On-Demand Webcast|1 hour

Governance, Risk, and Compliance: The CISO perspective

Sponsored by:

Watch Now

By clicking the Register button below, you agree to SC Media Terms of Use and Privacy Policy.

Key objectives of a governance, risk, and compliance program (GRC) are to ensure that the cybersecurity program has appropriate oversight, identifies and addresses cyber risks, and complies with all applicable laws and regulations. GRC functions shape cybersecurity program components and its principal functions to reduce risk and meet all compliance obligations.

During this month of CISO Stories, practitioners will share their experiences and challenges with implementing a GRC framework, including developing appropriate policies and controls, establishing oversight organizations, integrating cybersecurity risk management with Enterprise Risk Management objectives and methodologies, identifying and complying with laws and regulations, and using GRC software tools for managing all aspects of the GRC framework.

Practitioners will also connect the dots on how an effective GRC framework can help to continuously improve identity, application, cloud and network security, anti-ransomware efforts, zero trust, email security, threat intelligence, AI and third-party risk management.

Event Speakers

Rohit Tandon
VP of IT Operations and Chief Information Security Officer

Rohit Tandon is the VP of IT Operations and Chief Information Security Officer at Essentia Health.  He has 20 years of industry experience in both the public and private sector.  Rohit was the State Chief Information Security Officer at the State of Minnesota and is currently appointed as a Private Sector Member on the Minnesota Cybersecurity Taskforce to develop a statewide cybersecurity plan to protect Minnesotans.  He has worked for Mayo Clinic as a technology leader on Electronic Health Records systems, and championed medical device cybersecurity upstream with manufacturers.  In his career, Rohit has elevated enterprise-wide cybersecurity and technology infrastructure programs by aligning vision and managing resources in complex environments.  By embracing a lifelong learning mindset, he coaches senior executives in a variety of industries to maximize their leadership potential and is an adjunct professor at Metropolitan State University where he cultivates curiosity.

Melissa Ewing
Senior Manager, IT Risk Management

Melissa Ewing is a Technology Risk Management and Data Security professional at Constellation Brands Inc., where she is building and implementing a defensible unified cybersecurity control framework to enhance cybersecurity maturity with a risk-based approach. With a strong background from roles at in the financial sector and the DoD, Melissa has extensive experience in risk assessment, compliance, and optimizing cybersecurity controls. She also served in the United States Air Force, managing information assurance and risk management functions.

Parham Eftekhari
Executive Vice President, Communities

Parham Eftekhari is a recognized business executive in the information security sector with a lifelong passion for leadership, and community engagement. His expertise spans critical infrastructure technology and policy, business strategy and operations, executive advising, and thought leadership content initiatives.

Parham has published over a dozen information security reports, regularly engages with the media, and has contributed to countless briefings and events at institutions including TEDx, Congress, the World Bank, RSA, IFA+, (ISC)2, C-SPAN, and the Institute for Critical Infrastructure Technology (ICIT).

Dustin Sachs
Chief Technologist and Sr. Director of Programs

Dr. Dustin Sachs is the Chief Technologist and Sr. Director of Programs at CyberRisk Collaborative.  He is a highly accomplished cybersecurity professional with a proven track record in risk management, compliance, incident response, and threat mitigation.  He is CISSP-certified and holds a Doctor of Computer Science (DCS) degree in Cybersecurity and Information Assurance.  Dr. Sachs has worked in various industries, including public utilities, food distribution, and oil and gas.  He is a respected thought leader in the cybersecurity community.