NextExec - EWF

In this episode, host Kristen Wilbur interviews Debbie Zaller, Principal at Schellman & Company LLC about the privacy landscape today.  They discuss the current challenges facing privacy professionals and companies.  You’ll get answers to some burning questions about  what is happening now with various privacy regulations and frameworks and what we might see in the near future.

Guest: Debbie Zaller

Debbie Zaller is a Principal at Schellman & Company, LLC. Debbie leads the SOC 2, SOC 3 and Privacy service lines and is also an AICPA-approved and nationally listed SOC Specialist. As practice leader she is responsible for internal training, methodology creation and quality reporting.  Debbie also leads the firm’s Midwest market.  Debbie has over 20 years of IT compliance and attestation experience.  Debbie was on the AICPA Task Force for the Advanced SOC for Certification Exam, was a member of the Florida Institute of Certified Public Accountants Board of Governors and served on the Finance and Office Advisory Committee.  She is currently an Advisory Board Member for the MidAmerica Club.

Host: Kristen Wilbur

Kristen Wilbur is a Senior Manager with Schellman & Company LLC, with over 10 years of experience in providing IT attestation and compliance services.  Kristen has evaluated risk and controls for Global 1000, Fortune 500, and regional companies during the course of her career with a strong focus in the technology sector.   Kristen currently leads the New York City practice at Schellman where she specializes in SOC 1, SOC 2, ISO 27001, and HIPAA reporting. Kristen has a strong passion for giving back and recently helped to establish the corporate social responsibility program at Schellman called SchellmanCARES.

In this episode, Stacey Champagne sits down with Candace Worley to discuss her rise through the ranks at McAfee and her perspective on how owning your role will and career path will allow you to reach your potential, regardless of whether you are male or female.

Guest: Candace Worley

Candace Worley is the Vice President and Chief Technical Strategist for McAfee. There she managed a worldwide team of Technical Strategists responsible for driving thought leadership and advancing technical innovation in McAfee security solutions.

Prior to this role, Candace served as Vice President of Enterprise Endpoint Security for the Intel Security Group at Intel Corporation. She had worldwide responsibility for all facets of product and vertical marketing for the complete corporate products solutions set.

Worley joined McAfee in 2000 and has held a number of technology leadership positions in her McAfee career including, five and a half years as the SVP and General Manager of the Enterprise Endpoint Security business. Prior to joining McAfee in 2000, she spent seven years with Mentor Graphics, where she led a team of product managers responsible for electronic design automation and electronic component software.
Worley holds a bachelor's degree in management from Oregon State University and an MBA degree from Marylhurst University.

Host: Stacey Champagne

In this episode host Victoria Gibilterra sits down with Sunny Athwal, Chief Privacy Officer at HCL Technologies. We will discuss how she got to where she is today as well as the triumphs and challenges that came along the way. She gives great advice on being a female in a heavy male dominated field and the attributes that make up a great leader. Sit back, grab a cup of coffee, and enjoy the new episode for the NextExec Podcast. 

Guest: Sunny Athwal
As the Chief Privacy Officer, Sunny leads the Global Privacy Office (GPO), with responsibility for advising and delivering a global privacy framework that complies with all applicable privacy laws and client contractual obligations. 

The GPO has implemented a privacy program that sets itself to the highest standard across our geographies and client locations, and instilled a culture of privacy at HCL. The program was designed to comply with the General Data Protection Regulation (GDPR), and has since evolved to take into account the ever evolving privacy landscape. The program utilizes a principle based approach and also embeds privacy controls and client-specific industry requirements across HCL.

Prior to joining HCL, Sunny worked as in-house data privacy counsel in the financial services and technology industry, including Symantec and Visa. She is a Allen & Overy qualified lawyer who has extensive experience in operationalising compliance with privacy laws and regulations.



Host: Victoria Gibilterra
Victoria Gibilterra is a Senior Information Security Engineer at CVS Health as a member of the Security Architecture team. Her work includes designing and implementing security solutions in collaboration with multiple information security team members and stakeholders. Outside of the office, Victoria is on the board of Ellevate Phoenix; working to develop women in leadership in the Greater Phoenix Area.

