real-world applications for staying ahead in an ever-evolving digital landscape.  Please note\, SANS workshops have a limited capacity. Sign up early to secure your spot before sessions reach capacity.  There is a limit of one SANS workshop per registrant. \n  \n\n\n\n Time\nGeneral Track\nGovernment Track\nSANS Workshop Track\nSpecial Activities\n\n\n08:00 AM – 08:45 AM\nBreakfast and Networking\n\n\n08:45 AM – 09:00 AM\nConference Introduction\n\n\n09:00 AM – 10:00 AM\nKeynote Speaker: Dave Hoelzer\, SANS Fellow\nReal World Hype-Free AI in the Cybersecurity Enterprise\n\n\n10:00 AM – 11:00 AM\nAsk Questions\nTerry Grafenstine (IIA and PenFed)\nCybersecurity for Artificial Intelligence\nJeffrey Eyink (DoD)\nPresented by SANS – Avoiding Data Disasters: Techniques to Identify and Address Cloud Storage Misconfigurations\nShaun McCullough (SANS and GitHub)\n\nCapture the Flag \nCheck-in \n10:00-10:30 \nAM \nCompetition \n10:30 AM – \n2:30 PM \nWinners \nAnnounced \n2:30 – 3:00 PM \n\n\n\n11:00 AM – 12:00 PM\nAdapt or Be Breached: Why Outdated Third-Party Risk Models are Failing SaaS\nVishal Chawla (BluOcean Cyber)\nThe NIST Risk Management Framework: More Than Just Compliance and an ATO\nVictoria Yan Pillitteri (NIST)\n\n\n12:00 PM – 01:00 PM\nLunch Keynote Speaker:  Sounil Yu (Knostic)\nWhat to Expect When You’re Expecting Your GenAI Baby\n\n\n01:00 PM – 02:00 PM\nExploring the Intersection of Cybersecurity and Artificial Intelligence\nDr. Kellep Charles (Capitol Technology University)\nEmerging Threats in Space\nFireside Chat with Renee Wynn (Former NASA CIO\, Axonius) and Dr. Diane Janosek (Janos LLC)\nPresented by SANS – Reverse Engineering Malware: A Hands-On Introduction\nAnuj Soni (Johns Hopkins University APL and SANS)\n\n\n02:00 PM – 03:00 PM\nMITRE ATLAS: Community Driven Tools for AI Security & Assurance\nDr. Christina Liaghati (MITRE)\nSecuring the Machine Mind: AI Risk Management in the Federal Enterprise\nDavid Branscome (Microsoft)\n\n\n03:00 PM – 04:00 PM\nIn the age of AI\, getting to the “who” is your biggest threat advantage\nRyan LaSalle (Nisos®)\nShifting Left Security Automation with Open Security Controls Assessment Language (OSCAL)\nDr. Michaela Iorga (NIST/ITL)\nPresented by SANS – Build a Machine Learning Neural Network for Anomaly Detection on Logs\nChristopher Crowley (SANS)\nIndustry Exchange\n\n\n04:00 PM – 05:00 PM\nAccelerating Innovation with AI Security & Responsibility\nAlexis Appollonia Robinson (Amazon)\nFireside Chat – Securing the Future: NIST NCCoE\, AI\, and Emerging Tech\nModerator: Jim Wiggins (Securible and FITSI)\nPanelists: Cherilyn Pascoe (NIST)\n\n\n05:00 PM – 06:00 PM\nConference Wrap-Up\n\n\n\n  \nClick the link below to view the agenda in a PDF along with the room numbers and floor Maps of GMU’s Van Metre Hall in the Mason Square Building. \nView Agenda PDF \n  \nKeynote Address \n\n09:00 AM – 10:00 AM \n\n\nReal World Hype-Free AI in the Cybersecurity Enterprise \nPresenter: Dave Hoelzer (SANS) \nEnterprises today are fixated on adopting AI solutions\, yet few have clearly defined the business problems they hope that AI will solve. What’s the reality of the applicability of AI to cybersecurity? What knowledge should someone with a GRC focus have to understand what vendors are selling and how this aligns with an enterprise’s controls? How can AI be leveraged to enhance a SOC or expand the threat-hunting capabilities of a security organization? David Hoelzer\, COO of a managed security provider and SANS fellow will answer these questions\, in addition to showing how his enterprise and his customers are leveraging machine learning and AI to identify previously unknown zero-day malware\, find compromised hosts at scale\, identify anomalous log entries without writing rules\, and more. These demonstrations will include clear explanations of how these solutions work that anyone with Python and TensorFlow or PyTorch knowledge can implement! \nView Dave’s Speaker Showcase video for this session \nLearning Objectives: \n\nHow AI and ML can be defined in a way that benefits the vendor\, not the enterprise\, and how to know what they’re saying.\nUnderstand how to articulate the role of AI/ML in a security operation/threat hunting operation in a way that is aligned with objectives.\nHave a better understanding of precisely what types of problems in security benefit from the application of AI/ML techniques.\n\n\n  \nKeynote Presenter \n\n \n\n\nDave Hoelzer\nSANS Fellow \nDavid Hoelzer\, a SANS Fellow and author of more than twenty days of SANS courseware\, is an expert in a variety of information security fields\, having served in most major roles in the IT and security industries over the past twenty-five years. Currently\, David serves as the principal examiner and director of research for Enclave Forensics\, a New York/Las Vegas based incident response and forensics company. He also serves as the chief information security officer for Cyber-Defense\, an open-source security software solution provider. David is the author of SANS SEC495: Leveraging LLMs: Building & Securing RAG\, Contextual RAG\, and Agentic RAG\, SANS SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals\, and a seasoned instructor and author for myriad other SANS courses. \n \n\n  \nLunch Keynote Address \n\n12:00 PM – 01:00 PM \n\n\nWhat to Expect When You’re Expecting Your GenAI Baby \nPresenter: Sounil Yu (Knostic) \nMany of us are scrambling to leverage GenAI\, but it’s hard to anticipate the risks\, challenges\, and controls. Using various mental models\, we can get a clearer understanding of what to expect in the next stages of the AI revolution and start building governance processes and security capabilities to get ahead of potential challenges. \nLearning Objectives: \n\nLearn about tools for thinking about AI-related problems\nApply these tools towards specific AI-related problems\nAnticipate future needs using these thinking tools\n\n\n  \nLunch Keynote Presenter \n\n \n\n\nSounil Yu\nCo-Founder and Chief AI Security Officer @ Knostic \nSounil Yu is the author and creator of the Cyber Defense Matrix and the DIE Triad\, which are reshaping approaches to cybersecurity. He’s a Board Member of the FAIR Institute; fellow at GMU Scalia Law School’s National Security Institute; guest lecturer at Carnegie Mellon; and advisor to many startups. Sounil is the co-founder and Chief AI Safety Officer at Knostic and previously served as the CISO at JupiterOne\, CISO-in-Residence at YL Ventures\, and Chief Security Scientist at Bank of America. Before BofA\, he helped improve information security at several Fortune 100 companies and Federal Government agencies. Sounil has over 20 granted patents and was recognized as one of the most influential people in security by Security Magazine\, Influencer of the Year by SC Awards\, and a Top 10 CISO by Black Unicorn Awards. He is a recipient of the SANS Lifetime Achievement Award and was inducted into the Cybersecurity Hall of Fame. He has an MS in Electrical Engineering from Virginia Tech and a BS in Electrical Engineering and a BA in Economics from Duke University. \n \n\n  \nGeneral Track Sessions \n\n10:00 AM – 11:00 AM \n\n\nAsk Questions \nPresenter: Terry Grafenstine (IIA and PenFed) \nJoin Terry Grafenstine\, Chair of the Global Board of Directors\, 2024-2025\, for an inspiring session centered on her IIA Global Board Chair theme: “Ask Questions.” To provide strategic insights\, Internal Audit must help their organizations prepare for disruption. Disruption can be an opportunity\, like Artificial Intelligence\, or a threat\, such as Covid or cyber. While many disruptive technologies and events will push Internal Auditors out of their traditional comfort zones\, to avoid auditing these topics is to miss some of the greatest threat (and opportunities) our organizations face. Instead\, internal auditors should rely on an area where they are experts and ask questions about controls. She will explore how fostering a culture of curiosity can support organizational innovation while also creating a stronger control environment and building enterprise resilience. \nView Terry’s Speaker Showcase video for this session \nLearning Objectives: \n\nExplore how Internal Audit teams can help their organizations prepare for disruptions\, including disruptive technologies.\nUnderstand how relying on your expertise and asking questions can help prepare you for assessing controls in unfamiliar areas.\nLearn how being “curious” is critical for supporting innovation\, resilience\, and strengthening controls.\n\n\n\n11:00 AM – 12:00 PM \n\n\nAdapt or Be Breached: Why Outdated Third-Party Risk Models Are Failing SaaS Security \nPresenter: Vishal Chawla (BluOcean Cyber) \nYour annual third-party risk management (TPRM) checklist is a hacker’s favorite loophole. While you audit once\, attackers exploit SaaS misconfigurations daily. Legacy TPRM frameworks can’t track live configuration drifts\, data sprawl\, data exfiltration\, shadow APIs\, or “Snowflake-style” breaches. We’ll dissect how TPRM models fail—and equip you with continuous monitoring\, zero-trust SaaS governance\, and proactive threat defenses. Evolve or be breached. Your move. \nView Vishal’s Speaker Showcase video for this session \nLearning Objectives: \n\n“97% of Third-Party SaaS Breaches Start Where Vendor Audits End” Why paper-based vendor reviews fail—and how continuous SaaS threat detection closes the gap.\n“Snowflake’s 243-Day Breach Window: Why Compliance ≠ Security” Unpacking the preventable Snowflake breach and how real-time SaaS monitoring slashes detection time by 90%.\n“90 Days to Modern TPRM: From Annual Audits to Always-On SaaS Defense” A proven roadmap to harden critical third-party SaaS apps\, automate controls\, and turn compliance into an advantage.\n\n\n\n01:00 PM – 02:00 PM \n\n\nExploring the Intersection of Cybersecurity and Artificial Intelligence \nPresenter: Dr. Kellep Charles (Capitol Technology University) \nDominated by technological advancements\, Artificial Intelligence (AI) with cybersecurity stands out as a key component for the future of our digital defense. This talk will discuss the impact of AI on cybersecurity\, by examining the challenges\, opportunities\, and the role it plays in safeguarding our digital world. \nThe session will briefly discuss the historical roots of AI\, to its projected surge to $135 billion by 2030. The session will also discuss the relationship between AI and cybersecurity\, first by explaining how AI benefits the defense against cyber threats as well as examine the dark side of this technological alliance in cybersecurity. The presentation concludes by providing practical insights for staying secure in the AI-driven landscape. A call to action is issued to review and update cybersecurity practices\, incorporating best practices in password management\, data privacy\, and personal cybersecurity. In conclusion\, the presentation portrays the intersection of cybersecurity and AI as a dynamic and evolving landscape\, urging cybersecurity leaders to embrace AI’s potential\, understand its risks\, and adapt to ensure a secure and resilient digital world. \nLearning Objectives: \n\nExplore the challenges and opportunities of AI as it relates to safeguarding the digital world.\nUnderstand the impact of AI on cybersecurity including the benefits and the dark side.\nLearn practical insights for cybersecurity in the AI era.\n\n\n\n02:00 PM – 03:00 PM \n\n\nMITRE ATLAS: Community Driven Tools for AI Security & Assurance \nPresenter: Dr. Christina Liaghati (MITRE) \nMITRE ATLAS (atlas.mitre.org) is a public knowledge base of adversary tactics and techniques based on real-world attack observations and realistic demonstrations from artificial intelligence (AI) red teams and security groups. There are a growing number of vulnerabilities in AI-enabled systems as the incorporation of AI increases the attack surfaces of existing systems beyond those of traditional cyberattacks. We developed ATLAS to raise community awareness and readiness for these unique threats\, vulnerabilities\, and risks in the broader AI assurance landscape. \nChristina will speak to the latest MITRE ATLAS community efforts focused on capturing and sharing cross community data on real world AI incidents\, expanding the community’s data on vulnerabilities that can arise when using open-source AI models or data\, especially for vulnerabilities that fall outside of the scope of CVE/CWE\, and developing mitigations to defend against these AI security threats and vulnerabilities. \nView Christina’s Speaker Showcase video for this session \nLearning Objectives: \n\nLearn about the unique threats\, vulnerabilities\, and risks that AI poses.\nHear how the MITRE ATLAS community is engaging to provide real world data on the impact of AI on cybersecurity.\nExplore mitigations to defend against AI security threats and vulnerabilities.\n\n\n\n03:00 PM – 04:00 PM \n\n\nIn the age of AI\, getting to the “who” is your biggest threat advantage \nPresenter: Ryan LaSalle (Nisos®) \nAI is making the landscape less human. Yet people are both a significant enterprise vulnerability\, and the key to protecting your organization. And cyber’s remit is getting larger\, not smaller. As companies take on greater digital risk\, cybersecurity accountability extends to include protecting executives from physical harm\, keeping insider threats out\, and surfacing signs of employment fraud. It’s your job to stay a step ahead by detecting emerging threats online and to action quickly. Beyond the day to day compliance and cyber defense\, security teams need to grow with the business and tackle the emerging challenges to people presented by the innovative attacks powered by AI\, the fomenting discord targeting your people and brand\, and the new vulnerabilities and exploits to hiring and ways of working. Getting to the “who” behind these threats empowers you to take real-world action to move upstream from the techniques employed and address the people at the root of the campaign or attack. \nView Ryan’s Speaker Showcase video for this session \nLearning Objectives: \n\nBetter understand human risk threats and TTPs for executive protection\, employment fraud\, and insider threat.\nDevelop strategies on how getting to the “who” behind human risk threats can drive real-world consequences\, including shutting down the threat.\nLearn about practical ways you and your teams can detect and prevent human risk threats.\n\n\n\n04:00 PM – 05:00 PM \n\n\nAccelerating Innovation with AI Security & Responsibility \nPresenters: Alexis Appollonia Robinson (Amazon) \nFor innovation to thrive\, teams need the freedom to operate quickly. Yet many organizations slow development for governance with restrictive controls. In this session\, learn how to implement 100 controls that empower teams to ship rapidly without compromising reliability\, security\, or compliance. Additionally\, learn from AWS experts as we breakdown AWS’s Responsible AI Strategy and AWS Audit Manager’s generative AI framework. In this session\, explore how to incorporate controls as we build AI with AWS. \nLearning Objectives: \n\nUnderstand how to accelerate innovation by embedding security controls and responsible AI guardrails from day one.\nConsider AWS’s Responsible AI Strategy as a way to build trust while maintaining development velocity.\nImplement AWS Audit Manager’s Generative AI Framework to automate compliance and strengthen governance.