NICSA, profile picture
Uploaded byNICSA
PPTX, PDF556 views

Service Provider Oversight

The document summarizes a panel discussion on service provider oversight and cybersecurity challenges. The panel included the CISO of Janus Capital Group, Amy Carroll; the Enterprise Risk Officer of DST Systems, Derek Bridges; the Managing Director of PwC, Ken Mortensen; and the Director of Cybersecurity at PwC, Joe Krause. The panelists discussed pressures and changes in the global business ecosystem that create both opportunities and risks related to oversight of third-party service providers. The goal of the panel was to raise questions about these issues and provide some answers through an opening discussion.

Embed presentation

Download to read offline
Service Provider Oversight: A Cybersecurity Challenge
Service Provider Oversight: A Cybersecurity Challenge A discussion on Information Security and the unique risks and vulnerabilities that firms can encounter when contracting with third party providers
Panelists • Moderator: Joe Krause, Director, Cybersecurity PwC • Panelists: Amy Carroll, CISO Janus Derek Bridges, DST Systems Ken Mortensen, Managing Director PwC
Amy Carroll VP / CISO Janus Capital Group • Amy Carroll joined the Janus Capital Group in January 2011 in the newly created role of Vice President, Operational Risk and Process Management. In this role Amy has built out a team responsible for risk management programs to support Technology and Operations. The group is directly responsible for Business Continuity, Cyber Security, Software Quality Assurance, Operational Risk/Process Improvement and the Project Office. Amy is the CISO for Janus Capital Group. • Prior to her move to Denver, Amy worked at Evergreen Investments for nine years. The last six years her role was Vice President, Technology Risk where she was responsible for Information Security, Business Continuity, Quality Assurance and the PMO. She was a member of the Operational Risk Committee and the Technology Executive Steering Committee. Amy started her career at MFS Investments as a client representative in the Transfer Agent, later transferred to Technology where she became Group Vice President, Technology Client Support responsible for the technology needs of the Service Company, Retirement Plan Services, and Corporate Services. • Amy earned a Bachelor of Arts degree in history and political science from the University of Massachusetts, Amherst and her MBA from Suffolk University in Boston, MA.
Ken Mortensen Managing Director C&P, PwC • Ken is the part of the leadership for PwC US’s Cybersecurity, Privacy & IT Risk practice as the Global Risk Assurance Health Industries Privacy and Security Leader and serves as counselor advising PwC’s international legal teams on U.S. privacy and security laws and regulations and transborder data flow issues. He supports privacy offerings including advanced, technology-enabled solutions to coordinate crossborder privacy and data protection compliance solutions through PwC’s global network of firms incorporating a broader focus on cybersecurity risks. • Prior to joining PwC, Ken was the Vice President, Assistant General Counsel & Chief Privacy Officer at CVS Caremark, responsible for overseeing information governance addressing retail and healthcare operations. Ken created and oversaw the privacy and information security programs to ensure compliance with CVS Caremark’s FTC Consent Agreement and OCR Resolution Agreement, including successfully addressing all aspect of the OCR Corrective Action Plan within less than the three years permitted in the Resolution Agreement. He also implemented a Privacy-by-Design program relating to CVS’s ExtraCare program and mobile app development. Before to coming to CVS Caremark, he was Boston Scientific Corporation’s first ever Chief Privacy Officer where he had responsibility for building a global corporate privacy and security program. • Ken earned a Bachelor’s degree in Electrical Engineering from Drexel University, a Master’s of Business Administration from Villanova University, and JD from Villanova University School of Law.
Derek Bridges Enterprise Risk Officer, DST Systems • Derek joined DST Systems, Inc. (DTS) in April of 2015 as the organization’s first Enterprise Risk Officer. He is responsible for assessing and mitigating significant competitive, technology, and regulatory risks across the enterprise. He leads the efforts to assess, identify, monitor, and reduce pertinent business risks that could interfere with DST’s objectives and strategic goals. As part of his responsibilities, Derek interacts with clients performing validation procedures on DST. He is also a member of the team assessing and monitoring DST suppliers. • Prior to joining DST, Derek was the Chief Risk Officer and Chief Regulatory for a community bank. He also has more than 15 years of risk management consulting experience with Big 4 accounting firms. • Derek received a bachelor of science degree in business administration/accounting with an emphasis in management information systems from the University of Kansas. He is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and a Certified Internal Auditor (CIA).
Joe Krause Director Cybersecurity, PwC • Joe is a Director with PwC’s Risk Assurance practice, focused on Cybersecurity for the Northeast market. He has over 19 years of experience in working in Federal and Private Sector verticals, assisting enterprise class organizations in the development and management of Information Security governance programs, as well as performing security compliance and IT risk assessments against a variety of Information Security frameworks. • Joe began his career in Cybersecurity as a Computer Scientist at the National Security Agency where he was a member of the Advanced Data Communications Engineering team before taking positions in the private sector. Joe joins us from Coalfire Systems, Inc. where he was Vice President of Technology Audit and Assessment Services (TAAS) for Coalfire’s East Region, including offices in Boston, New York, Washington, D.C., Atlanta, and Denver. At Coalfire, Joe led an organization of over 60 Cybersecurity professionals, and served as Delivery Engagement Lead for Coalfire’s largest and most complex customers. Prior to Coalfire, Joe served as Vice President of Product Management for Trustwave, a global Managed Security Services firm. • Joe earned a Bachelor’s degree in Mathematics from the University of Maine, a Master’s of Science in Computer Science from The Johns Hopkins University in Baltimore, MD., and a Master’s of Business Administration from Suffolk University in Boston, MA.
Pressures and changes which create opportunity and risk Global Business Ecosystem
Panel’s Goal: Raising the questions and providing some answers Opening Remarks & Open Discussion