In this episode, we welcome back our guest Preeti Ravindra for the second installment of our discussion around artificial intelligence, machine learning, and deep learning.  We are certainly still only at the tip of the iceberg around this fascinating topic. Stay tuned for the third installment later this year!

Guest: Preeti Ravindra
Preeti leads a team of security analytics researchers at IBM. She is passionate about formulating and developing practical applications incorporating cutting-edge technology to enhance security products and solutions in a constantly evolving threat landscape. She innovates in the cognitive security space through rapid prototyping. 

Preeti started her career as a software developer in security with Cisco. Her interest in security led her to pursue a Masters in Information Networking with a cybersecurity concentration from Carnegie Mellon University. After graduating, she worked as a security researcher at IBM and transitioned to her current role where she is the tech lead for Watson for Cybersecurity. She provides technical expertise to artificial intelligence projects for security and contributes intellectual property to IBM's portfolio. 

During her spare time, she gives back to the community by creating awareness about new technologies across universities and to the general public through her speaking engagements. She also champions women in cybersecurity initiatives both within and outside of IBM. 

Host: Kristen Wilbur
Kristen Wilbur is a Senior Manager with Schellman & Company LLC , with over 10 years of experience in providing IT attestation and compliance services. Kristen has evaluated risk and controls for Global 1000, Fortune 500, and regional companies during the course of her career with a strong focus in the technology sector. Kristen currently leads the New York City practice at Schellman where she specializes in SOC 1, SOC 2, ISO 27001, and HIPAA reporting. In her portfolio she also manages large scale engagements that include FedRAMP, HITRUST, and Privacy.

Kristen majored in Criminal Justice and Spanish in her undergrad and completed her MBA with an IT Management Concentration. She began her career at a Big 4 CPA firm in the advisory group where she spent three years supporting integrated SOX 404 audits as well as performing SOC 1 reporting before moving to Schellman.  

She has a strong passion for giving back and recently helped to establish the corporate social responsibility program at Schellman called SchellmanCARES. She has the following technical certifications: CPA, CISSP, CCSK, CISA, Advanced SOC and ISO 27001 Lead Auditor. When she isn’t working or studying, her hobbies include spending time with family and exercise. 

In this episode Chandra McMahon, Senior Vice President and Chief Information Security Officer for Verizon, speaks on her career journey and insights she learned along the way. She touches on key decisions, hurdles, and the role of mentor-ship for building a successful career. She also shares her thoughts on the challenges women in technology face, and advice on navigating the industry.

Guest: Chandra McMahon

Chandra McMahon is a Senor Vice President and CISO for Verizon. She is responsible for setting information security strategy, policy, standards, architectures, and processes.  She and her team work with an across Verizon’s business units to protect its customers and its leading network. Prior to joining Verizon, Chandra help leadership positions of increasing responsibility at Lockheed Martin, including serving as the company’s CISO  and most recently as Vice President of Commercial Markets.  She holds a Bachelors of Science degree in Industrial Engineering and Operations Research from Virginia Tech, as well as  Masters Degree in Engineering Science from Penn State University. 

Host: Audrey Gonzalez

Audrey Gonzalez is an Information Technology Analyst in the Ignite Digital Leadership Program at the World Renewable Energy Company NextEra Energy. In her role she rotates between various IT assignments with leadership and technical training along the way. Her diverse assignments have included IT communications and employee programs, cybersecurity strategic projects and process and improvements, automated database testing, and cybersecurity phishing awareness.  She graduated from the University of Florida with a Masters degree in International Business and a Bachelors degree in Business Management. She also holds a Six Sigma Green Belt Certification.

In this episode Meredith Harper, CISO, discusses her career journey and pivotal roles on her path to CISO. Meredith speaks about her passions that have led her to where she is today and what drives her to keep challenging herself. She also shares tips on how she has navigated new roles and organizations to be successful as a leader. Tune in for an insightful discussion!