\n\n\n  \nGeneral Track Presenters \n\n \n\n\nTerry Grafenstine\n2024–25 Chair of the Global Board of Directors of The Institute of Internal Auditors (IIA) and Chief Audit Executive with Pentagon Federal Credit Union (PenFed)\nCIA\, CPA\, CISSP\, CISA\, CRISC\, CGEIT\, CGAP \nTerry Grafenstine is the 2024–25 Chair of the Global Board of Directors of The Institute of Internal Auditors (IIA) and Chief Audit Executive with Pentagon Federal Credit Union (PenFed). She was recognized by The IIA as one of the “Top Ten Audit Thought Leaders of the Decade” and inducted into The IIA’s Hall of Distinguished Audit Practitioners. She has served on both the IIA’s North American and Global Boards of Directors. \nTerry has over 25 years of experience in the internal auditing and information technology profession. As CAE at PenFed\, Terry is responsible for leading internal audit teams covering all aspects of operations at the second largest federal credit union in the U.S. Prior to joining PenFed in May 2023\, Terry was the global chief auditor for Operations & Technology at Citi where she led audits covering technology\, cyber\, business continuity\, enterprise resilience\, and third party risk management across the 155 countries in which Citi operated. \nBefore joining Citi\, Terry was a Managing Director in Deloitte’s Risk and Financial Advisory practice\, where she provided strategic advisory services to Chief Audit Executives across all commercial industries and IT audit\, risk\, and governance advisory services to first line executives in the defense and national security space. Prior to joining Deloitte\, Terry served for eight years as the bi-partisan appointed Inspector General of the U.S. House of Representatives\, where she designed\, managed\, and delivered audit and investigative services\, including the annual financial statement audit and a comprehensive cyber assurance program. \nTerry has held numerous leadership roles to support the auditing\, accounting\, and information technology profession\, including serving as ISACA’s Global Chair (2017-2018) and a member of the AICPA board of directors (2014 – 2018). Terry speaks globally on a wide range of subjects\, including cyber security\, internal auditing\, accounting standards\, resilience\, leadership\, and risk. \nTerry earned a Bachelor’s degree in Accounting from Saint Joseph’s University. She is a Certified Internal Auditor (CIA)\, Certified Public Accountant (CPA)\, Certified Information Systems Security Professional (CISSP)\, Certified Information Systems Auditor (CISA)\, Certified In Risk and Information Systems Control (CRISC)\, Certified in the Governance of Enterprise IT (CGEIT)\, and Certified Government Auditing Professional (CGAP). \n \n\n\n \n\n\nVishal Chawla\nFounder & CEO BluOcean Cyber \nVishal brings 30 years of cybersecurity expertise\, combining his Big 4 experience as global cybersecurity leader and senior partner serving global fortune 100 clients in the financial services and healthcare industry. \nHe is now the founder and CEO of BluOcean Cyber (located in Northern Virginia)\, where he created RiskGPS\, a Cyber Risk Governance platform that helps companies dominate their competition by redefining cybersecurity as a critical strategic business asset. The groundbreaking approach revolutionizes cybersecurity for mid-sized companies by bridging the gap between technical cybersecurity measures and business mission-based objectives. By connecting specific actions to threats and business processes\, RiskGPS protects\, sustains\, and amplifies critical outcomes with verifiable ROI. Vishal’s work has been published in The Wall Street Journal\, NACD Directors\, RMA\, MIT Review\, and many other publications. \n \n\n\n \n\n\nDr. Kellep Charles\nDepartment Chair of Cybersecurity programs and Professor of Computer Science @ Capitol Technology University \nDr. Kellep Charles serves as Department Chair of Cybersecurity programs and Professor of Computer Science at Capitol Technology University. Dr. Charles’ research areas encompasses Digital Forensics\, Threat Detection\, OSINT\, Machine Learning and Malware Analysis. He completed his Doctorate in Cybersecurity at Capitol Technology University. He also holds a Master of Science in Telecommunication Management from the University of Maryland University College and a Bachelor of Science in Computer Science from North Carolina Agricultural and Technical State University. \nDr. Charles also worked as a government contractor in the Washington\, DC area as an information security analyst for over 25 years in the areas of incident response\, computer forensics\, security assessments\, malware analysis\, and security operations. \n \n\n\n \n\n\nDr. Christina Liaghati\nTrustworthy & Secure AI Department Manager and MITRE ATLAS Lead @ MITRE \nWorking across a collaborative global community of industry\, government\, and academia\, Dr. Liaghati leads MITRE’s Trustworthy & Secure AI Department and MITRE ATLAS\, where she passionately drives research and developments in trustworthy and secure AI for everyone working to leverage AI-enabled systems. Leading her department of 50+ scientist and engineers and serving the community with the not-for-profit\, objective\, MITRE perspective\, she is dedicated to working together to create and openly share actionable tools\, capabilities\, data\, and frameworks for trustworthy and secure AI like ATLAS\, an ATT&CK-style framework of the threats and vulnerabilities of AI-enabled systems. \nAs Dr. Liaghati has worked across the community to improve the common understanding of AI security concerns\, her work quickly started overlapping with broader AI assurance concerns\, which includes AI equitability\, interpretability\, reliability\, robustness\, safety\, and needs for privacy enhancement. As a result of this expansion beyond AI security into more of these elements of trustworthy AI and AI assurance\, her current focus under ATLAS and across the international community is to build a protected mechanism for increased knowledge and incident sharing across government and industry in both AI security and the broader areas of AI assurance. \nDr. Liaghati also chairs the NATO Science and Technology Organization Research Task Group on the AI Assurance and Security\, focused on fostering an enduring collaborative community of NATO organizations and industry partners\, leveraging the Science and Technology Organization to shape future interoperable capability developments in AI security and assurance. \n \n\n\n \n\n\nRyan LaSalle\nChief Executive Officer @ Nisos® \nRyan LaSalle is the Chief Executive Officer of Nisos®\, the Managed Intelligence Company®. For over 25 years\, Ryan has been a trusted advisor to business leaders and their boards within Fortune 500 and National Security organizations. His expertise has helped drive business growth\, secure and protect critical infrastructure\, and allow organizations to overcome unique business and technology challenges. Prior to joining Nisos\, Ryan was a senior executive and serial intrapreneur at Accenture\, leading one of the largest cybersecurity organizations in North America. During his tenure he spearheaded global enterprise through reinvention\, facilitated new revenue sources\, managed acquisitions\, and developed patented solutions spanning cybersecurity\, information management\, and analytics. Ryan has run high-growth cyber services organizations and led over 1\,600 people. He balances business acumen with technical expertise\, enabling Fortune 500 companies to articulate and implement action in the face of disruptive competition\, technologies\, and cyber risk. Ryan holds patents in human resource management\, knowledge discovery\, and establishing trust between entities online. He frequently speaks at international security conferences and has authored numerous articles on cybersecurity. \n \n\n\n \n\n\nAlexis Appollonia Robinson\nPrincipal Program Manager @ Amazon\nCISA\, PMP \nAlexis Appollonia Robinson is a Principal Program Manager for Amazon in the Washington\, DC area. For the past 15 years\, she has served buyers of the cloud\, retail sellers\, policy makers\, compliance organizations\, engineering leaders\, and security teams by developing and implementing security strategies\, collaborating for thought leadership\, solving problems\, building products\, and conducting cybersecurity\, engineering\, and financial assessments. She graduated with double Bachelors of Science degrees in Accounting and Information Systems from the Robert H. Smith School of Business at University of Maryland\, College Park and an Executive Masters of Business Administration (MBA) from the Quantic Program. She has worked at several companies including CGI Federal and Ernst & Young before finding her way to Amazon. She is a Certified Information Systems Auditor (CISA) and a Project Management Professional (PMP). \nAlexis is the former Co-Chair of EY’s Black Professional Network of Greater Washington\, an affinity group that hosts several networking events\, career development workshops\, partner and executive director relationship breakfasts and dinners\, and community service outreach programs within the Washington D.C. metropolitan area for over 150 members in the community. Through this effort\, she served on the Americas BPN Steering Committee as the Northeast Representative and Communications Lead. To continue her diversity initiatives at Amazon\, Alexis is currently on the Inclusiveness\, Diversity & Equity Counsel of AWS Security and involved with IDE Inclusive Recruiting. \nOn her free time\, she is playing video games\, watching “Only Murders in the Building”\, “Real Housewives of “\, “Demon Slayer”\, and “Abbott Elementary”. She lives with her husband and son in Maryland. \n \n\n  \nGovernment Track Sessions \n\n10:00 AM – 11:00 PM \n\n\nCybersecurity for Artificial Intelligence \nPresenter: Jeffrey Eyink (DoD) \nThis session offers attendees key insights into the converging worlds of AI and cybersecurity\, focusing on the unique challenges and opportunities presented by AI within the Department of Defense. The session promises a deep dive into the critical issues facing organizations deploying AI systems. \nAttendees will gain a clear understanding of the specific cybersecurity risks inherent in DoD’s AI systems. The presentation will unpack the complexities of authorizing these systems\, outlining the appropriate assessment approaches and explaining how to communicate these risks and mitigation strategies effectively to authorizing officials. This is crucial for ensuring that AI systems are deployed securely and responsibly. \nBeyond risk assessment\, the presentation will explore the development of tailored cybersecurity guidance for AI. This will address the specific security requirements for both the underlying infrastructure and the AI models themselves\, equipping attendees with the knowledge to navigate the evolving landscape of AI security. The session will also delve into the potential of leveraging AI to enhance cybersecurity practices. This includes exploring how AI can automate anomaly detection\, provide real-time threat intelligence\, and enable adaptive response mechanisms\, ultimately reducing human error and accelerating response times. \nFinally\, the presentation will shed light on the DoD’s ongoing efforts to modernize its assessment and authorization processes for AI systems. This includes collaborative initiatives between the offices of the DoD Chief Information Officer and the Chief Digital and AI Officer\, ensuring a unified and effective approach to AI cybersecurity. Attendees will also learn about planned updates to key DoD guidance\, such as M-24-10\, which addresses governance\, innovation\, and risk management for AI. This provides valuable insight into the future direction of AI cybersecurity within the DoD. In short\, this presentation offers a comprehensive overview of the challenges and opportunities at the intersection of AI and cybersecurity\, providing attendees with actionable insights and a glimpse into the future of secure AI implementation. \nLearning objectives: \n\nGain an understanding of the specific cybersecurity risks inherent in DoD’s AI systems.\nExplore cybersecurity guidance specific to AI and how AI can enhance cybersecurity practices.\nLearn about the DoD’s efforts to modernize its assessment and authorization processes for AI systems.\n\n\n\n11:00 AM – 12:00 PM \n\n\nThe NIST Risk Management Framework: More Than Just Compliance and an ATO \nPresenter: Victoria Yan Pillitteri (NIST) \nDid you know the NIST Risk Management Framework (RMF) goes far beyond meeting compliance requirements and getting an ATO for your system? The NIST RMF provides a repeatable\, flexible and customizable approach to managing risk supported by a portfolio of technical implementation guidance and can be used by any size and type of organization. \nIn this session\, we’ll dispel common misnomers as you learn more about the NIST RMF and its supporting resources\, how it is designed to identify\, understand\, and manage cybersecurity\, privacy and cybersecurity supply chain risks and support organizational resilience\, and the path forward for NIST’s work in risk management. \nView Victoria’s Speaker Showcase video for this session \nLearning objectives: \n\nGain a deeper understanding of the NIST Risk Management Framework (RMF).\nLearn how the NIST RMF can be used by your organization manage risk.\nGain insights into what’s upcoming for risk management from NIST.\n\n\n\n01:00 PM – 02:00 PM \n\n\nEmerging Threats in Space \nPresenters: Fireside Chat with Renee Wynn (Former NASA CIO\, Axonius) and Dr. Diane Janosek (Janos LLC) \nWe rely on space every day! Emerging threats in space pose significant challenges to global security and technological infrastructure. These include the development of anti-satellite weapons (ASATs) that can disable critical satellites used for communication\, navigation\, and defense. Space debris from past missions and collisions increases the risk of damaging active satellites\, creating a cascade of potential disruptions. Additionally\, cyberattacks targeting satellite systems and ground control networks highlight the vulnerability of space-based assets to digital threats. As space becomes increasingly crowded and contested\, international cooperation and policy frameworks will be essential to mitigate risks and ensure the sustainable use of this vital domain. \nView Renee’s Speaker Showcase video for this session \nLearning objectives: \n\nLearn how space impacts your daily life\nLearn about the emerging threats in space and the impact that these risks can have on security and technology infrastructure\nExplore what’s needed to mitigate risk in space\n\n\n\n02:00 PM – 03:00 PM \n\n\nSecuring the Machine Mind: AI Risk Management in the Federal Enterprise \nPresenter: David Branscome (Microsoft) \nAI presents immense opportunity—and unprecedented risk. From data leakage and model drift to adversarial manipulation and opaque decision-making\, federal agencies must rethink how they apply traditional security and compliance principles to intelligent systems. This session delves into the evolving risk landscape of AI through a federal lens\, offering actionable insights into threat modeling\, continuous assurance\, and auditability. Learn how Microsoft is helping agencies implement AI securely by design\, leveraging tools like Azure OpenAI\, Purview\, and Security Copilot within a Zero Trust architecture. \nLearning objectives: \n\nApply a federal lens to the evolving risk landscape of AI.\nLearn actionable insights for threat modeling\, continuous assurance\, and auditability of AI.\nExplore how Microsoft can assist federal agencies with implementing AI securely by design.