[1 CPE] Meaningful Compliance: More than Just Checking Off Boxes

  Presented by Mark Fitzgerald • Chief Compliance Officer, Brigham Young University Hawaii

A key to creating a culture of compliance is to make it meaningful for all who are involved. Too often compliance is seen as a restriction rather than a series of best practices that can keep all of us safe and enhance user experiences. By adopting practices learned from your help desk –– knowledge management, continual improvement, setting expectations, and practice communications –– you can transform compliance into a tool to help users trust in what IT is delivering to them.

Mark Fitzgerald is BYU Hawaii’s Chief Compliance Officer in the Office of Compliance & Ethics and oversees the Purchasing Department. In this position, Fitzgerald manages programs and activities for establishing standards and implementing procedures to help leaders and managers ensure the university’s compliance with applicable laws and regulations.

Fitzgerald has worked in higher education information technology for over 25 years. Most recently, he worked as the Chief Information Security Officer at Boise State University where he had responsibility for IT compliance. He has also held positions as Executive Director for the Office of Information Technology and Director of Customer Care and Academic Technologies. He taught in the Master of Business Administration program at Boise State University. He also spent some of the early years of his career at BYU in Provo, Utah.

Fitzgerald has a Master of Business Administration in Information Technology from Boise State University and a Bachelor of Arts in Marketing Communications from Brigham Young University in Provo. He has several certifications and associations, including being a Lean Six Sigma Yellow Belt. He also had the privilege of teaching in the Boise State University MBA and Master of Cybersecurity programs.

[1 CPE] Intelligent SSE: Secure Everything from Anywhere

  Presented by Matt Senechal, Regional Sales Manager • Netskope

This session will provide a technical overview of Security Service Edge (SSE), focused on the following topics:

  • Unintentional or unapproved data movement
  • Data protection for internal and external threats
  • Conditional and contextual access to safely enable cloud & SaaS applications
  • Protection from cloud-enabled SaaS and web threats
  • Work from anywhere with a secure, fast experience

You will walk away understanding the fundamentals of SSE and how it will benefit your business.

[1 CPE] Intelligent SSE: Secure Everything from Anywhere

  Presented by Matt Senechal, Regional Sales Manager • Netskope

This session will provide a technical overview of Security Service Edge (SSE), focused on the following topics:

  • Unintentional or unapproved data movement
  • Data protection for internal and external threats
  • Conditional and contextual access to safely enable cloud & SaaS applications
  • Protection from cloud-enabled SaaS and web threats
  • Work from anywhere with a secure, fast experience

You will walk away understanding the fundamentals of SSE and how it will benefit your business.

[1 CPE] Unveiling the Power of Zero Trust: Unlocking Business Value & Building Resilience

  Presented by Optiv & Akamai

Join us for an enlightening fireside chat as we delve into the realm of Zero Trust security architecture. Discover how Zero Trust principles can revolutionize your organization’s cybersecurity approach, mitigate risks, and drive tangible business outcomes. Our expert panelists will demystify Zero Trust, offering actionable insights and strategies to harness its full potential in today’s dynamic threat landscape.

Speakers:

  • Dan Brown, Technical Director, Optiv
  • Umar Carter, Sr Security Advisor, Optiv
  • Tony Lauro, Director of Security Technology & Strategy, Akamai

[1 CPE] Educating Your Guesses: How to Quantify Risk and Uncertainty

  Presented by Sara Anstey, Director of Data Analytics and Integration • Novacoast

Asking for budget and justifying spend in cybersecurity departments can be a difficult task due to limited data and high uncertainty of future events. This talk will dive into quantitative risk analysis as it relates to cybersecurity –– how to model uncertain events and understand financial risk. Attendees will see a first-hand demonstration of how quantitative modeling can be used to communicate risk and understand ROI. Attendees will walk away with the tools needed to present cyber risk as a dollar amount that can be easily understood by other business decision-makers at their company.