Guest: Meredith Harper, CISO
Meredith Harper serves as vice president and chief information security officer at Eli Lilly and Company. She is responsible for the company’s global information security program.

Prior to joining Lilly in 2018 as senior director, deputy chief information security officer, Meredith served as chief information privacy and security officer at Henry Ford Health System, where she had ultimate responsibility for the protection of Henry Ford’s provider, insurance, retail and research businesses.

Meredith is an active member of the Health Care Compliance Association and the International Association of Privacy Professionals. She holds dual certifications in healthcare compliance and privacy. She is certified as a HealthCare Information Security & Privacy Practitioner through the International Information System Security Certification Consortium Inc. and a Certified Information Security Manager through the Information Systems Audit and Control Association.

She earned a master’s degree in health services administration and a bachelor’s degree in computer information systems from the University of Detroit Mercy. She also earned a master’s of jurisprudence in health law from Loyola University Chicago School of Law.

Meredith serves on several advisory boards in support of empowering women and minorities to embark upon careers in technology, especially in information security. She has also served her community for 28 years through her Diamond Life membership in Delta Sigma Theta Sorority Inc.

Host: Betsy Hackl
Betsy Hackl is a Senior Associate Information Security Assessor at Eli Lilly and Company. During her time at Lilly, Betsy was instrumental in creating the Information Security Third Party Risk Management program to combat one of Lilly’s top risks, “Insecure Third Parties”. In this role, Betsy works with business stakeholders to identify the highest risk Third Parties working with Lilly and determine the actions necessary to ensure our data and connections are secure. In addition to assessing third parties, Betsy also works on Merger, Acquisition and Divestiture deals, and is in the process of standing up an on-going monitoring program to continually monitoring third party organizations post-assessment. Prior to arriving to Lilly Betsy was a Senior Auditor at EY where she led the IT component of several SOX audits and created numerous SOC2 reports. She holds certifications in CISSP, CISA, GCED, GISP and CTPRP. 

In this episode, Candice Camp, who leads the insider threat program at GE corporate, and her colleague Katie Kennedy discuss the world of insider threat detection and prevention. This talk focuses on the range of insider threats, differences between technical and growing cases of non-technical threats, and the key steps companies should take when creating their own insider threat program. 

Candice has developed a robust and bleeding edge Insider Threat program. She has  developed the strategic vision for Insider Threat and has developed it as a product protecting 300,000 employees and 1.22 Billion in revenue. Her passion for the protection of intellectual property has led her to be a thought leader in the space, base-lining with industry peers, leading industry task forces and most importantly, developing a talented team of investigators. Candice works toward providing visibility, opportunity and education of women in the community in her volunteer work with RVATech’s annual Women’s Conference, and GE Women’s Network. She personally mentors many women in IT,  providing career guidance and challenging women to increase their technical skills.

Katie is responsible for driving the vision, strategy and execution of GE Aviation’s Insider Threat and Data Protection program. Under her leadership, GE Aviation stood up its first ever cross-functional Insider Threat Task Force designed to detect, investigate and mitigate risk for the company. Katie has previously led organizations such as the GE Women’s Network Detroit Hub and is dedicated to building a pipeline of women in IT through mentor-ship and career guidance.

In this episode, Avani and Kristen discuss the plans that you make for your life, and what it turns out to be in reality. They discuss mom guilt, hardships experienced by family, and how making sacrifices and lending a helping hand can influence the life of generations to come.  

Avani Desai is a Partner and President at Schellman & Company, LLC, the largest niche CPA firm in the world that focuses on technology and security assessments. She is also CEO and co-founder of MyCryptoAlert, a push notification and portfolio app for cryptocurrency.
 
 Avani started her career working at KPMG for over 10 years, where she was involved with IT Risk Management and Privacy service-lines. Now at Schellman & Company, Avani has been focusing on growth strategies, strategic client and market development, industry analysis, and new services for the last seven years.  In 2017, Avani, a crypto enthusiast, launched MyCryptoAlert.  Also passionate about strategic philanthropy, Avani sits on the board of several non profit organizations.  Avani still considers her greatest accomplishment to be personal rather than professional—she is the proud mother to her 8-year-old son, Sahil, and her 5-year-old daughter, Sareena

In this episode, our host Jillian sits down with Michelle Pittsenbarger to chat about her experiences in her career, what has brought her to where she is today, and important tips for ladies coming up through the ranks.