\n\n\n\n03:00 PM – 04:00 PM \n\n\nShifting Left Security Automation with Open Security Controls Assessment Language (OSCAL) \nPresenter: Dr. Michaela Iorga (NIST/ITL) \nThe exponential increase in the complexity of information systems has been a challenging task to date\, compelling organizations to leverage risk management strategies that are tightly coupled with the dynamic nature of their systems. In an era of multiple competing regulatory frameworks which often trigger conflicting priorities\, opinions\, and claims\, security and privacy practitioners could miss vital actions while performing labor-intensive\, paper-based compliance work. NIST developed Open Security Controls Assessment Language (OSCAL) – a standard of standards that provides a normalized expression of security requirements across standards\, and a machine-readable representation of security information from controls to system implementation and security assessment. This bridges the gap between antiquated approaches to IT compliance and innovative technology solutions. Imagine a future where security documentation builds itself\, and security management tools from different vendors integrate seamlessly. Security practitioners will spend less time on security documentation\, assessments\, and adjudication\, yet the results of those activities will be more accurate and more easily monitored. OSCAL enables this and more. \nLearning objectives: \n\nUnderstand the driving factors behind the creation of OSCAL\, a machine-readable representation of security control implementations and assessment.\nLearn how OSCAL can be used to modernize the approach to compliance to reduce manual processes and increase accuracy of compliance results.\nExplore how OSCAL can enable reciprocity among frameworks.\n\n\n\n04:00 PM – 05:00 PM \n\n\nFireside Chat – Securing the Future: NIST NCCoE\, AI\, and Emerging Tech \nModerator: Jim Wiggins (Securible and FITSI)\nPanelists: Cherilyn Pascoe (NIST) \nThe NIST National Cybersecurity Center of Excellence (NCCoE) is a collaborative hub where industry\, government\, and academic experts work together to tackle the nation’s most urgent cybersecurity issues of today and tomorrow. In this keynote\, NIST NCCoE Director Cherilyn Pascoe will delve into the center’s collaborative strategies and initiatives to solve security and privacy challenges associated with emerging technologies such as AI\, post-quantum cryptography\, and more. Join us for this engaging presentation to learn how organizations can leverage NIST guidance to effectively mitigate and manage risk\, discover future project considerations\, and explore areas for collaboration. \nLearning objectives: \n\nLearn how the NIST National Cybersecurity Center of Excellence (NCCoE) is developing collaborative strategies to solve the most pressing security and privacy challenges.\nExplore how organizations can leverage NIST guidance to mitigate and manage risk.\nDiscover NIST NCCoE focus areas going forward and potential collaboration opportunities.\n\n\n  \nGovernment Track Presenters \n\n \n\n\nJeffrey Eyink\nChief\, Cybersecurity Implementation Division Department of Defense Chief Information Officer\nPMP\, CISM \nJeffrey Eyink is a seasoned cybersecurity professional with extensive expertise in managing and implementing risk management framework\, cybersecurity policies\, and secure cloud adoption strategies within the Department of Defense (DoD). As the Chief of the Cybersecurity Implementation Division under the DoD Chief Information Officer\, he plays a pivotal role in safeguarding national security through robust cybersecurity measures. \nIn his current position\, Mr. Eyink chairs the Risk Management Framework Technical Advisory Group (RMF TAG)\, offering strategic guidance on risk management policies and framework. He serves as a Subject Matter Expert for the Authorizing Official Council\, Defense Security/Cybersecurity Authorization Working Group\, and the Information Security Risk Management Committee\, contributing critical insights into authorization processes\, security controls\, and risk assessments. Additionally\, as a technical representative for DoD to the Joint Authorization Board of FedRAMP\, he evaluates the security postures of cloud service providers\, enabling secure cloud adoption across the DoD. \nPrior to his current role\, Mr. Eyink served in several high-profile positions\, including Chief of Cybersecurity at the Program Executive Office\, Defense Healthcare Management Systems\, and Chief of the Assessment and Authorization Branch at the Defense Health Agency. In these roles\, he developed innovative strategies to streamline authorization processes\, implemented automation to enhance efficiency\, and led cross-agency teams to integrate cybersecurity requirements within complex systems. \nMr. Eyink holds a Master of Business Administration from William Carey College and a Bachelor of Arts in Business Administration from Saint Leo College. He has also earned advanced certifications in cybersecurity and IT project management from the National Defense University and Villanova University. A member of professional organizations such as the Project Management Institute (PMI) and ISACA\, he has achieved certifications including Project Management Professional (PMP) and Certified Information Security Manager (CISM). \n\n\n \n\n\nVictoria Yan Pillitteri\nSupervisory Computer Scientist and Security Engineering and Risk Management Group Manager @ the National Institute of Standards and Technology (NIST)\nCISSP \nVictoria Yan Pillitteri is a supervisory computer scientist and manager of the Security Engineering and Risk Management Group at the National Institute of Standards and Technology (NIST). The group conducts the research and development of the suite of risk management\, systems security engineering\, and cybersecurity risk analytics and measurement guidance used for managing cybersecurity risk. She is the co-author of multiple NIST publications that are foundational for cybersecurity risk management\, including the security and privacy controls\, control assessment procedures\, the Risk Management Framework\, and the CUI security requirements and assessment procedures (Special Publications (SP) 800-53\, SP 800-53A\, SP 800-53B\, 800-37\, 800-171\, and 800-171A). \nMs. Pillitteri holds a B.S. in Electrical Engineering from the University of Maryland\, a M.S. in Computer Science\, with a concentration in Information Assurance\, from the George Washington University\, completed the Key Executive Leadership Program at American University\, and is a Certified Information Systems Security Professional (CISSP). \n \n\n\n \n\n\nRenee Wynn\nFormer NASA Chief Information Officer and Board Member for Axonius \nRenee Wynn is a leader with over 30 years of experience in environmental policy\, global information technology and cybersecurity operations\, supply chain risk management\, and ESG. She led programs at the Environmental Protection Agency (EPA) and served as the CIO at an iconic agency\, National Aeronautics and Space Administration (NASA). \nRenee currently serves as an independent board member for Axonius\, a cybersecurity company\, and she is seeking additional Board roles. She serves on the Board of Advisors at MITRE\, Interos\, Dataminr\, Adobe\, and Level6 Cybersecurity. She serves as a Strategic Advisor at Attain Capital to their portfolio companies. \nTo continue a lifetime in service to others\, Renee serves on the Board at The Women’s Center\, a Virginia and Washington\, DC-based non-profit organization dedicated to improving the community’s mental health and well-being through counseling\, education\, support\, and advocacy. She also serves on the Board of the Virginia Tech – Applied Research Corporation (VT-ARC). Renee earned a bachelor’s degree in economics from DePauw University. \n \n\n\n \n\n\nDr. Diane Janosek\nCEO of Janos LLC \nDiane M. Janosek is the CEO of Janos LLC. Leveraging her law degree and PhD\, she focuses on the intersection of law\, policy\, and technology to provide advisory services on data policy\, cybersecurity law\, compliance\, governance\, leadership\, and privacy. Previously served as Defense Intelligence Senior Executive Service (SES) for 12 years\, to include leadership roles at the National Security Agency\, to include Commandant National Cryptologic University\, Deputy Director Compliance and Chief Information Security Officer. She also served as Chief Legal Officer for the Privacy and Civil Liberties Oversight Board\, and as Legal Counsel at both the White House and the Pentagon. \nDr. Janosek has published dozens of articles and is a multiple international award-winner. In addition to having a Juris Doctorate\, she has a Master’s in Strategic Intelligence\, a PhD in Cyber Leadership\, is admitted to the United States Supreme Court and is certified in information and network security (CISSP) and ethics and compliance (LPEC). She has been inducted into the Hall of Fame by the Information Systems Security Assoc Inter’l. Dr. Janosek is passionate about giving back and advocating for the global cyber community. \nLearn more at dianejanosek.com \n \n\n\n \n\n\nDavid Branscome\nGlobal Partner Solutions Architect for Security\, Compliance and Identity @ Microsoft \nDavid has been with Microsoft for 17 years in a variety of roles\, from Microsoft Consulting Services to Premier Field Engineer and most recently\, supporting the Microsoft partner organization. He has worked with dozens of state\, local and federal customers\, including supporting some of the largest Microsoft implementations in the federal space. \n \n\n\n \n\n\nDr. Michaela Iorga\nSupervisory Computer Scientist at the National Institute of Standards and Technology (NIST/ITL) \nDr. Michaela Iorga is a supervisory computer scientist at the National Institute of Standards and Technology (NIST/ITL). She serves as the Strategic Outreach Director for the Open Security Controls Assessment Language (OSCAL) program\, and as the senior security technical lead for cloud computing\, chairing the NIST Cloud Security and Forensics Working Groups. \nDr. Iorga\, a subject matter expert in cybersecurity\, risk assessment\, and information assurance\, collaborates with industry\, academia\, and other government stakeholders on developing and disseminating high-level\, vendor-neutral cybersecurity and forensics guidelines that meet national priorities and promote American innovation and industrial competitiveness. Dr. Iorga received her Ph.D. from the Duke University/ Pratt School of Engineering\, in North Carolina\, USA. \n \n\n\n \n\n\nJim Wiggins\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M \nJim has over 28 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 23 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n \n\n\n \n\n\nCherilyn Pascoe\nDirector\, NIST NCCoE \nCherilyn Pascoe is the Director of the NIST National Cybersecurity Center of Excellence (NCCoE). She provides strategic direction and technical leadership for the NCCoE\, aligns the NCCoE’s work with the industry\, government\, and NIST priorities\, and builds relationships with key stakeholders. Prior to her role as Director of the NCCoE she served as the Senior Technology Policy Advisor\, advising NIST leadership on technology policy and strategy\, including cybersecurity\, privacy\, and artificial intelligence. She also led the NIST Cybersecurity Framework program and was a team member of the NIST AI Risk Management Framework. Prior to joining NIST in 2021\, she served more than a decade in staff leadership roles on the US Senate Committee on Commerce\, Science\, and Transportation. Most recently\, she served as Deputy Policy Director managing the Committee’s Space and Science Subcommittee\, which has jurisdiction over science\, technology\, standards\, and civil space policy. \n \n\n  \nSANS Workshop Track Sessions \n\n10:00 AM – 12:00 PM \n\n\nPresented by SANS – Avoiding Data Disasters: Techniques to Identify and Address Cloud Storage Misconfigurations \nPresenter: Shaun McCullough (SANS and GitHub) \nIt appears that every few months\, there’s news of yet another cloud breach stemming from a carelessly configured cloud storage solution. While this isn’t the default for most cloud vendors\, some users still manage to make their cloud data publicly accessible by going out of their way – sometimes to a significant extent. Whether it’s out of ignorance or convenience\, it doesn’t matter – this practice must come to an end. \nTo address this issue\, we’ve developed a workshop that equips attendees with various techniques and methods to identify and rectify cloud storage misconfigurations in their own cloud accounts. We’ll even demonstrate some ways to prevent these misconfigurations from happening in the first place. Although the chosen vendor for this workshop is AWS\, due to its Simple Storage Service (S3) being the one making headlines\, misconfigurations could occur in any cloud environment. Hence\, the techniques discussed in this workshop will be applicable to all cloud vendor environments\, including Azure\, Google Cloud Platform\, and Oracle. \nLearning objectives for this session: \n\nDiscover all-too-common cloud storage security deficiencies present as either insecure vendor defaults or careless mistakes\nCorrect these issues using a variety of means (e.g.\, cloud management console\, command line tools\, and Infrastructure-as-Code)\nLearn how to leverage command-line tools to deploy\, assess\, and secure cloud solutions\n\nSystem Requirements \nParticipants should bring a computer with the following requirements to participate in the workshop. It is critical that you back-up your system ahead of time. It is also strongly advised that you do not bring a system storing any sensitive data. Your system should meet these requirements: \n\nLaptop with a modern web browser\nAWS account with root access or an IAM user with Administrator Access permissions\nIf you need an AWS account\, you can create a free tier account with root access at https://aws.amazon.com/free/. The cost will be minimal (pennies) to complete the workshop\n\n\n\n01:00 PM – 03:00 PM \n\n\nPresented by SANS – Reverse Engineering Malware: A Hands-On Introduction \nPresenter: Anuj Soni (Johns Hopkins University APL and SANS) \nIn this interactive\, hands-on workshop\, participants will be introduced to the fundamentals of Windows executable malware analysis\, learning key techniques for dissecting and understanding malicious code. Through guided demonstrations and exercises\, attendees will explore static and dynamic analysis methods\, identify suspicious indicators\, and recognize common malware behaviors. \nWhether you’re new to reverse engineering or looking to sharpen your skills\, this practical workshop will equip you with the foundational tools needed to triage and analyze Windows malware with confidence. \nLearning Objectives: \n\nUnderstand the Malware Analysis Process\nAnalyze the PE File Structure (EXEs and DLLs)\nPerform Basic Static and Dynamic Analysis\n\nParticipants should bring a computer with the following requirements to participate in the workshop with the following requirements: \nSystem Requirements: \nBack up your system before class. Better yet\, use a system without any sensitive/critical data. \nMANDATORY SYSTEM HARDWARE REQUIREMENTS: \n\nCPU: 64-bit Intel i5/i7 (8th generation or newer)\, or AMD equivalent. A x64 bit\, 2.0+ GHz or newer processor is mandatory for this class.\nCRITICAL: Apple Silicon devices cannot perform the necessary virtualization and therefore cannot in any way be used for this course.\nBIOS settings must be set to enable virtualization technology\, such as “Intel-VTx” or “AMD-V” extensions. Be absolutely certain you can access your BIOS if it is password protected\, in case changes are necessary.\n16GB of RAM or more is required.\n200GB of free storage space or more is required.\nAt least one available USB 3.0 Type-A port. A Type-C to Type-A adapter may be necessary for newer laptops. Some endpoint protection software prevents the use of USB devices\, so test your system with a USB drive before class.\nWireless networking (802.11 standard) is required. There is no wired Internet access in the classroom.