More Related Content

PPT
Internal Risk Management
byBarry Caplin
 
PDF
CIOReview
byTeri Cotton Santos, JD
 
PDF
Anticipating an Attack: A Pre-Breach Checklist
byMorrison & Foerster
 
PDF
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
byMicrosoft
 
PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
byLaurie Mosca-Cocca
 
PPTX
Risk monitoring and response
byZyrellLalaguna
 
PDF
Cyber Liability Risk
byChristopher Rieser
 
PPT
Data Breaches: The Cost of Being Unprepared
byhaynormania
 
Internal Risk Management
byBarry Caplin
 
CIOReview
byTeri Cotton Santos, JD
 
Anticipating an Attack: A Pre-Breach Checklist
byMorrison & Foerster
 
Cyber Security Conference - A deeper look at Microsoft Security Strategy, Tec...
byMicrosoft
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
byLaurie Mosca-Cocca
 
Risk monitoring and response
byZyrellLalaguna
 
Cyber Liability Risk
byChristopher Rieser
 
Data Breaches: The Cost of Being Unprepared
byhaynormania
 

What's hot

PDF
Cybersecurity and The Board
byPaul Melson
 
PDF
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
byShawn Tuma
 
PDF
Cybersecurity Goverence for Boards of Directors
byPaul Feldman
 
DOCX
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
byJessica Graf
 
PPTX
Cybersecurity Day for Parliament
byOxford Martin Centre, OII, and Computer Science at the University of Oxford
 
PPTX
Cyber Liability - Insurance Risk Management and Preparation
byEric Reehl
 
PPTX
PACE-IT, Security+ 2.2: Integrating Data and Systems with 3rd Parties
byPace IT at Edmonds Community College
 
PDF
Castillo 011117
byJoe Castillo
 
PPTX
Data Management for Market Risk - PRMIA webinar presentation
byBrian Sentance
 