This episode kicks of our mini-series called Wise Women where we will sit down with influential women in Tech, Privacy, and Risk to talk about their biggest successes, failures, words of wisdom, and everything in between.  The episodes will air sporadically throughout the season.

In this episode host Ashley McArthur sits down for a chat with Julie Hamilton about her experiences in upper management, routines that make her more centered and productive, and bits of wisdom that have helped her along her career journey.

Guest: Julie Hamilton, Managing Director, Healthcare Provider Regulatory and Operational Risk - Deloitte Advisory 
Host: Ashley McArthur, Senior Consultant, Deloitte Advisory

In this episode, our guest Preeti breaks down Artificial Intelligence by exploring where it started and where it is going.

Guest Speaker: Preeti Ravindra is an applied researcher at IBM passionate about formulating and developing practical applications incorporating cutting-edge technology to enhance security products and solutions in a constantly evolving threat landscape. She innovates in the cognitive security space through rapid prototyping. 

Preeti started her career as a software developer in security with Cisco Systems. Her interest in security led her to pursue a Masters in Information Networking with a cybersecurity concentration from Carnegie Mellon University. After graduating, she transitioned to an applied research role at IBM where she is currently the tech lead for Watson for Cybersecurity in providing technical expertise to artificial intelligence projects for security. 

During her spare time, she gives back to the community by creating awareness about the latest technology across universities and to the general public through her speaking engagements. She also champions women in cybersecurity initiatives both within IBM and outside of IBM.

Host: Kristen Wilbur

In this episode, we take a look at some of the often overlooked concerns with the cannabis industry - the privacy and security of data.  Many people don't realize the amount of data that is gleaned in the Cannabis industry, including extensive employee files (periodic background checks, names, addresses, ssn, etc.), consumer data (license numbers, name, addresses, medical information, etc.), and proprietary corporate information (growing strategies, financials, partners, seed to sale data, etc.).  So lets start paying more attention to Cannabis Tech!

Guest Speakers:
Marina is a Privacy Associate at Aleada Consulting, where she advises clients on privacy and data protection issues. Prior to joining Aleada, Marina worked as a cannabis attorney where she developed innovative solutions for clients in the emerging commercial cannabis industry.

Lauren is a Principal at Schellman & Company LLC.  At Schellman, Lauren specializes in IT compliance and attestations with more than 15 years of audit and compliance experience. Through the various audits performed, Lauren has evaluated risks and controls for a number of industries including financial services, manufacturing, marketing, distribution and service-based organizations, and now- Cannabis Tech!

Host:
Kristen, Senior Manager at Schellman & Company LLC.

In this NextExec episode, Jillian and Brooke explore the Uber Data Breach. 

A special thanks to Matt Hickman for the music played during the special guest interview.

Relevant Sources:

• https://www.cnbc.com/2018/09/26/uber-to-pay-148-million-for-2016-data-breach-and-cover-up.html
• https://www.cnbc.com/2017/11/21/uber-hack-exposes-data-of-57-million-users-and-drivers-report-says.html
• https://www.cnbc.com/2017/08/15/uber-ftc-case-over-data-privacy-has-been-settled.html
• https://techcrunch.com/2018/10/25/uber-hackers-indicted-lynda-breach/
• https://www.ftc.gov/system/files/documents/cases/1523054_uber_technologies_revised_complaint_0.pdf
• https://jolt.law.harvard.edu/digest/united-states-v-glover-lynda-hacking-indictments-hit-pair-behind-massive-uber-breach
• https://expandedramblings.com/index.php/uber-statistics/
• http://www.businessofapps.com/data/uber-statistics/
• https://cofense.com/phishing-statistics/
• Harris, S., & Maymi, F. (2016). CISSP all-in-one exam guide (7th ed.). New York: McGraw-Hill