\n\nMANDATORY HOST CONFIGURATION AND SOFTWARE REQUIREMENTS \n\nYour host operating system must be the latest version of Windows 10\, Windows 11\, or macOS 10.15.x or newer.\nFully update your host operating system prior to the class to ensure you have the right drivers and patches installed.\nLinux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host\, you are solely responsible for configuring it to work with the course materials and/or VMs.\nLocal Administrator Access is required. (Yes\, this is absolutely required. Don’t let your IT team tell you otherwise.) If your company will not permit this access for the duration of the course\, then you should make arrangements to bring a different laptop.\nYou should ensure that antivirus or endpoint protection software is disabled\, fully removed\, or that you have the administrative privileges to do so. Many of our courses require full administrative access to the operating system and these products can prevent you from accomplishing the labs.\nAny filtering of egress traffic may prevent accomplishing the labs in your course. Firewalls should be disabled or you must have the administrative privileges to disable it.\nDownload VMware Workstation Pro 17.5.X+ for Windows hosts or VMWare Fusion Pro 13.5.X+ for macOS hosts prior to class beginning. If you do not own a licensed copy of VMware Workstation Pro or VMware Fusion Pro\, you can download a free 30-day trial copy from VMware.\nVMware will send you a time-limited serial number if you register for the trial at their website. This course requires a “Pro” version of VMware software. The “Player” versions are not sufficient.\nOn Windows hosts\, VMware products might not coexist with the Hyper-V hypervisor. For the best experience\, ensure VMware can boot a virtual machine. This may require disabling Hyper-V. Instructions for disabling Hyper-V\, Device Guard\, and Credential Guard are contained in the setup documentation that accompanies your course materials.\nDownload and install 7-Zip (for Windows Hosts) or Keka (for macOS hosts). These tools are also included in your downloaded course materials.\n\n\n\n03:00 PM – 05:00 PM \n\n\nPresented by SANS – Build a Machine Learning Neural Network for Anomaly Detection on Logs \nPresenter: Christopher Crowley (SANS) \nGPTs (Generative Pretrained Transformers) based on Large Language Models are great for a lot of challenges. But they’re not trained to find outliers within your log data. \nIn this brief\, informative\, and useful session\, Christopher Crowley will discuss the concept of a variational autoencoder\, then show how you could implement this to train an autoencoder based on your logs. \nAfter training on your log information\, you would then implement the concept to look for outliers within your log data\, to surface weird things to analysts for review. The session will include theory\, a practical demonstration using a jupyter lab notebook\, python\, and tensorflow; and the material to enable you to build the neural network. Even if you’re not a programmer\, this session will enable understanding what’s possible in building your own machine learning neural network. \nView Christopher’s Speaker Showcase video for this session \nLearning Objectives: \n\nFundamental concepts associated with use of tensorflow\, a machine learning development library\nConcepts associated with deep learning and variational autoencoder\nObserve the data cleaning (extract\, transform\, load) and training of a deep learning neural network\n\nSystem Requirements \nParticipants should bring a computer with the following requirements to participate in the workshop. It is critical that you back-up your system ahead of time. It is also strongly advised that you do not bring a system storing any sensitive data. Your system should meet these requirements: \n\nModern 64-bit processor (ARM/AMD/Intel) running Linux (Ubuntu or similar recommended\, Linux kernel version 6 or higher)\, Windows 10 or later\, or MacOS 11.x or later\nA minimum of 16 GB RAM\n10 GB Free Hard Drive Space\nYour account must have the necessary rights to install Anaconda or Anaconda must be preinstalled.\n\n\n  \nSANS Workshop Presenters \n\n \n\n\nShaun McCullough\nCloud Security Engineer @ GitHub and SANS Instructor \nShaun spent 20+ years at the National Security Agency working in all aspects of cyber operations. A software engineer\, manager\, researcher\, and operations lead\, including as the technical director of the Blue\, Red\, and Hunt teams. Today\, Shaun is a staff level Cloud Security Engineer at GitHub focusing on cloud infrastructure. Shaun is also the lead author of SANS SEC541: Cloud Security Threat Detection\, which focuses on how attackers target cloud infrastructure and what security analysts\, SOC operators\, and detection engineers can do to protect their organizations. \n \n\n\n \n\n\nAnuj Soni\nReverse Engineer @ the Johns Hopkins University Applied Physics Laboratory (APL) and SANS Certified Instructor \nAnuj is a Reverse Engineer at the Johns Hopkins University Applied Physics Laboratory (APL)\, where he specializes in malware research and reverse engineering. He is a SANS Certified Instructor\, the author of FOR710: Advanced Code Analysis\, and co-author of FOR610: Malware Analysis Tools and Techniques. He also creates educational malware analysis content on YouTube to inspire others to dive into the field. When Anuj is away from his computer\, you’ll find him at the local gym\, or with his kids – which is also a workout. \n \n\n\n \n\n\nChristopher Crowley\nSANS Senior Instructor @ SANS Institute \nChristopher Crowley\, a SANS Senior Instructor\, has 25 years of industry experience managing and securing networks. He has authored numerous courses and is considered a leading expert in building an effective SOC. He currently works as an independent consultant in the Washington\, DC area focusing on effective computer network defense. His work experience includes penetration testing\, security operations\, incident response\, and forensic analysis. \n \n\n  \nSpecial Activities \n\n10:00 AM – 03:00 PM \n\n\nCapture the Flag (CTF) \nHosted By: Capitol Technology University \nCheckin: 10:00 AM – 10:30 PM \nActivity Overview: Test your cybersecurity skills and compete against fellow conference attendees in a live Capture the Flag (CTF) competition. The CTF will follow a Jeopardy-style format\, where individuals solve security challenges in cryptography\, web exploitation\, reverse engineering\, forensics\, and binary exploitation to name a few. If you think you’re up for the challenge\, we look forward to you joining us! \nNo advance registration required. \nSession Requirements: \n\nLaptop with a full operating system (Windows\, Mac\, Linux). Tablets\, chromebooks\, and kindles are not recommended.\n\n\n\n03:00 PM – 06:00 PM \n\n\nIndustry Exchange \nActivity Overview: Meet representatives from DC area companies. Use this time to network\, network\, network! \n\n  \nHost Organization \nThe Department of Information Sciences and Technology (IST) at George Mason University\, within the College of Engineering and Computing\, is dedicated to advancing knowledge and innovation in the fields of Artificial intelligence (AI)\, data science\, cybersecurity\, and application development. With a focus on hands-on learning\, cutting-edge research\, and interdisciplinary collaboration\, the department prepares students to tackle real-world challenges and lead in the rapidly evolving tech industry. As a host and co-sponsor of this conference\, IST supports the exchange of ideas and the development of the next generation of technology leaders. \n  \nVenue\, Parking\, and Transportation Information \n\n \n\n\nVenue Location \nGeorge Mason University (GMU) Arlington Campus \nThe event is in Van Metre Hall in the Mason Square Building\n3351 Fairfax Drive\, \nArlington\, VA 22201 \n  \n\n  \n\n \n\n\nParking \nVisitor parking is available in the Van Metre Hall (formerly Founders) Garage\, located directly beneath the school. To access the garage\, use the entrance located off of Kirkwood Drive\, in between Fairfax Drive and Washington Boulevard.  Please view the Mason Square parking map for additional information. \nParking is included in the registration fee for the event. \n\n  \n\n \n\n\nMetro \nThe nearest Metro station is the Ballston-MU station. \nIt is a 14-minute walk from the metro station to the GMU Campus \n  \n\n  \nSponsors \nThe GWDC thanks our sponsors and their support of the chapter and its members. \n \nConference Sponsor \n\n \nPlatinum Sponsor \n\n\n \nGold Sponsor \n\n\n \nGold Sponsor \n\n \nSilver Sponsor \n\n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 8 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org. \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\nLearning Objective: After completing the course\, students will have a greater understanding of current trends and practices in AI\, Cybersecurity and Trust.\nPrerequisites and Advance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Live\, In-Person\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/future-tech-dc/ LOCATION:George Mason University – Arlington\, 3351 Fairfax Drive\, Arlington\, VA\, 22201\, United States CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/01/Future-Tech-DC_600.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250417T144500 DTEND;TZID=America/New_York:20250417T170000 DTSTAMP:20260613T215528 CREATED:20241231T201037Z LAST-MODIFIED:20250423T144400Z UID:33393-1744901100-1744909200@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:FISMA and Risk Management Framework Panel Discussion DESCRIPTION:To protect federal information and systems\, the Federal Information Security Modernization Act of 2014 (FISMA) requires federal agencies to develop\, document\, and implement information security programs. The Annual FISMA Conference provides a useful update to IT Auditors and the Federal IT community on the current landscape and efforts to comply with FISMA. Come hear perspectives from senior federal executives who play key roles in FISMA compliance efforts. During this session\, you will learn about recent changes to the FISMA metrics\, and the opportunities and challenges agencies face in complying with FISMA. \nRegistration closes on April 16th @ 2pm. \nRegister Today! \n  \nEvent Sponsor \n  \n \nSikich is a Chicago-based global company specializing in technology-enabled professional services. With more than 1\,900 employees\, Sikich draws on a diverse portfolio of technology solutions to deliver transformative digital strategies. From corporations and not-for-profits to state and local governments and federal agencies\, Sikich clients utilize a broad spectrum of services and products to help them improve performance and achieve long-term\, strategic goals. As a full-service provider to Federal government agencies\, we provide financial management advisory and assurance services\, such as: \n\nAssisting the U.S. Defense Industrial Base (DIB) sector in enhancing its cybersecurity posture within the multi-tier supply chain to ensure compliance with Cybersecurity Maturity Model Certification (CMMC) requirements.\nConducting CFO Act engagements on behalf of more than three dozen federal CFOs and Offices of Inspectors General (OIGs) in the Executive and Legislative Branches.\nConducting FISMA audits and other custom IT and cybersecurity performance audits. Our testing includes evaluations of access controls\, configuration and change management\, systems development life cycle including audits of Agile and Waterfall implementations\, disaster recovery and contingency planning\, and overall governance and security frameworks.\nSupporting agencies adhere to the processes outlined in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800 series and conducting Security Assessment and Authorization (SA&A) activities.\n\n  \nConference Overview \n\nApril 17 \nThe conference will be held on April 17\, 2025 from \n2:45 pm to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe event will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $5 \nThe fee for GWDC Members is $5 for the conference.\nThe fee for all other registrants is $15 for the conference. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 2 CPEs \nAttendees can earn up to 2 CPEs for this event. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \n \n\n2:45 PM – 2:55 PM \n\n\nOpening Remarks and Housekeeping \n  \n\n \n\n3:00 PM – 4:50 PM \n\n\n2025 Panel Discussion on FISMA and Risk Management Framework \nModerator: \n\nSarah Mirzakhani\nPrincipal @ Sikich\n\nPanelists: \n\nJennifer Franks\nDirector\, Center for Enhanced Cybersecurity @ US Government Accountability Office (GAO)\nMark Canter\nChief Information Security Officer (CISO) and Director of the Information Security Division at the U.S. Government Accountability Office (GAO)\nDr. Ron Ross\nChief Executive Officer @ RONROSSECURE\, LLC\nFormer Fellow @ the National Institute of Standards and Technology\n\n\n\n4:50 PM – 5:00 PM \n\n\nClosing Remarks \n\n  \n  \nModerator \n\n \n\n\nSarah Mirzakhani\nPrincipal @ Sikich \nCISA \nSarah Mirzakhani\, CISA\, is a principal with over 20 years of experience in information technology audit/information assurance and information security solutions. Sarah serves federal agencies with varied\, complex IT systems and environments. Her experience includes leading information technology internal control reviews and security audits\, such as the Federal Information Security Modernization Act (FISMA) and overseeing vulnerability assessments and penetration testing. \nSarah is also skilled in conducting and leading system and organization controls/SSAE18 audits and readiness assessments\, regulatory compliance reviews\, and system implementation reviews for not-for-profit\, commercial\, and governmental entities. She has extensive knowledge of the National Institute of Standards and Technology (NIST)\, Federal Information Processing Standards (FIPS)\, and Office of Management and Budget (OMB). \nShe provides services in areas\, such as IT and Cybersecurity Audits\, FISMA Audit Services\, and Performance Audits/p> \nSarah holds a Bachelor of Science in Business Administration\, Management Information Systems\, West Virginia University\, and is a Certified Information Systems Auditor (CISA). She is affiliated with the Information Systems Audit and Control Association (ISACA) and the Association of Government Accountants (AGA). \n \n\n  \nPanelists \n\n \n\n\nJennifer Franks\nDirector\, Center for Enhanced Cybersecurity\nActing Director\, Analytics Foundry\nUS Government Accountability Office (GAO) \nJennifer Franks directs the Center for Enhanced Cybersecurity within GAO’s Information Technology and Cybersecurity team. She oversees reviews that primarily focus on emerging cybersecurity issues and assessing an agency’s ability to protect the confidentiality\, integrity\, and availability of its sensitive data and computing infrastructure. Her multi-disciplinary teams actively review agencies’ computer security vulnerabilities across their enterprise-wide computing environment by assessing program management compliance and technical controls recommended for the agencies to follow in accordance with federal guidance and leading practices. In addition\, she leads reviews in the areas of IT management and operations\, financial management\, healthcare and public health IT\, data protection\, and privacy. \nFurther\, Jennifer serves as the Acting Director of the Analytics Foundry; a dedicated cloud computing environment that manages GAO’s complex analytical functions. \nJennifer earned a master’s degree in information security policy and management from Carnegie Mellon University and earned a bachelor’s degree in computer information systems