PDF
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
byElizabeth Dimit
 
PDF
Why Traditional Security has Failed
bySteven_Jackson
 
PPT
Cyber Insurance Temp
byRohan Sehgal
 
PPTX
Life Cycle of a Data Breach - Cybersecurity Seminar Series
byPaige Rasid
 
PPTX
Risk Management and Security in Strategic Planning
byKeyaan Williams
 
PPTX
Ci2 cyber insurance presentation
byEthan S. Burger
 
PDF
Social Media In 2011
byamystewart
 
PPT
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
bySurfWatch Labs
 
Cybersecurity and The Board
byPaul Melson
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
byShawn Tuma
 
Cybersecurity Goverence for Boards of Directors
byPaul Feldman
 
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
byJessica Graf
 
Cybersecurity Day for Parliament
byOxford Martin Centre, OII, and Computer Science at the University of Oxford
 
Cyber Liability - Insurance Risk Management and Preparation
byEric Reehl
 
PACE-IT, Security+ 2.2: Integrating Data and Systems with 3rd Parties
byPace IT at Edmonds Community College
 
Castillo 011117
byJoe Castillo
 
Data Management for Market Risk - PRMIA webinar presentation
byBrian Sentance
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
byElizabeth Dimit
 
Why Traditional Security has Failed
bySteven_Jackson
 
Cyber Insurance Temp
byRohan Sehgal
 
Life Cycle of a Data Breach - Cybersecurity Seminar Series
byPaige Rasid
 
Risk Management and Security in Strategic Planning
byKeyaan Williams
 
Ci2 cyber insurance presentation
byEthan S. Burger
 
Social Media In 2011
byamystewart
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
bySurfWatch Labs
 

Viewers also liked

PPTX
The Changing Distribution Model
byNICSA
 
PPTX
Louis S. Harvey, President & CEO, Dalbar, Inc.
byNICSA
 
PPTX
Liquid Alternatives: The Current State of Play
byNICSA
 
PPTX
Current Perspectives on Investment Valuation
byNICSA
 
PPTX
Economic Implications: Market Forecasts
byNICSA
 
PPTX
SLF SESSION | Next Generation Sales Enablement
byNICSA
 
PPTX
SLF SESSION | Preparing for 2020 the Outlook for Fund Service Providers
byNICSA
 
PPTX
Global Trends in Regulation
byNICSA
 
PPT
SLF SESSION | Liquidity Risk Management and the SEC’s Proposed Rules Impact a...
byNICSA
 
PPTX
SLF SESSION | How to Identify Risk in Your Distribution Channel Using Quantit...
byNICSA
 
PPTX
SLF SESSION | Proxy Advisory Firms – Understanding the Impact
byNICSA
 
PPTX
SLF SESSION | The Impact of the DOL Fiduciary Rule
byNICSA
 
PPTX
SLF SESSION | New Drivers of the Retirement Market
byNICSA
 
PPTX
Active and Passive Management: Complements or Rivals?
byNICSA
 
The Changing Distribution Model
byNICSA
 
Louis S. Harvey, President & CEO, Dalbar, Inc.
byNICSA
 
Liquid Alternatives: The Current State of Play
byNICSA
 
Current Perspectives on Investment Valuation
byNICSA
 
Economic Implications: Market Forecasts
byNICSA
 
SLF SESSION | Next Generation Sales Enablement
byNICSA
 
SLF SESSION | Preparing for 2020 the Outlook for Fund Service Providers
byNICSA
 
Global Trends in Regulation
byNICSA
 
SLF SESSION | Liquidity Risk Management and the SEC’s Proposed Rules Impact a...
byNICSA
 
SLF SESSION | How to Identify Risk in Your Distribution Channel Using Quantit...
byNICSA
 
SLF SESSION | Proxy Advisory Firms – Understanding the Impact
byNICSA
 
SLF SESSION | The Impact of the DOL Fiduciary Rule
byNICSA
 
SLF SESSION | New Drivers of the Retirement Market
byNICSA
 
Active and Passive Management: Complements or Rivals?
byNICSA
 

Similar to Service Provider Oversight

PPTX
Stay Ahead of Threats with Advanced Security Protection - Fortinet
byMarcoTechnologies
 
