CERIAS Security Seminar: From Compliance in the Classroom to Compliance on the Street, Important Lessons That Every Cybersecurity Professional Must Know

The Center for Education and Research in Information Assurance and Security
August 26, 2020
4:30 PM - 5:30 PM
WebEx

Description

Speaker:
Jeremiah Sahlberg
Tevora

Abstract:

From compliance in the classroom to compliance on the street, important lessons that every cybersecurity professional should know.  We’ll cover proven approaches for compliance and risk assessment for a variety of industries, and present specific scenarios and strategies for addressing real challenges facing organizations with PCI, HITRUST, FedRAMP, CMMC and Privacy. Below are some of the examples that we will cover.

 

  • Scope creep (All)
  • Setting deadlines and addressing missing evidence (All)
  • Building out compensating controls (PCI)
  • Conflict of Interest (FedRAMP)
  • Internal Organizational Politics (Risk Assessment)
  • Defensive Interviewees(All)
  • Ethics and Responsible Reporting (All)

    About:

    Jeremiah Sahlberg is the Managing Director--Federal, Third Party Risk at Tevora and has more than 20 years of security experience.  Sahlberg is an executive security consultant and advises clients on establishing security programs and compliance management. He holds CISSP, CISM, PCI QSA and HITRUST certifications. 

     

    Previously, Sahlberg held theSenior Director of Protect Operations at NBC Universal and was the CISO for Tekmark Global Solutions. 

     

    Sahlberg has presented at Evanta(2019), NCUA-ISAO (2018), NCTA (2017), SINET (2016), New York State Cyber Security Conference (2014 & 2012), and Nevada Digital Government Summit(2010).  He guest lectures at NPower and sits on various Boards.

    The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info

Contact Details

Add to calendar