from Hampton University. \n \n\n\n \n\n\nMark Canter\nChief Information Security Officer (CISO) and Director of the Information Security Division at the U.S. Government Accountability Office (GAO) \nMark Canter is the CISO and Director of the Information Security Division at GAO. In his capacity\, he oversees policy and governance\, information assurance and compliance\, and security operations. Prior to assuming this role\, he served as Assistant Director in the Information Technology and Cybersecurity (ITC) team at GAO. His portfolio included a diverse set of engagements on topics of financial and information systems internal control auditing\, cybersecurity\, emerging technologies such as blockchains\, AI\, and safeguarding/privacy of information. In addition\, he has authored various compliance and auditing tools and published several common vulnerabilities and exploits. \n\n\n \n\n\nDr. Ron Ross\nChief Executive Officer @ RONROSSECURE\, LLC\nFormer Fellow @ the National Institute of Standards and Technology \nRon Ross the Chief Executive Officer at RONROSSECURE\, LLC\, a cybersecurity advisory company and a Fellow at Dartmouth College. His focus areas include computer and information security\, systems security engineering\, trustworthy computing\, high assurance systems\, and security risk management. Dr. Ross currently supports the Dartmouth Institute for Security\, Technology\, and Society conducting applied research in secure systems engineering. A former Fellow at the National Institute of Standards and Technology\, Dr. Ross led the NIST Systems Security Engineering and FISMA Implementation Projects which included the development of cybersecurity standards and guidance for the federal government\, contractors\, and United States critical infrastructure. He also supported the State Department in its international outreach program for cybersecurity and critical infrastructure protection and led the Joint Task Force\, an interagency group with members from the Department of Defense\, Intelligence Community\, and Civil agencies. Dr. Ross served as the Director of the National Information Assurance Partnership\, a joint activity of NIST and the National Security Agency. During his twenty-year military career\, Dr. Ross served as a White House aide and senior technical advisor to the United States Army. He has lectured at colleges and universities throughout the United States and delivered the Commencement address at The George Washington University (School of Engineering). \nDr. Ross has authored numerous publications on risk management\, cybersecurity\, systems security engineering\, and system resiliency. These include: FIPS 199 (security categorization)\, FIPS 200 (security requirements)\, SP 800-30 (risk assessments)\,  SP 800-37 (risk management framework)\, SP 800-39 (enterprise risk management)\, SP 800-53 (security and privacy controls)\,  SP 800-53A (security and privacy control assessments)\, SP 800-53B (security and privacy control baselines)\, SP 800-128 (security configuration management)\, SP 800-160\, Vol. 1 (systems security engineering)\, SP 800-160\, Vol. 2 (cyber resiliency engineering)\, SP 800-171 (protection of controlled unclassified information)\, SP 800-171A (security assessments)\, SP 800-172 (enhanced security requirements)\, and SP 800-172A (enhanced security requirement assessments). \nDr. Ross has received many public and private sector awards including the Presidential Rank Award\, Samuel J. Heyman Service to America Medal for Homeland Security and Law Enforcement\, Michael V. Hayden Lifetime Achievement Award\, Department of Defense Superior Service Medal\, National Security Agency Scientific Achievement Award\, Department of Commerce Gold and Silver Medal Awards\, Applied Computer Security Distinguished Practitioner Award\, GCN Government Executive of the Year Award\, Vanguard Chairman’s Award\, Institute for Critical Infrastructure Technology Pioneer Award\, Information Week’s Government CIO 50 Award\, Billington Cybersecurity Leadership Award\, Office of Director National Intelligence Partnership Award\, ISACA National Capital Area Conyers Award\, ISACA Joseph J. Wasserman Award\, AFFIRM President’s Award\, Symantec Cyber 7 Award\, Government Technology Research Alliance Award\, SC Magazine’s Cyber Security Luminaries Award\, (ISC)2 Lynn F. McNulty Tribute Award\, American Bar Association Science and Technology Special Recognition Award\, 1105 Media Gov30 Award\, and CES Government Technology Leadership Award. He has also been recognized three-times as one of the Top 10 Influencers in Government IT Security and is a five-time recipient of the Federal 100 award for leadership and technical contributions to federal government cybersecurity projects. Dr. Ross has been inducted into the National Cyber Security Hall of Fame\, selected as an (ISC)2 Fellow\, and inducted into the Information Systems Security Association Hall of Fame receiving its highest honor of Distinguished Fellow. \nDr. Ross holds a Bachelor of Science degree in Engineering from the United States Military Academy at West Point. He also holds Masters and Ph.D. degrees in Computer Science from the United States Naval Postgraduate School with a concentration in artificial intelligence and robotics. He was commissioned as a Second Lieutenant in the United States Army\, served as a Mechanized Infantry and Army Acquisition Corp officer\, completed Airborne training\, and retired with the rank of Lieutenant Colonel. \n \n\n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \n  \nCPE Information \nEarn up to 2 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about current and future trends in the IT Audit space. \n  \nCPE-Related Details \n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/fisma-rmf-panel-2025/ LOCATION:Virtual Event CATEGORIES:Panels ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/12/panel-fisma.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250412T083000 DTEND;TZID=America/New_York:20250412T163000 DTSTAMP:20260613T215528 CREATED:20250105T193823Z LAST-MODIFIED:20250115T222759Z UID:33471-1744446600-1744475400@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Certified Information Security Manager® (CISM®) Review Course DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certified Information Security Manager® (CISM) Exam. The CISM® review course will provide practical advice on preparing for the CISM exam and specific instruction regarding the job practice areas addressed by CISM as defined by ISACA® Global. \nThis event is ideal for professionals planning to sit for the CISM exam. Attendees are encouraged to prepare in advance to maximize the benefits of the course. \nRegistration closes on April 11 @ 3 pm. \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nCourse Overview \n\nApril 12\, 19\, & 26 \nThe course will be held on April 12\, 19 & 26 (Saturdays) from 8:30 am to 4:30 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Teams. \nPrior to the event\, participants must install the Team app on their respective devices. Participants using the web-based Teams or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $450 \nThe fee for GWDC Members is $450 for the course.\nThe fee for all other registrants is $800 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 21 CPEs \nAttendees can earn up to 21 CPEs for this event. \nParticipants must respond to all the poll questions via the Teams polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n\n  \nAgenda \n\nDay 1 \n\n\nModule 1 – Information Security Governance \nModule 2 – Information Security Risk Management \n\n\nDay 2 \n\n\nModule 3 – Information Security Program \nModule 4 – Incident Management \n\n\nDay 3 \n\n\nModule 5 – Exam Preparation Strategies \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISM exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISM Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISM Review Manual and the CISM Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n CISM Review Manual\n CISM Review Questions\, Answers & Explanations Manual\n CISM Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISM page as part of their study program.  \n  \nInstructor \n\n \n\n\nJim Wiggins\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M \nJim has over 28 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 23 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n \n\n  \nMore Information on CISM \n \nRegistration for the CISM exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CISM and Exam Registration \n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 21 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nCPE-Related Details \n\n Learning Objective: After completing the course\, students will be prepared to sit for the CISM exam.\n Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n Program Knowledge Level: Basic\n Delivery Method:  Group Internet Based\n Field of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/cism-review-course-spring2025/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/08/review_course_cism-1.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250411T083000 DTEND;TZID=America/New_York:20250411T140000 DTSTAMP:20260613T215528 CREATED:20250105T192645Z LAST-MODIFIED:20250402T005806Z UID:33506-1744360200-1744380000@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:PowerShell® Workshop: Active Directory DESCRIPTION:Auditors performing audits of Windows systems inevitably need to obtain information from Active Directory®\, Microsoft’s platform for providing directory services to Windows and other devices. Whether it’s data on user accounts\, computer accounts\, group membership\, or configurations in group policy objects\, Active Directory is often a critical data source for Windows system audits. \nWhile Active Directory graphic user interfaces can be used to obtain this information\, they are often not efficient to use and some information isn’t easy to find and download. This often results in administrators needing to provide data or screenshots. \nPowerShell® provides a better method of obtaining information from Active Directory. As a Microsoft product\, PowerShell has a variety of commands for working with Active Directory. These include commands to obtain data on Active Directory objects\, such as users\, computers\, groups\, and group policy objects. Using simple PowerShell scripting capabilities\, auditors can develop scripts to efficiently collect data from Active Directory and perform audit tests on this data. \nThis one-day workshop will cover the PowerShell commands needed to obtain user\, computer\, group\, and group policy object data from Active Directory. The course will also cover basic audit tests that can be performed using PowerShell on Active Directory objects.  Attendees will be provided access to a virtual server to practice commands and perform hands-on exercises. \nAuditors and security professionals who audit Active Directory will benefit from attending this course. \nThis course builds on the concepts presented in the PowerShell® Basics Workshop. \nRegistration closes on April 10 @ 3pm. \nRegister Today! \n  \nCourse Overview \n\nApril 11 \nThe workshop will be held on April 11 from 8:30 am to 2:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Teams or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $100 \nThe fee for GWDC Members is $100 for the course.\nThe fee for all other registrants is $150 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 6 CPEs \nAttendees can earn up to 7 CPEs for this event. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n \n  \nAgenda \n\nBasics of Using PowerShell\nOverview of PowerShell’s Active Directory and Group Policy modules\nHands-on Practice on use cases for collecting data for and auditing:\n\nUsers\nComputers\nGroups and Group Memberships\nAD Organizational units\nGroup Policy Objects\n\n\nRecap and PowerShell resources\n\n  \nAdditional Course Details \nHands-on Lab Exercises \nEach student will be provided access to a Windows Server to use during the course. The server will be hosted on the Azure Lab Services platform. \nThe server will be accessed using Windows Remote Desktop. Therefore\, on the course dates\, students will need to use a Windows-based computer that permits use of the Remote Desktop protocol. \nAn email will be sent to each student this evening with instructions on accessing the virtual server. Students are encouraged to register and follow the instructions to access the virtual server prior to the start of the seminar. \nEach lesson in the course has practice commands to use during the lesson and practice exercise to reinforce lesson concepts.  All lesson materials will be pre-loaded onto each student’s virtual server. \n  \nMaterials Provided During the Seminar \nEach student attending the seminar will be provided: \n\nPresentation materials\nPowerShell scripts for each lesson\nAccess to the virtual server for up to 10 hours after the course ends for additional practice\nLink to the seminar recording\, good for 30 days after the seminar\n\n  \nInstructor \n\n \n\n\nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 30 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 20+ years\, most of the time as Internet/Communications Director. Mike is currently the Information Technology Director\, where he manages the chapter’s website and IT environment. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n\n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 6 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter completing this course\, students will have basic skills to use PowerShell to obtain\, view\, and export data from Active Directory.  \n  \nCPE-Related Details \n\nPrerequisites: Students should be familiar with using PowerShell and working with Active Directory.\nAdvance Preparation: The instructor will provide materials in advance of the course. The instructor will also provide credentials to access a virtual server several days in advance of the course. Students should log onto the server and share any issues with the instructor in advance of the course.\nProgram Knowledge Level: Intermediate\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/powershell-workshop-active-directory/ LOCATION:Virtual Event CATEGORIES:Workshop ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/01/workshop_powershell_active_directory.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250327T083000 DTEND;TZID=America/New_York:20250327T170000 DTSTAMP:20260613T215528 CREATED:20250105T191755Z LAST-MODIFIED:20250105T201022Z UID:33495-1743064200-1743094800@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:NIST Privacy Framework Workshop DESCRIPTION:This intensive one-day virtual workshop\, “NIST Privacy Framework\,” scheduled for Thursday\, March 27th\, 2025\, will provide participants with a thorough understanding of how to manage privacy risks and protect individual privacy while achieving organizational objectives. The workshop will cover strategies for implementing privacy practices that align with regulatory requirements. Participants will gain valuable insights and practical knowledge to enhance their organization’s privacy management capabilities. The workshop offers 7 Continuing Professional Education (CPE) credits. \nRegistration closes on March 26 @ 3pm.  \nRegister Today! \n  \nCourse Overview \n\nMarch 27 \nThe workshop will be held on March 27 from 8:30 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Teams. \nPrior to the event\, participants must install the Teams app on their respective devices. Participants using the web-based Teams or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $125 \nThe fee for GWDC Members is $125 for the course.