PPTX
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
byEric Vanderburg
 
PPTX
Information Security vs IT - Key Roles & Responsibilities
byKroll
 
PPTX
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
byTraintechTde
 
PDF
cybersecurity-250
byChris Crowe
 
PDF
4th Digital Finance Forum, Simon Brady
byStarttech Ventures
 
PDF
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
byJoe Bartolo
 
DOCX
Steve alameda burlingame ca
bySteve Alameda
 
PDF
American Bar Association guidelines on Cyber Security standards
byDavid Sweigert
 
PDF
Security Governance - Trends and Ideas
bydanielblander
 
PPTX
IASA ey deck presentation
byKenneth Dorado, CISA, HCISPP
 
PPTX
Chaplygin Roman Cybersecurity challanges in an interconnected world
byEast-West Digital News
 
PPTX
CRI Extract from "Cyber Lessons from the Front lines"
byOCTF Industry Engagement
 
PDF
MT 70 The New Era of Incident Response Planning
byDell EMC World
 
PDF
Most Expert Security Leaders Creating a Global Impact, 2025
byCIO Business World
 
PPTX
Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...
byDon Grauel
 
PDF
Cyber Risk Management in 2017: Challenges & Recommendations
byUlf Mattsson
 
PDF
Coso in the cyber age
byAmit Bhargava
 
PDF
UMUC Cyber Day Program
byTroy Thompson
 
PDF
Cyber-risk Oversight Handbook for Corporate Boards
byCheffley White
 
Stay Ahead of Threats with Advanced Security Protection - Fortinet
byMarcoTechnologies
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
byEric Vanderburg
 
Information Security vs IT - Key Roles & Responsibilities
byKroll
 
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
byTraintechTde
 
cybersecurity-250
byChris Crowe
 
4th Digital Finance Forum, Simon Brady
byStarttech Ventures
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
byJoe Bartolo
 
Steve alameda burlingame ca
bySteve Alameda
 
American Bar Association guidelines on Cyber Security standards
byDavid Sweigert
 
Security Governance - Trends and Ideas
bydanielblander
 
IASA ey deck presentation
byKenneth Dorado, CISA, HCISPP
 
Chaplygin Roman Cybersecurity challanges in an interconnected world
byEast-West Digital News
 
CRI Extract from "Cyber Lessons from the Front lines"
byOCTF Industry Engagement
 
MT 70 The New Era of Incident Response Planning
byDell EMC World
 
Most Expert Security Leaders Creating a Global Impact, 2025
byCIO Business World
 
Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...
byDon Grauel
 
Cyber Risk Management in 2017: Challenges & Recommendations
byUlf Mattsson
 
Coso in the cyber age
byAmit Bhargava
 
UMUC Cyber Day Program
byTroy Thompson
 
Cyber-risk Oversight Handbook for Corporate Boards
byCheffley White
 

More from NICSA

PPTX
Understanding ROI: The Real Impact of Data Quality
byNICSA
 
PPTX
The Reality Behind Buzzwords Series: Blockchain
byNICSA
 
PPTX
Industry Leaders Outlook: Product & Marketing Roundtable
byNICSA
 
PPTX
Understanding Regulation Best Interest
byNICSA
 
PPTX
Trends in the Advisor Market
byNICSA
 
PPTX
New Challenges on the TA Compliance Landscape
byNICSA
 
PPTX
Navigating Turbulent Changes to the Sanctions Landscape
byNICSA
 
PPTX
Engaging and Empowering A Diverse Workforce
byNICSA
 
PPTX
Retirement 2020: Maximize Participation,Boost Efficiency & Accelerate Outcomes
byNICSA
 
