Recorded: December 16 | 2021 Watch
Organizations today are tasked with meeting the challenges of the current business climate, one of which is managing GRC processes which are often siloed. GRC has a wide reach and impacts many departments across an organization, but when it is done right, benefits accrue. Organizations that integrate GRC processes and technology across departments can ensure the right people get the right information at the right times; that the right objectives are established; and that the right actions and controls are put in place to address uncertainty and act with integrity.
On this panel discussion webinar we will address how to align GRC Processes with your business goals, including how to:
- Enhance your risk posture and reduce cost
- Implement consistent operational processes, including remediation and security gap assessments
- Assesses and manages risks and controls across the enterprise via consistent, accessible analytics
- Track and monitor strategic performance via a comprehensive view of risk and compliance goals, challenges, and progress
- Make GRC-informed decisions related to enterprise development, procurement, and investments
Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.
Haywood Marsh, General Manager, Lockpath and NetClaim at NAVEX Global. Haywood Marsh leads the Lockpath and NetClaim businesses at NAVEX Global as General Manager. He leverages his experience in operations, marketing, strategic planning, product management and sales to drive the execution of Lockpath’s and NetClaim’s strategies. Prior to his current role, Haywood served as the VP of Strategic Programs at NAVEX Global, managing the Project Management Organization, Release Management and Business Systems teams. Before joining NAVEX Global, Haywood led Marketing, strategic/ product planning and an Inside Sales team for a division of Danaher. Previous to Danaher, Haywood served in the Pentagon as a military strategy consultant and team lead for Booz Allen Hamilton, worked as the Director of Quality Assurance at SONEX Enterprises and ran a live military intelligence mission while serving as a soldier in the U.S. Army, among other roles.
Annmarie Rombalski is the Director of Solutions Engineering at LogicGate, a SaaS company whose proprietary Risk Cloud® platform helps organizations automate and streamline their GRC processes. Prior to joining LogicGate, Annmarie worked in Protiviti’s Technology Consulting practice, specializing in cybersecurity, risk management, vulnerability management, and compliance. During her time at Protiviti, she collaborated with clients to define, manage, and execute Information Security strategy projects. At LogicGate, Annmarie leverages her consulting experience and Architecture certification (AWS Certified Solutions Architect) to support prospective customers in their evaluation of governance, risk, and compliance solutions.
David Hawkins, Director, Consulting Engineer, BitSight. David has been in the security industry for just over 20 years. His background includes both IT security as well as physical security. David has served as the Technical Vice Chair of the Open Security Exchange, co-authoring the PHISBITs security protocol which was intended to help integrate physical and IT security. On the Information Security side, David has been part of the engine behind responding to security questionnaires, writing security product and procedural documentation, and speaking on various topics to include identity management, secure file sharing, and advanced threat protection. As a consulting engineer with BitSight, he is focused on helping companies with risk, compliance, technology, and program development. His goal is to promote the continued maturity of the security ratings industry into a discipline that holistically considers information security, data protection, technology, and business risk as a unified concept.
Patricia McParland, Director - Product Marketing, MetricStream. Pat McParland is Director of Product Marketing at MetricStream. She is responsible for creating product messaging, product go-to-market plans, and analyzing market trends for MetricStream's compliance and third party risk product lines. Pat has more than 25 years of financial data and technology marketing experience at Fortune 1000 brands as well as startups and has led product and marketing teams at Dow Jones and Dun & Bradstreet. She has a BA from the College of William and Mary and lives in Summit, New Jersey.