\nThe fee for all other registrants is $200 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 7 CPEs \nAttendees can earn up to 7 CPEs for this event. \nParticipants must respond to all the poll questions via the Teams polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n \n  \nAgenda \nModule 0: Course Overview and Introduction \n\nIntroduction and Course Overview\nParticipant Introductions\nWhat is the NIST Privacy Framework?\nCourse Schedule\nCourse Format\nLearning Objectives\nExpected Outcomes\nStudent Prerequisites\nCourse Logistics\nRecap\n\nModule 1: Introduction to Privacy and Risk Management \n\nDefining Privacy in the Modern Digital Landscape\nChallenges in Managing Privacy Risks\nEnterprise Risk Management Overview\nThe Role of Privacy in Organizational Goals\nEvolution of Privacy Frameworks\nData Processing Ecosystem Overview\nEthical Decision-Making and Privacy\nKey Stakeholders in Privacy Risk Management\nPrivacy Risk vs. Compliance Risk\nBuilding a Privacy-Driven Culture\nCase Study\nQuiz\n\nModule 2: Core Components of the Privacy Framework \n\nOverview of the Privacy Framework Core\nIdentify-P Function\nGovern-P Function\nControl-P Function\nCommunicate-P Function\nProtect-P Function\nCategories and Subcategories: Structuring Privacy Activities\nLinking Privacy to the Cybersecurity Framework\nGranularity in Privacy Risk Management\nThe Importance of Subcategory Customization\nCase Study\nQuiz\n\nModule 3: Building and Using Profiles \n\nWhat Are Privacy Profiles?\nCurrent vs. Target Profiles\nRole of Profiles in Organizational Privacy\nSteps to Develop a Privacy Profile\nPrioritizing Outcomes and Activities\nUsing Profiles for Self-Assessment\nAligning Profiles with Business Needs\nComparing Multiple Profiles Across Roles\nIntegrating Profiles in Organizational Strategy\nProfiles as a Communication Tool\nCase Study\nQuiz\n\nModule 4: Implementation Tiers and Organizational Maturity \n\nOverview of Implementation Tiers\nPartial Tier: Foundational Privacy Management\nRisk-Informed Tier: Evolving Awareness\nRepeatable Tier: Formalized Practices\nAdaptive Tier: Continuous Improvement\nCriteria for Assessing Maturity Levels\nProgression Through Tiers\nLinking Tiers to Organizational Goals\nCollaboration and Communication for Tiers\nRealizing Privacy Maturity Benefits\nCase Study\nQuiz\n\nModule 5: Privacy Risk Assessment and Mitigation \n\nDefining Privacy Risk Factors\nProblematic Data Actions and Their Impacts\nSteps in Privacy Risk Assessment\nRisk Models for Privacy Management\nLikelihood and Impact Analysis\nResponding to Privacy Risks\nRisk Mitigation Strategies\nUsing Privacy Risk Assessment Methodology (PRAM)\nBalancing Risk Tolerance and Resources\nImplementing Risk Assessment Outcomes\nCase Study\nQuiz\n\nModule 6: Governance and Accountability \n\nImportance of Governance in Privacy\nDeveloping Organizational Privacy Values\nEstablishing Roles and Responsibilities\nPolicies for Privacy Risk Management\nTraining and Awareness Initiatives\nMonitoring and Reviewing Privacy Policies\nStrengthening Cross-Functional Collaboration\nAccountability Across Ecosystem Stakeholders\nEmbedding Privacy in Decision-Making\nReporting on Privacy Metrics and Progress\nCase Study\nQuiz\n\nModule 7: Integrating Privacy into the System Development Lifecycle (SDLC) \n\nAligning Privacy with SDLC Phases\nPlanning for Privacy from the Start\nPrivacy in Design and Build Phases\nDeploying Privacy-Centric Solutions\nOperating with Privacy Safeguards\nDecommissioning with Privacy in Mind\nPrivacy Engineering Objectives Explained\nPredictability\, Manageability\, and Disassociability\nLeveraging SDLC Artifacts for Privacy\nPractical Integration Techniques\nCase Study\nQuiz\n\nModule 8: Engaging in the Data Processing Ecosystem \n\nUnderstanding Ecosystem Roles\nPrivacy in the Data Processing Ecosystem\nIdentifying Stakeholders and Relationships\nPrivacy Requirements Communication\nContracts and Governance in the Ecosystem\nManaging Interdependencies\nUsing Interoperability Frameworks\nAssessing Ecosystem Risk\nAligning Ecosystem Roles with Privacy Goals\nEcosystem-Wide Collaboration and Innovation\nCase Study\nQuiz\n\n  \nInstructor \n\n \n\n\nJim Wiggins\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M \nJim has over 28 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 23 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n \n\n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objectives \n\nUnderstand the foundational components and structure of the NIST Privacy Framework.\nGain knowledge of privacy risk management and its importance in protecting individual privacy.\nLearn strategies for aligning privacy practices with organizational objectives and regulatory requirements.\nDevelop skills to implement the framework in real-world scenarios effectively.\nApply the framework through practical exercises to address privacy challenges and enhance management capabilities.\n\nCPE-Related Details \n\nPrerequisites and Advance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/nist-privacy-framework-workshop/ LOCATION:Virtual Event CATEGORIES:Workshop ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/01/workshop_nist_privacy_framework.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250327T080000 DTEND;TZID=America/New_York:20250327T170000 DTSTAMP:20260613T215528 CREATED:20250217T145159Z LAST-MODIFIED:20250217T145159Z UID:33626-1743062400-1743094800@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:IT Fraud Conference - ACFE DC & ISACA GWDC (in-person) DESCRIPTION:IT Fraud Conference – ACFE DC & ISACA GWDC (in-person) \nIncidents of information technology being maliciously exploited reduce confidence and trust in the attacked organization’s security and operations.  In November 2024\, the Global Anti-Scam Alliance noted that scammers siphoned more than $1 trillion globally in the past 12 months.  In addition\, Recorded Future’s Annual Payment Fraud Intelligence Report noted that 269 million card data and 1.9 million stolen bank checks were posted on the dark web in 2024. Join the Washington Metropolitan Association of Certified Fraud Examiners (ACFE DC) and ISACA Greater Washington DC (ISACA GWDC) in their 2025 IT Fraud Conference. \nDate: March 27\, 2025 (Thursday); 0800-1700 ET (up to 8 NASBA CPEs) \nLocation: 1801 K St. NW Washington\, DC 20036 (KPMG Conference Rooms) \nBreakfast and Lunch included. \nTo view the event agenda\, topics\, and presenters\, as well as register\, please visit the ACFE DC website. \n\nPlease Note:  All registrations\, questions\, communications\, and CPE issuance are handled by the ACFE DC. \n\n  \nGWDC Members can register on the ACFE website for $100 using a discount code.  Email us using the Registration Questions Contact Form to receive the discount code. \nRegister on the ACFE DC website using the link below (registration details are at the bottom of the page). \nRegister Today! \n  URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/acfe-fraud-conference-2025/ LOCATION:1801 K Street. NW\, 1801 K. Street NW\, Washington\, D.C.\, DC\, 20036\, United States CATEGORIES:Special Event ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2020/09/Screen-Shot-2020-10-01-at-9.06.01-AM.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250325T083000 DTEND;TZID=America/New_York:20250327T170000 DTSTAMP:20260613T215528 CREATED:20250105T190836Z LAST-MODIFIED:20250106T011852Z UID:33464-1742891400-1743094800@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Certificate of Cloud Auditing Knowledge (CCAK™) Review Course DESCRIPTION:The CCAK review course is designed to cover the following five core areas of focus: Cloud governance\, Cloud compliance\, Cloud auditing\, Cloud assurance\, and CSA tools. The course will provide knowledge on cloud security assessment methods and techniques\, and will assist students in updating their expertise in cloud and hybrid security auditing. CCAK is a joint project by Cloud Security Alliance® and ISACA®. The CCAK is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program fills the gap in the market for technical education for cloud IT auditing. \nThis course is intended for anyone sitting for the CCAK Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on March 24 @ 3pm. \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nCourse Overview \n\nMarch 25 – 27 \nThe course will be held on March 25 – 27 from 8:30 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $500 \nThe fee for GWDC Members is $500 for the course.\nThe fee for all other registrants is $700 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 24 CPEs \nAttendees can earn up to 24 CPEs for this event. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n \n  \nCourse Modules \n\nModule 1 \n\n\nCloud Governance \n\nOverview of governance\nCloud assurance\nCloud governance frameworks\nCloud risk management\nCloud governance tools\n\n\n\nModule 2 \n\n\nCloud Compliance Program \n\nDesigning a cloud compliance program\nBuilding a cloud compliance program\nLegal and regulatory requirements\nStandards and security frameworks\nIdentifying controls and measuring effectiveness\nCSA certification\, attestation and validation\n\n\n\nModule 3 \n\n\nCCM and CAIQ Goals\, Objectives and Structure \n\nCCM\nCAIQ\nRelationship to standards: mappings and gap analysis\nTransition from CCM V3.0.1 to CCM V4\n\n\n\nModule 4 \n\n\nA Threat Analysis Methodology for Cloud Using CCM \n\nDefinitions and purpose\nAttack details and impacts\nMitigating controls and metrics\nUse case\n\n\n\nModule 5 \n\n\nEvaluating a Cloud Compliance Program \n\nEvaluation approach\nA governance perspective\nLegal\, regulatory and standards perspectives\nRisk perspectives\nServices changes implications\nThe need for continuous assurance/continuous compliance\n\n\n\nModule 6 \n\n\nCloud Auditing \n\nAudit characteristics\, criteria & principles\nAuditing standards for cloud computing\nAuditing an on-premises environment vs. cloud\nDifferences in assessing cloud services and cloud delivery models\nCloud audit building\, planning and execution\n\n\n\nModule 7 \n\n\nCCM: Auditing Controls \n\nCCM audit scoping guidance\nCCM risk evaluation guide\nCCM audit workbook\nCCM an auditing example\n\n\n\nModule 8 \n\n\nContinuous Assurance and Compliance \n\nDevOps and DevSecOps\nAuditing CI/CD pipelines\nDevSecOps automation and maturity\n\n\n\nModule 9 \n\n\nSTAR Program \n\nStandard for security and privacy\nOpen Certification Framework\nSTAR Registry\nSTAR Level 1\nSTAR Level 2\nSTAR Level 3\n\n\n  \nInstructor \n\n \n\n\nSushila Nair\nCISSP\, GIAC GSTRT\, GSNA GDSA\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is the CEO of Cybernetic LLC and former Vice President of Capgemini’s North American Cybersecurity practice\, where she played a crucial role in driving secure digital transformation on a global scale. With over 30 years of experience in computing infrastructure\, business\, and security risk analysis\, Sushila has established herself as a leading authority in the cybersecurity domain. Her career highlights include serving as Vice President responsible for global security offers at NTT DATA Services\, a decade of leading her own IT and cybersecurity company across major UK cities\, and serving as a Chief Information Security Officer (CISO) and trusted advisor to boards\, where she honed her expertise in protecting organizations from evolving digital threats. Recognized through the top cybersecurity leader award by Security Magazine\, Sushila’s influence in the industry is undeniable. \nAn esteemed thought leader\, Sushila has shared her insights on prestigious platforms such as RSA Conference and ISACA’s global events. Her active participation in ISACA’s global emerging trends working group and her leadership as President of ISACA’s Greater Washington\, D.C. Chapter underscore her dedication to advancing the field of cybersecurity. In 2024\, her commitment to nurturing the next generation of cybersecurity professionals and promoting diversity in the industry was honored with the prestigious ISACA Technology for Humanity Award. \n \n\n  \nCCAK Information and Resources \n  \n \nThe CCAK exam will be offered via Computer-Based Testing (CBT). \nRegistration for the CCAK exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CCAK and Exam Registration \n  \nCCAK Exam Preparation \nStudents who wish to take the exam should purchase the exam study guide here. The Q&A database is purchased here and is helpful for the exam revision. \n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 24 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objectives \n\nDemonstrate key concepts of cloud governance and the role of assurance\, transparency and accountability in the cloud.\nExplain cloud risk management and the application of cloud governance tools.\nDevise the designing\, building and evaluating of a cloud compliance program based on laws\, regulations and regulatory standards.\nApply control objectives\, technical and process controls\, security metrics and relate them to cloud control frameworks\, certification\, attestation and authorizations.\nDefine and illustrate how to use the CSA Cloud Control Matrix and the CSA Top Threat Analysis Methodology.\nBuild and execute an audit plan that addresses cloud concerns by utilizing the Cloud Control Matrix.\nDiscuss the impact of continuous assurance and auditing\, cloud automation\, native development and integration models on auditing and compliance .\nDescribe the role of the CSA STAR Program.\n\n  \nCPE-Related Details \n\nPrerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/certificate-of-cloud-auditing-knowledge-ccak-review-course/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/08/review_course_ccak-1.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250320T083000 DTEND;TZID=America/New_York:20250320T123000 DTSTAMP:20260613T215528 CREATED:20241231T183229Z LAST-MODIFIED:20250319T125528Z UID:33353-1742459400-1742473800@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:SheLeadsTech - Celebrating Women in Technology DESCRIPTION:In celebration of Women’s Month this March\, this SheLeadsTech Conference brings together IT audit and cybersecurity professionals to celebrate the contributions of women leaders in the field while fostering inclusivity and collaboration for all. This unique event is designed for both men and women\, offering sessions that highlight innovation\, leadership\, and strategies to excel in the rapidly evolving tech landscape. \nFeaturing an all-female lineup of inspiring speakers\, this conference provides an opportunity to: \n\nGain actionable insights from industry leaders driving change in IT audit and cybersecurity\nExplore cutting-edge solutions and strategies to address today’s most pressing challenges\nBuild connections in an inclusive environment that champions diversity and collaboration\nCelebrate the achievements of women while engaging in meaningful discussions about empowering the next generation of leaders\n\nWhether you’re an IT auditor\, IT/Cyber professional\, or business leader\, join us for a day of inspiration\, education\, and connection as we celebrate Women’s Month and explore how diverse perspectives strengthen the future of technology and leadership. Together\, we can lead\, innovate\, and thrive. \nRegistration closes on March 19th @ 2pm. \nRegister Today! \n  \nConference Overview \n\nMarch 20 \nThe conference will be held on March 20\, 2025 from \n8:30 am to 12:30 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe conference will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $10 \nThe fee for GWDC Members is $10 for the conference.\nThe fee for all other registrants is $30 for the conference. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 4 CPEs \nAttendees can earn up to 4 CPEs for this event. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n \n  \nSpeaker Insights Showcase \nThe GWDC Media Relations team works with Conference speakers to share insights into their IT journey as well as their topic for the conference in the “Speaker Insights Showcase” series. Below are the videos for three of this month’s speakers. \nYou can view the full Speaker Insights Showcase series on our YouTube channel. \n \n  \n\n \n  \n\nAgenda \n \n\n08:30 AM – 09:30 AM \n\n\nAccelerate Your Tech Mastery: Leveraging Generative AI to Empower Women in STEM \nPresenter: Sujatha Dantuluri (AWS) \nIn the rapidly evolving technology industry\, the pace of change and the emergence of transformative innovations\, such as generative AI\, have created a pressing need for continuous upskilling and reskilling. This is especially true for women in STEM fields\, who often face unique challenges in accessing the resources and support necessary to keep their skills sharp and stay ahead of the curve. \nThis session will explore how women in tech can leverage the capabilities of Amazon Bedrock\, a comprehensive generative AI platform\, to accelerate their technical upskilling and drive innovation. Through interactive demonstrations and real-world case studies\, attendees will learn how to leverage Bedrock’s advanced language models\, multimodal capabilities\, and customization features to tackle complex challenges\, automate repetitive tasks\, and unlock new levels of creativity and problem-solving. \n\n \n\n09:30 AM – 10:30 AM \n\n\nThe Power of Partnerships \nPresenter: Marcelle Lee (Equinix) \nIn my role as lead for cyber threat research at Equinix\, I am responsible for intelligence sharing partnerships. In this talk\, I will discuss how to establish\, maintain\, and grow these crucial relationships. I will also share practical tips on starting an intelligence sharing program and highlight some success stories that demonstrate the value of collaboration in enhancing cybersecurity. \n\n \n\n10:30 AM – 11:30 AM \n\n\nFireside Chat – Leadership & Talent Development: Breaking Barriers and Building Future-Ready Skills \nPresenters: Emily Lewis Pinnell (Tential Solutions) and Sushila Nair (Cybernetic) and Avneet Sabharwal (GWDC Programs Director) \nJoin us for an engaging fireside chat as part of the ISACA Greater Washington DC SheLeadsTech initiative\, where we will explore the evolving landscape of leadership and talent development. In an era of rapid technological advancements\, organizations are seeking professionals who can blend technical expertise with strategic leadership\, risk management\, and business acumen. \nThis conversation will delve into the most in-demand skills in cybersecurity and IT governance\, from cloud security and AI risk management to regulatory compliance and zero-trust architectures. We’ll discuss practical strategies for upskilling\, career progression\, and overcoming the ‘pink ceiling’—the invisible barriers that often hinder women from reaching leadership roles. \nThrough real-world insights and success stories\, our speakers will address mentorship\, executive presence\, and building influence. Whether you are an emerging leader or an experienced professional looking to advance\, this session will provide actionable strategies to help you future-proof your career\, navigate workplace challenges\, and step into leadership with confidence. \nDon’t miss this opportunity to gain industry insights\, and be part of the conversation shaping the future of leadership in IT audit and cybersecurity. \n\n \n\n11:30 AM – 12:30 AM \n\n\nPioneering Change Through Bold Innovation \nPresenter: Gurmeet Kaur (Agilious) \nThe United Nations finds that in 2022\, only 17% of inventors holding international patents were women\, while 83% were men. To achieve innovation and progress\, it’s necessary to challenge the status quo\, think outside the box\, and break established rules. \nJoin our speaker\, Gurmeet Kaur\, as she walks us through how to navigate barriers\, believe in your idea even when facing challenges\, and persevere against the bias that holds us back. \n\n  \nPresenters \n \n\n  \n  \n  \n\n\nSujatha Dantuluri\nSenior Solutions Architect on the US Federal Civilian team @ AWS \nSujatha Dantuluri is a Senior Solutions Architect on the US Federal Civilian team at AWS. With over 20 years of experience supporting both commercial and government customers\, she is a trusted advisor in building and architecting mission-critical solutions. An active public speaker\, Sujatha also contributes to IEEE standards. Additionally\, she serves as a mentor for women in within and outside the AWS. Sujatha is an active participant in initiatives that enable and empower women in the industry. \n \n\n \n\n \n\n\nMarcelle Lee\nPrincipal Information Security Engineer | Team Lead\, Cyber Threat Research @ Equinix \nMarcelle is a principal information security engineer at Equinix\, the world’s largest digital infrastructure company\, where she oversees the cyber threat research team. She has more than ten years of experience in cybersecurity\, specializing in cyber threat analysis\, research\, and reporting\, identification of tactics\, techniques and procedures (TTPs)\, campaign tracking\, threat hunting\, network traffic analysis\, intrusion analysis\, digital forensics\, malware analysis\, and technical writing. Before embarking on her cyber career\, Marcelle had years of experience leading operations and projects for a variety of organizations. \nMarcelle is also a passionate educator and a published author\, teaching digital forensics and cybersecurity courses at University of Maryland. She is a recognized community leader\, presenting technical talks and training\, providing mentoring\, and volunteering on numerous boards and committees. She is driven by the mission of advancing and empowering people in the field of cybersecurity. \nIf you are looking for a key for a CTF challenge it is “diversity.” \n \n\n \n\n \n\n\nEmily Lewis Pinnell\nSenior Vice President\, Professional Services @ Tential Solutions \nI have worked with hundreds of customers in managing Data\, Cloud and AI initiatives. In building innovative professional services teams\, I focus on the pairing technical expertise with a focus on the impact to people and process. \nI love building and making a tangible impact. With a focus on strategic growth\, I’ve achieved significant success in delivering compelling and tangible results. I am demonstrably committed to optimizing organizational systems\, performance—and the bottom line. \nI effectively lead and empower top-performing global teams. With excellent communication and interpersonal skills\, I easily build productive relationships with diverse groups of key stakeholders\, shareholders\, clients\, and colleagues at all levels. \n \n\n\n \n\n\nSushila Nair\nCEO of Cybernetic LLC\nCISSP\, GIAC GSTRT\, GSNA GDSA\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is the CEO of Cybernetic LLC and former Vice President of Capgemini’s North American Cybersecurity practice\, where she played a crucial role in driving secure digital transformation on a global scale. With over 30 years of experience in computing infrastructure\, business\, and security risk analysis\, Sushila has established herself as a leading authority in the cybersecurity domain. Her career highlights include serving as Vice President responsible for global security offers at NTT DATA Services\, a decade of leading her own IT and cybersecurity company across major UK cities\, and serving as a Chief Information Security Officer (CISO) and trusted advisor to boards\, where she honed her expertise in protecting organizations from evolving digital threats. Recognized through the top cybersecurity leader award by Security Magazine\, Sushila’s influence in the industry is undeniable. \nAn esteemed thought leader\, Sushila has shared her insights on prestigious platforms such as RSA Conference and ISACA’s global events. Her active participation in ISACA’s global emerging trends working group and her leadership as President of ISACA’s Greater Washington\, D.C. Chapter underscore her dedication to advancing the field of cybersecurity. In 2024\, her commitment to nurturing the next generation of cybersecurity professionals and promoting diversity in the industry was honored with the prestigious ISACA Technology for Humanity Award. \n \n\n\n \n\n\nAvneet Sabharwal\nIT Audit Manager and GWDC Programs Director\nCISA\, CMMC-AB Registered Practioner \nAvneet Sabharwal is an experienced IT Auditor with nearly a decade of expertise across various industries\, including consulting\, finance\, and telecommunications. She has worked extensively on SOX\, SOC 1\, and FSA audits. In her current role\, Avneet is an Internal Audit Manager at a financial planning firm\, focusing on information systems and data analytics. \nAvneet holds a Master’s degree in Information Systems and Technology and an MBA from the George Washington School of Business. She is also certified as a CISA and a CMMC-AB Registered Practitioner. \nIn addition to her professional role\, Avneet serves as the Director of Virtual Conferences on the ISACA GWDC chapter Board\, where she is responsible for planning\, organizing\, and hosting monthly conferences. \nIn her free time\, Avneet enjoys traveling and exploring new places with her family\, reading thriller novels\, and\, recently\, delving into the art of prompting. \n \n\n \n\n \n\n\nGurmeet Kaur\nChief Product & Experience Officer @ Agilious \nGurmeet is a product and design leader with passion for designing and delivering extraordinary user experiences. Gurmeet’s expertise is in driving user engagement by planning\, designing and delivering digital products that meet end user needs. She brings 25+ years of experience leading successful transformations across the private and non-profit sectors. Gurmeet is building Agilous’s strategy and design practices to ensure all applications and products we build are based on customer data and deliver clear value to the enterprise (private or public sector) and their end users. \nGurmeet joined Agilious from Capital One\, where she built a Developer Experience team from the ground up and delivered the long term vision for Capital One Developer Experience. Gurmeet has led the product transformation at AARP’s for-profit sector and doubled member engagement on the benefits’ app. In her tenure at Marriott she served as the digital lead for all acquisitions\, successfully integrating multiple brands into the digital Marriott platforms\, including The Ritz-Carlton\, Starwood\, Gaylord\, MOXY\, Atlantis\, Protea\, and AC hotels. \nGurmeet is a Gallup certified coach with deep expertise in building high-performing teams by leveraging collective skills\, diverse perspectives\, and complementary expertise. She is also the published author of Empathy & Arrogance: The Paradox of Digital Products\, a compilation of lessons learned over two decades of building digital products. \n \n\n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about current and future trends in emerging technology. \n  \nCPE-Related Details \n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/emerging-technology-conference-2025/ LOCATION:Virtual Event CATEGORIES:Conferences ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/12/conference-emergingtech-sheleadstech.png ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250319T080000 DTEND;TZID=America/New_York:20250319T173000 DTSTAMP:20260613T215528 CREATED:20250105T185012Z LAST-MODIFIED:20250311T230146Z UID:33454-1742371200-1742405400@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Cybersecurity Audit Certificate Review Course DESCRIPTION:It’s not just the high cost to an organization in the event of a breach\, but the inevitability of an attack that makes cybersecurity critical. With the increasing number of cyberthreats\, it is becoming critical for the audit plan in every organization to include cybersecurity. As a result\, auditors are increasingly being required to audit cybersecurity processes\, policies and tools to provide assurance that their enterprise has appropriate controls in place. Vulnerabilities in cybersecurity can pose serious risks to the entire organization—making the need for IT auditors well-versed in cybersecurity audit greater than ever. \nISACA’s Cybersecurity Audit Certificate Program provides audit/assurance professionals with the knowledge needed to excel in cybersecurity audits. It provides security professionals with an understanding of the audit process\, and IT risk professionals with an understanding of cyber-related risk and mitigating controls. \nThis course is intended for anyone wanting to strengthen their cybersecurity audit skills as well as those students preparing for the Cybersecurity Audit Certificate exam. \nRegistration closes on March 18 @ 3pm. \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nCourse Overview \n\nMarch 19 \nThe course will be held on March 19\, 2025 from \n8:00 am to 5:30 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $125 \nThe fee for GWDC Members is $125 for the course.\nThe fee for all other registrants is $200 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 9 CPEs \nAttendees can earn up to 9 CPEs for this event. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n \n  \nAgenda \nThe course cover the following domains for the Cybersecurity Audit Certificate: \n\nSecurity Frameworks & Best Practices\nThreat Assessment & Management\nAuthorization Processes & Governance\nAsset\, Configuration\, Change & Patch Management Practices\nEnterprise Identity & Information Access Management\nCyber & Legal Regulatory Requirements\n\n  \nInstructor \n\n \n\n\nSushila Nair\nCISSP\, GIAC GSTRT\, GSNA GDSA\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is the CEO of Cybernetic LLC and former Vice President of Capgemini’s North American Cybersecurity practice\, where she played a crucial role in driving secure digital transformation on a global scale. With over 30 years of experience in computing infrastructure\, business\, and security risk analysis\, Sushila has established herself as a leading authority in the cybersecurity domain. Her career highlights include serving as Vice President responsible for global security offers at NTT DATA Services\, a decade of leading her own IT and cybersecurity company across major UK cities\, and serving as a Chief Information Security Officer (CISO) and trusted advisor to boards\, where she honed her expertise in protecting organizations from evolving digital threats. Recognized through the top cybersecurity leader award by Security Magazine\, Sushila’s influence in the industry is undeniable. \nAn esteemed thought leader\, Sushila has shared her insights on prestigious platforms such as RSA Conference and ISACA’s global events. Her active participation in ISACA’s global emerging trends working group and her leadership as President of ISACA’s Greater Washington\, D.C. Chapter underscore her dedication to advancing the field of cybersecurity. In 2024\, her commitment to nurturing the next generation of cybersecurity professionals and promoting diversity in the industry was honored with the prestigious ISACA Technology for Humanity Award. \n \n\n  \nCybersecurity Audit Certificate Exam \n \nThe exam is be offered via Computer-Based Testing (CBT). \nRegistration and administration of the exam is handled by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \nFor full details on this certificate\, visit the ISACA’s Cybersecurity Audit Certificate page. \n  \nExam Preparation \nFor students who wish to take the Cybersecurity Audit Certificate exam\, it is highly recommended that the prospective candidates should purchase the official study guide. \n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 9 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org. \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objectives: \nBy the end of this course you will be able to: \n\nDefine the roles and responsibilities of a cybersecurity auditor\nUnderstand security frameworks to identify best practices\nAssess the threats with the help of vulnerability management tools\nExplain all aspects of cybersecurity governance\nManage enterprise identity and information access\nRecall the definitions of cybersecurity processes and components related to cybersecurity operations\nDefine threat and vulnerability management\nBuild and deploy secure authorization processes\nDescribe the concepts of firewall\, wireless and network security technologies in reducing the risk of cyber attack\n\n  \nCPE-Related Details \n\nPrerequisites and Advance Preparation: While not required\, professionals who possess a fundamental understanding of cybersecurity concepts and prior audit experience will be best positioned to succeed in this course and the Cybersecurity Audit Certificate Exam.