PPTX
Building Deeper Advisory Relationships with Data
byNICSA
 
PPTX
FinReg Outlook: Clouds on the Horizon
byNICSA
 
PPTX
Preparing for the Next-Gen Client Base
byNICSA
 
PPTX
Tax & Reporting Update: Avoiding Fund Reporting Traps
byNICSA
 
PPTX
Next Generation Proxy Voting
byNICSA
 
PPTX
Best Practices in Building a Global Compliance Program
byNICSA
 
PPTX
AI Trends with Traction
byNICSA
 
PPTX
Rule 30e-3: Best Practices for Notice, Access & E-Delivery
byNICSA
 
PPTX
Rethinking Product Development
byNICSA
 
PPTX
The Bottom Line: Exploring the Benefits of Wellness in the Workplace
byNICSA
 
PPTX
Data Analytics 301: Converting Analysis into Business Strategy
byNICSA
 
Understanding ROI: The Real Impact of Data Quality
byNICSA
 
The Reality Behind Buzzwords Series: Blockchain
byNICSA
 
Industry Leaders Outlook: Product & Marketing Roundtable
byNICSA
 
Understanding Regulation Best Interest
byNICSA
 
Trends in the Advisor Market
byNICSA
 
New Challenges on the TA Compliance Landscape
byNICSA
 
Navigating Turbulent Changes to the Sanctions Landscape
byNICSA
 
Engaging and Empowering A Diverse Workforce
byNICSA
 
Retirement 2020: Maximize Participation,Boost Efficiency & Accelerate Outcomes
byNICSA
 
Building Deeper Advisory Relationships with Data
byNICSA
 
FinReg Outlook: Clouds on the Horizon
byNICSA
 
Preparing for the Next-Gen Client Base
byNICSA
 
Tax & Reporting Update: Avoiding Fund Reporting Traps
byNICSA
 
Next Generation Proxy Voting
byNICSA
 
Best Practices in Building a Global Compliance Program
byNICSA
 
AI Trends with Traction
byNICSA
 
Rule 30e-3: Best Practices for Notice, Access & E-Delivery
byNICSA
 
Rethinking Product Development
byNICSA
 
The Bottom Line: Exploring the Benefits of Wellness in the Workplace
byNICSA
 
Data Analytics 301: Converting Analysis into Business Strategy
byNICSA
 

Recently uploaded

PDF
Trade Facilitation Monitoring in Ukraine № 96
byІнститут економічних досліджень та політичних консультацій
 
DOCX
Anatomy of a Digital Trap: How I Uncovered the Truth About TraderKnows
byINTBITINC Sobrenome
 
DOCX
Is the Verified Stripe account the best account in the world_.docx
bymarketing
 
DOCX
CNCPW Market Report: Silk Road Bitcoin Transfers and Liquidity Analysis
byCNCPW Sobrenome
 
PDF
Types of Resources-Nature-and-Utility - S. Malini.pdf
byMaliniHariraj
 
DOCX
5 Best Places to Buy Snapchat Accounts Online .docx
byusatrust acc
 
PDF
Beginner Trading Mistakes A Value-Based Perspective.pdf
byCelineAngel1
 
DOCX
Stablecoins as Everyday Money — YWWSDC Note on Payment Substitutes
byYWWSDC YWWSDC
 
PDF
_How to Buy Twitter Accounts.pdf 2025---
bymarketing
 
PDF
7 Trading Themes for 2026 - Special report for Deriv traders by veteran trade...
byVince Stanzione
 
DOCX
How To Buy Old Facebook Accounts In The USA - Family A new of it_.docx
byusatrust acc
 
DOCX
Best Platforms to Buy Verified Cash App Accounts 4k Limit (Standard_BTC Enabl...
byOnline Business
 
DOCX
Best Platforms to Buy Verified Wise Accounts in the US.docx
by#SEO, #usaallhub, #socialmedia, #USAaccounts, #seoservice, #Digitalmarketer
 