[1 CPE] Silos are for Grain, Not Information

  Presented by INTERFACE Advisory Council & ARMA Arizona

Fifty years ago, the corporate Records and Information Management (RIM) department dealt with paper, file cabinets, and boxes in warehouses; microfiche was considered high-tech. The Information Technology (IT) department ran a mainframe computer in the basement that crunched financial numbers; a terminal in the cashier’s office was considered high-tech. And never the twain would meet. Today, such segregation of corporate functions is not only unnecessary, but it could also be counterproductive or even dangerous. RIM and IT represent distinct, and equally valuable, “mindsets,” but they must work together with Privacy, Security, Compliance, Legal, Human Resources, and even Marketing under comprehensive Information Governance (IG) and Information Lifecycle Management strategies. These strategies align all aspects of data creation (capture), gathering (collaboration), management (retention/storage), circulation (version control), security, legal holds/discovery, and final disposition or archiving with organizational mission, policies, and goals.

Three members of the Arizona chapter of the Association of Records Management and Administration International (ARMA), representing three different types of organizations, discuss how RIM and IT can break down legacy silos and work together to achieve information governance – and the value of ARMA membership.

  • President, ARMA Arizona | Mark MacFarlane, Manager, Enterprise Records and Information Management, Cambia Health Solutions
  • Vice President, ARMA Arizona | Tanesha Charity, Manager, Administrative Services, Valley Metro
  • Vice President for Programs and Education, ARMA Arizona | Ken Withers, Deputy Executive Director, The Sedona Conference®

[1 CPE] Educating Your Guesses: How to Quantify Risk and Uncertainty

  Presented by Novacoast

Asking for a budget and justifying spending in cybersecurity departments can be a difficult task due to limited data and high uncertainty of future events. This talk will dive into quantitative risk analysis as it relates to cybersecurity: how to model uncertain events and understand financial risk. Attendees will see a first-hand demonstration of how quantitative modeling can be used to communicate risk and understand ROI. Attendees will walk away with the tools needed to present cyber risk as a dollar amount that can be easily understood by other business decision-makers at their company.

[1 CPE] Data Literacy: No One is Data Literate. No One.

  Presented by John Ladley • Data Governance Author & EIM Leader

The new topic of the year is data literacy. In this session, you will learn how to use education to increase data literacy at all levels to reduce the mismanagement of data. Topics that will be covered include:

  • Fundamentals of data – leadership, management, and all areas of organizations need to accept that they need to understand some new things. No one is data literate.
  • Acting accordingly – where are we not acting correctly and how do we fix it.
  • What do I need to do – this starts with the individual.

From there, John will offer some practical steps to acquire true engagement and data literacy in the process.

John Ladley is a highly experienced practitioner, advisor, and advocate for organizations looking for sustainable value from information and data. His experience and knowledge are balanced between treating data assets as an essential component of modern business and economies, and the practical solution to business problems.

His books are the authoritative sources for data and information management and data governance. He is a recognized authority and speaker on enterprise information management, including data monetization, information and data architectures, data governance, MDM, data quality, business intelligence and analytics, data warehouse, and knowledge management. John is sometimes called the “senior statesman of data.” Currently, John is semi-retired and works with clients as an advocate for data governance and management and as a mentor to organization leadership.

[1 CPE] The Privacy Roadmap: What You Need to Know About Data Privacy Now and Moving Forward

  Presented by INTERFACE Advisory Council

First, GDPR came into law in the European Union. Then in January of 2020, the California Consumer Privacy Act took effect. Privacy laws are now a reality for all IT professionals to deal with. Are you sharing any data with third parties? How is your data stored? Have you verified all the needed compliance regulations for data in the cloud? These are just some of the many questions IT professionals need to be ready for when it comes to the current state of data privacy.

Join the INTERFACE Portland Advisory Council for a discussion on these topics and more. We will discuss setting up the right program for your operation. There will also be tips shared from handling the newest privacy laws and how these items differ from traditional cyber security preparations. Our panel of local IT leaders will offer their experiences from the last couple of years with the rapid growth in data privacy laws and how it affects the IT industry.

Panelists
Stephen Fitton • Technology Consultant, Providence
Steve Hankel • Vice President of Information Technology, Johanson Transportation Service
Matt Olson • Senior Director of Compliance and Security, Higher Logic
Shane Perry • Information Security and Risk Officer, OR Public Employees Retirement System