In this session attendees will learn how organizations are able to understand the potential risk a supplier may pose to the organization. How that risk could come from a product and/or service delivery. It is important that organizations identify, evaluate, and remediate risk without destroying the service, impacting the service, and/or adversely affecting the business relationship while ensuring the business continues to operate in a safe and secure manner. Additionally, we will be exploring and understanding the complexity of cyber risk in today’s ever changing and unpredictable economic supply chain.
Arvin is a highly respected and talented cybersecurity professional focusing in Information Assurance, Cyber Frameworks, Policies, Standards & Guideline management, Risk Management, Strategy Development, Enterprise Architecture, Systems Integration, Business Process Management, Process Efficiency, Lean Operations, IT Innovation and IT Business Operations. His Meyers-Briggs Personality Type is INTJ. He is currently a cyber risk management specialist at PepsiCo with the third party vendor risk team.
During his time at Boeing, he submitted 4 invention disclosures with 1 submission being granted by the US Patent and Trademark Office. Arvin was also recognized with the prestigious title of “Boeing Inventor” for his contributions.
Arvin is ISC2 CISSP certified, CompTIA Security+ certified and ISO 27001 Lead Auditor certified. He is currently working on obtaining the CCSP and CRISC certifications.
Malicious attackers use bots to quickly develop, launch, and evolve attacks. Bot attacks can be simplistic or sophisticated, broad or targeted, and they’re often difficult to distinguish from legitimate human traffic. In this session, we will share some trends in bot attacks, to about several different types of bad bots, and discuss how security pros need to work across the organization to address the bot problem. We will also talk about what to look for in a bot management solution.
Speaker Bio: Sandy Carielli of Forrester Research has a very impressive background of 15 years at BBN Planet, @stake, RSA and Entrust. Sandy was The Director of Product Management at RSA, where she was responsible for the SecurID and Data Protection portfolio. Prior to that, Sandy spent four years with @stake, where she conducted application architecture assessments, penetration tests, and code reviews for enterprise customers. Sandy began her career at BBN Technologies. Her most recent experience was at Entrust, where she guided the organization’s technology strategy and researched the impact of emerging technologies on the business. Sandy is a coauthor of the Industrial Internet Consortium’s IoT Security Maturity Model and has spoken at RSA Conference, SOURCE Boston, ISSA International, and many other regional security events. Sandy has a ScB in mathematics from Brown University and an MBA from the MIT Sloan School of Management.
Looking for presentations from past meetings? Members can access them HERE on the ISSA.org web site.
Continuing Professional Education Units
ISSA Chicago Chapter meeting attendees are eligible to claim CPE units. CPE allotment is determined by your certification body and is typically one CPE per hour of attendance with reporting in quarter-CPE increments. For auditing purposes, the start and stop times of your participation will be provided as evidence in an email following the meeting. ISSA Chicago suggests attendees round down to the nearest quarter; i.e. 1 hour 54 minutes would be reported as 1.75 CPEs
If an attendee participates for less than 15 minutes, the system will not send a confirmation.
Event Anti-Harassment Policy
The ISSA Chicago Chapter is dedicated to providing a harassment-free event experience for everyone, regardless of gender, sexual orientation, disability, gender identity, age, race, or religion. We do not tolerate harassment of event participants in any form. Sexual language and imagery is not appropriate for any event venue, including talks. Event participants violating these rules may be sanctioned or expelled from the event at the discretion of the event organizers/management.
Please follow this link to see the full text of our Anti-Harassment Policy.