PPTX
Management Debatejabdvdjdbdbdnd (1).pptx
byuruma5syun314
 
PPTX
The-ICICI-Videocon-Loan-Scam-A-Case-Study.pptx
byvrusti021
 
PPTX
Smart Learning & Online Earning Apps Guide 2026
byReema Sheela
 
PPTX
DebtOut vexpertv loanv settlementv loan
bydebtout01
 
PDF
9 Steps to Successfully Transition from Hospitality to Finance- A Guide by An...
byAnkush Mukundan
 
PDF
Lion One Presentation November 2025 updated
byAdnet Communications
 
PPTX
Art of Global Negotiations- Global Commons
byhritikamishra2k
 
Trade Facilitation Monitoring in Ukraine № 96
byІнститут економічних досліджень та політичних консультацій
 
Anatomy of a Digital Trap: How I Uncovered the Truth About TraderKnows
byINTBITINC Sobrenome
 
Is the Verified Stripe account the best account in the world_.docx
bymarketing
 
CNCPW Market Report: Silk Road Bitcoin Transfers and Liquidity Analysis
byCNCPW Sobrenome
 
Types of Resources-Nature-and-Utility - S. Malini.pdf
byMaliniHariraj
 
5 Best Places to Buy Snapchat Accounts Online .docx
byusatrust acc
 
Beginner Trading Mistakes A Value-Based Perspective.pdf
byCelineAngel1
 
Stablecoins as Everyday Money — YWWSDC Note on Payment Substitutes
byYWWSDC YWWSDC
 
_How to Buy Twitter Accounts.pdf 2025---
bymarketing
 
7 Trading Themes for 2026 - Special report for Deriv traders by veteran trade...
byVince Stanzione
 
How To Buy Old Facebook Accounts In The USA - Family A new of it_.docx
byusatrust acc
 
Best Platforms to Buy Verified Cash App Accounts 4k Limit (Standard_BTC Enabl...
byOnline Business
 
Best Platforms to Buy Verified Wise Accounts in the US.docx
by#SEO, #usaallhub, #socialmedia, #USAaccounts, #seoservice, #Digitalmarketer
 