\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/cybersecurity-audit-review-course/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/01/review_course_cyberaudit.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250317T090000 DTEND;TZID=America/New_York:20250319T170000 DTSTAMP:20260613T215528 CREATED:20250105T183650Z LAST-MODIFIED:20250105T200851Z UID:33483-1742202000-1742403600@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Certified in Risk and Information Systems Controls™ (CRISC®) Review Course DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certified in Risk and Information Systems Controls™ (CRISC®).  This review course will provide practical advice on preparing for the CRISC exam and specific instruction regarding the job practice areas addressed by CRISC as defined by ISACA® Global. \nThis event is intended for anyone sitting for the CRISC Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on March 16 @ 3 pm. \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nCourse Overview \n\nMarch 17 – 19 \nThe course will be held on March 17 – 19 from 9:00 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Teams. \nPrior to the event\, participants must install the Team app on their respective devices. Participants using the web-based Teams or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $550 \nThe fee for GWDC Members is $550 for the course.\nThe fee for all other registrants is $800 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 21 CPEs \nAttendees can earn up to 21 CPEs for this event. \nParticipants must respond to all the poll questions via the Teams polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n \n  \nAgenda \n\nDay 1 \n\n\nIntroduction \nGovernance (Domain 1) \n\n\nDay 2 \n\n\nIT Risk Assessment (Domain 2) \nRisk Response and Reporting (Domain 3) \n\n\nDay 3 \n\n\nInformation Technology and Security (Domain 4) \nPractice Tests \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CRISC exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CRISC Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CRISC Review Manual and the CRISC Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\nCRISC Review Manual\nCRISC Review Questions\, Answers & Explanations Manual\nCRISC Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CRISC page as part of their study program.  \n  \nInstructor \n\n \n\n\nJim Wiggins\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M \nJim has over 28 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 23 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n \n\n  \nMore Information on CISM \n \nRegistration for the CRISC exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CRISC and Exam Registration \n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 21 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nCPE-Related Details \n\nLearning Objective: After completing the course\, students will be prepared to sit for the CRISC exam.\nPrerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/crisc-review-course-spring2025/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/01/review_course_crisc.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250310T083000 DTEND;TZID=America/New_York:20250313T170000 DTSTAMP:20260613T215528 CREATED:20250127T142948Z LAST-MODIFIED:20250228T124458Z UID:33589-1741595400-1741885200@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:Certified Information System Auditor® (CISA®) Review Course (Weekday Sessions) DESCRIPTION:CISA Review Course – Weekday Sessions \nThe ISACA Greater Washington\, D.C. Chapter (GWDC) is hosting an intensive 4-day virtual review course for the Certified Information Systems Auditor® (CISA®) Exam. This course is designed to provide practical guidance on preparing for the CISA exam and will cover the essential job practice areas as defined by ISACA® Global.  \nThis event is ideal for professionals planning to sit for the CISA exam. Attendees are encouraged to prepare in advance to maximize the benefits of the course. \nRegistration closes on March 9 @ 12pm.  \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nCourse Overview \n\nMarch 10 – 13 \nThe course will be held on March 10 – 13\, 2025 from 9:00 am to 5:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Teams. \nPrior to the event\, participants must install the Teams app on their respective devices. The instructor will send out the Teams link closer to the course start. \n\n\nGWDC Member Fee – $500 \nThe fee for GWDC Members is $500 for the course.\nThe fee for all other registrants is $1\,000 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 32 CPEs \nAttendees can earn up to 32 CPEs for this event. \nParticipants must respond to all the poll questions via the Teams polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n \n  \nAgenda \nPlease note\, these are estimates as some domains (especially Domains 4 and 5) may span multiple days. \n\nDay 1: 18% Domain 1 – Information Systems Auditing Process & 18% Domain 2 – Governance & Management of IT\nDay 2: 12% Domain 3 – Information Systems Acquisition\, Development & Implementation\nDay 3: 26% Domain 4 – Information Systems Operations & Business Resilience\nDay 4: 26% Domain 5 – Protection of Information Assets\n\n  \nExam Resources \nStudy Recommendations \nThe instructor highly recommends that students purchase the CISA Review Manual and the CISA Review Questions\, Answers\, and Explanations Database – 12 Month ahead of the course date. Below are the study materials available for purchase from the ISACA Bookstore: \n\nCISA Review Manual\nCISA Review Questions\, Answers & Explanations Manual\nCISA Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISA page as part of their study program.  \n  \nInstructor \n\n \n\n\nJim Wiggins\nCISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M \nJim has over 28 years of direct experience in the design\, operation\, management\, and auditing of information technology systems\, with the past 23 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses aimed at federal and government contracting clients. \nToday\, Jim is the Founder and Principal of Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, RMF\, Security+\, and other courses requested by Securible’s clients. Currently\, he provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI offers a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501(c)(3) public charity that focuses on cyber education and serves as the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation operates the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at: https://www.fitsifoundation.org. \nIn 2020\, Jim launched a TV show on cybersecurity called “Cybersecurity Today\,” which can be viewed in the Washington\, DC area. Episodes can also be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW named Jim to the “Federal 100” for his tireless efforts to promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make on the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CDPSE\, CGRC\, CySA+\, SCNA\, SCNP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n \n\n  \nMore Information on CISA \n \nRegistration for the CISA exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CISA and Exam Registration \n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 32 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\nLearning Objective: After completing the course\, students will be prepared to sit for the CISA exam.\nPrerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/certified-information-system-auditor-cisa-review-course-weekday-sessions-2025/ LOCATION:Virtual Event CATEGORIES:Review Courses ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2024/08/review_course_CISA.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT BEGIN:VEVENT DTSTART;TZID=America/New_York:20250307T083000 DTEND;TZID=America/New_York:20250307T140000 DTSTAMP:20260613T215528 CREATED:20250105T182614Z LAST-MODIFIED:20250217T141813Z UID:33502-1741336200-1741356000@1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io SUMMARY:PowerShell® Workshop: Basics DESCRIPTION:Auditors and IT professionals work with large amounts of data\, requiring the need for a variety of tools to help them obtain\, review\, analyze\, and/or export this data. One of the most versatile (and free) tools for working with data is PowerShell®\, which is included with the Windows OS. While designed as a systems administration tool\, it also has powerful capabilities that auditors and IT professionals can use to greatly improve project outcomes and efficiency.  \nThis one-day hands-on virtual workshop is designed for students who want to learn how to use PowerShell in performing audits or data analysis projects. The core skills in working with PowerShell to analyze data are learning how to load data into PowerShell\, reformat/analyze it\, and export it to one or more files. This workshop covers these core skills through lessons and hands-on exercises. PowerShell\, while designed for systems administrators to automate their administration duties\, has data handling and analysis capabilities that auditors and IT professionals can use in accomplishing their projects. \nThis workshop is an excellent opportunity for those who are new to PowerShell to learn about this powerful tool. It’s also a great opportunity for those familiar with PowerShell to refresh and practice their skills. \nRegistration closes on March 6 @ 3pm. \nRegister Today! \n  \nCourse Overview \n\nMarch 7 \nThe workshop will be held on March 27 from 8:30 am to 2:00 pm. \nAdd this event to your calendar using the Add to Calendar link at the bottom of the page. \n  \nVirtual Event \nThe course will be held using Zoom. \nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Teams or calling via the phone may not be entitled to CPE credits. \n\n\nGWDC Member Fee – $100 \nThe fee for GWDC Members is $100 for the course.\nThe fee for all other registrants is $150 for the course. \nTo become a member and take advantage of the member rate for our events\, among other benefits\, join ISACA and select the Greater Washington D.C. Chapter as your local chapter. \n  \nEarn up to 6 CPEs \nAttendees can earn up to 6 CPEs for this event. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls. \n\nShare this Event in Your Network \n\n \n \n \n \n \n \n \n \n \n Share on X\n \n \n \n \n \n \n \n \n \n \n \n Share on Linkedin\n \n \n \n \n \n \n \n \n \n \n \n Share on Facebook\n \n \n \n \n \n \n \n \n \n \n \n Share on Print\n \n \n \n \n \n \n \n \n \n \n Share on Email\n \n \n \n \n \n \n\n \n\n \n  \nAgenda \n\nCourse Introduction\nBasics of using PowerShell\nHands-on Practice on common use cases\, including:\n\nThe basic layout of a typical PowerShell script for auditors\nCombining multiple CSV files of the same layout into a single CSV file.\nCollecting\, modifying\, and saving data from XML files.\nCollecting\, modifying\, and saving data from Windows Logs.\nCollecting\, modifying\, and saving data from a Windows Server.\nCollecting\, modifying\, and saving data from Active Directory.\nCollecting\, modifying\, and saving data from websites.\n\n\n\n\nRecap and PowerShell resources\n\n  \nAdditional Course Details \nHands-on Lab Exercises \nEach student will be provided access to a Windows Server to use during the course. The server will be hosted on the Azure Lab Services platform. \nThe server will be accessed using Windows Remote Desktop. Therefore\, on the course dates\, students will need to use a Windows-based computer that permits use of the Remote Desktop protocol. \nAn email will be sent to each student this evening with instructions on accessing the virtual server. Students are encouraged to register and follow the instructions to access the virtual server prior to the start of the seminar. \nEach lesson in the course has practice commands to use during the lesson and practice exercise to reinforce lesson concepts.  All lesson materials will be pre-loaded onto each student’s virtual server. \n  \nMaterials Provided During the Seminar \nEach student attending the seminar will be provided: \n\nPresentation materials\nPowerShell scripts for each lesson\nAccess to the virtual server for up to 10 hours after the course ends for additional practice\nLink to the seminar recording\, good for 30 days after the seminar\n\n  \nInstructor \n\n \n\n\nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 30 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 20+ years\, most of the time as Internet/Communications Director. Mike is currently the Information Technology Director\, where he manages the chapter’s website and IT environment. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n\n  \nEvent Questions and Policies \n\n\nRegistration Questions \nIf you have any registration questions about this event\, please contact us by completing the Registration Contact Form linked below. \nRegistration Questions \n  \n\n\n\n\nCPE Questions \nIf you have CPE questions after the event has concluded\, please contact us by completing the CPE contact form linked below. \nCPE Questions \n  \n\n\n\n\nCancellation and Refunds \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details. \n\n\n\n\nComplaints \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. \nAll complaints should be submitted through the Registration Contact Form. \n\n\n  \nCPE Information \nEarn up to 6 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objectives \nAfter completing this course\, students will have skills to use PowerShell in the performance of their audits and projects. Specifically\, students will be able to: \n\nImport data from several types of data sources into PowerShell.\nAnalyze data in PowerShell through comparing data and summarizing it.\nReorder data and change its format.\nExport data into CSV and Text files.\nCreate a basic PowerShell script to import\, analyze\, and export data.\n\n  \nCPE-Related Details \n\nPrerequisites: Students should be familiar with using Windows and using CSV files. Basic familiarity with PowerShell or other programming languages is beneficial.\nAdvance Preparation: The instructor will provide materials in advance of the course. The instructor will also provide credentials to access a virtual server several days in advance of the course. Students should log onto the server and share any issues with the instructor in advance of the course.\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study:  Information Technology – Technical URL:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/event/powershell-workshop-basics-spring2025/ LOCATION:Virtual Event CATEGORIES:Workshop ATTACH;FMTTYPE=image/png:https://1a0e45a7-9729-44db-9571-247e6bd9360e.express.conves.io/wp-content/uploads/2025/01/workshop_powershell_basics.png ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org END:VEVENT END:VCALENDAR