IT teams around the world rolled up their sleeves and exerted amazing effort to move America’s workforce to remote solutions as quickly as possible. While the focus was on maintaining operational status and preserving employee safety, and rightly so, there is a looming question mark about what happened to compliance efforts amidst the massive move to cloud services and solutions. This session will visit some of the basics of compliance and audit considerations for cloud based technologies that may have been fast tracked and could be new challenges in the next audit cycle. You’ll leave with key points to put you in the driver seat and equip you with considerations for planning and scoping your next audit and/or compliance assessment.

Speakers
speaker photo
Trip Hillman
Director, Cybersecurity Services, Weaver

As the Director of Cybersecurity Services at Weaver, a Top 35 CPA firm, Trip Hillman has nearly a decade of hands-on experience evaluating IT security in a broad range of environments. He has consulted with Fortune 100 companies, private equity groups and single entities on security and compliance, and has performed and led over 200 substantial audits across hundreds of unique IT environments. He is regularly called on to help organizations evaluate their overall security posture and to develop prioritized, balanced roadmaps for increasing security maturity. He also performs IT risk assessments, IT audits, vulnerability assessments and penetration tests to help companies maintain ongoing security over time. This hands-on experience, combined with ongoing education and active memberships in ISC2, IIA, ISACA and the Cloud Security Alliance, keeps Trip at the forefront of best practices, leading frameworks (including COBIT, NIST-CSF, CIS 20 CSC, ISO 27001) and compliance requirements (including Sarbanes-Oxley and PCI).

Trip currently holds the following IT-related certifications: GIAC Systems and Network Auditor (GSNA); GIAC Certified Penetration Tester (GPEN); GIAC Certified Forensic Examiner (GCFE); GIAC Certified Windows Security Administrator (GCWN); Certified Information Systems Security Professional (CISSP); Certified Information Security Auditor (CISA); and Certified Ethical Hacker (CEH). He also earned a Bachelor of Business Administration in management information systems from Baylor University.

Moderator
speaker photo
Bruce Sussman
Director of Media & Content, Podcast Host, SecureWorld

Emmy-winning journalist Bruce Sussman spent more than 20 years on TV screens in Portland, Oregon. During his "second career" he became fascinated by cybersecurity while working with CISOs at Gartner. He joined SecureWorld in 2017 to help grow its media division. Currently, he hosts the Remote Sessions daily web conference series and SecureWorld podcast published each Tuesday, and oversees news content for secureworldexpo.com. Sussman graduated from the University of Missouri School of Journalism back in the dark ages. Message him on LinkedIn if you'd like to connect!