Management Debatejabdvdjdbdbdnd (1).pptx
byuruma5syun314
 
The-ICICI-Videocon-Loan-Scam-A-Case-Study.pptx
byvrusti021
 
Smart Learning & Online Earning Apps Guide 2026
byReema Sheela
 
DebtOut vexpertv loanv settlementv loan
bydebtout01
 
9 Steps to Successfully Transition from Hospitality to Finance- A Guide by An...
byAnkush Mukundan
 
Lion One Presentation November 2025 updated
byAdnet Communications
 
Art of Global Negotiations- Global Commons
byhritikamishra2k
 

Service Provider Oversight

  • 1.
    Service Provider Oversight: ACybersecurity Challenge
  • 2.
    Service Provider Oversight: ACybersecurity Challenge A discussion on Information Security and the unique risks and vulnerabilities that firms can encounter when contracting with third party providers
  • 3.
    Panelists • Moderator: Joe Krause,Director, Cybersecurity PwC • Panelists: Amy Carroll, CISO Janus Derek Bridges, DST Systems Ken Mortensen, Managing Director PwC
  • 4.
    Amy Carroll VP /CISO Janus Capital Group • Amy Carroll joined the Janus Capital Group in January 2011 in the newly created role of Vice President, Operational Risk and Process Management. In this role Amy has built out a team responsible for risk management programs to support Technology and Operations. The group is directly responsible for Business Continuity, Cyber Security, Software Quality Assurance, Operational Risk/Process Improvement and the Project Office. Amy is the CISO for Janus Capital Group. • Prior to her move to Denver, Amy worked at Evergreen Investments for nine years. The last six years her role was Vice President, Technology Risk where she was responsible for Information Security, Business Continuity, Quality Assurance and the PMO. She was a member of the Operational Risk Committee and the Technology Executive Steering Committee. Amy started her career at MFS Investments as a client representative in the Transfer Agent, later transferred to Technology where she became Group Vice President, Technology Client Support responsible for the technology needs of the Service Company, Retirement Plan Services, and Corporate Services. • Amy earned a Bachelor of Arts degree in history and political science from the University of Massachusetts, Amherst and her MBA from Suffolk University in Boston, MA.
  • 5.
    Ken Mortensen Managing DirectorC&P, PwC • Ken is the part of the leadership for PwC US’s Cybersecurity, Privacy & IT Risk practice as the Global Risk Assurance Health Industries Privacy and Security Leader and serves as counselor advising PwC’s international legal teams on U.S. privacy and security laws and regulations and transborder data flow issues. He supports privacy offerings including advanced, technology-enabled solutions to coordinate crossborder privacy and data protection compliance solutions through PwC’s global network of firms incorporating a broader focus on cybersecurity risks. • Prior to joining PwC, Ken was the Vice President, Assistant General Counsel & Chief Privacy Officer at CVS Caremark, responsible for overseeing information governance addressing retail and healthcare operations. Ken created and oversaw the privacy and information security programs to ensure compliance with CVS Caremark’s FTC Consent Agreement and OCR Resolution Agreement, including successfully addressing all aspect of the OCR Corrective Action Plan within less than the three years permitted in the Resolution Agreement. He also implemented a Privacy-by-Design program relating to CVS’s ExtraCare program and mobile app development. Before to coming to CVS Caremark, he was Boston Scientific Corporation’s first ever Chief Privacy Officer where he had responsibility for building a global corporate privacy and security program. • Ken earned a Bachelor’s degree in Electrical Engineering from Drexel University, a Master’s of Business Administration from Villanova University, and JD from Villanova University School of Law.
  • 6.
    Derek Bridges Enterprise RiskOfficer, DST Systems • Derek joined DST Systems, Inc. (DTS) in April of 2015 as the organization’s first Enterprise Risk Officer. He is responsible for assessing and mitigating significant competitive, technology, and regulatory risks across the enterprise. He leads the efforts to assess, identify, monitor, and reduce pertinent business risks that could interfere with DST’s objectives and strategic goals. As part of his responsibilities, Derek interacts with clients performing validation procedures on DST. He is also a member of the team assessing and monitoring DST suppliers. • Prior to joining DST, Derek was the Chief Risk Officer and Chief Regulatory for a community bank. He also has more than 15 years of risk management consulting experience with Big 4 accounting firms. • Derek received a bachelor of science degree in business administration/accounting with an emphasis in management information systems from the University of Kansas. He is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and a Certified Internal Auditor (CIA).
  • 7.
    Joe Krause Director Cybersecurity,PwC • Joe is a Director with PwC’s Risk Assurance practice, focused on Cybersecurity for the Northeast market. He has over 19 years of experience in working in Federal and Private Sector verticals, assisting enterprise class organizations in the development and management of Information Security governance programs, as well as performing security compliance and IT risk assessments against a variety of Information Security frameworks. • Joe began his career in Cybersecurity as a Computer Scientist at the National Security Agency where he was a member of the Advanced Data Communications Engineering team before taking positions in the private sector. Joe joins us from Coalfire Systems, Inc. where he was Vice President of Technology Audit and Assessment Services (TAAS) for Coalfire’s East Region, including offices in Boston, New York, Washington, D.C., Atlanta, and Denver. At Coalfire, Joe led an organization of over 60 Cybersecurity professionals, and served as Delivery Engagement Lead for Coalfire’s largest and most complex customers. Prior to Coalfire, Joe served as Vice President of Product Management for Trustwave, a global Managed Security Services firm. • Joe earned a Bachelor’s degree in Mathematics from the University of Maine, a Master’s of Science in Computer Science from The Johns Hopkins University in Baltimore, MD., and a Master’s of Business Administration from Suffolk University in Boston, MA.
  • 8.
    Pressures and changeswhich create opportunity and risk Global Business Ecosystem
  • 9.
    Panel’s Goal: Raisingthe questions and providing some answers Opening Remarks & Open Discussion