Walt Williams, the director of security and compliance at Lattice Engines, will be speaking on information security management systems at RiskSec Toronto.
The two-day event, June 12 and 13, to be held at St. Andrew´s Club & Conference Centre in Toronto, is SC Media's new threat intelligence and risk management gathering for cybersecurity industry leaders. (The gathering was formerly called SC Congress Toronto.)
Williams will be discussing the fact that there is a lot more to managing an information security program than risk management.
"There are compliance obligations, which are often at odds with a companies' risk tolerance, and there is the periodic and regular validation (governance) that the controls put into place are being followed as designed, and are effective," Williams says.
Too many organizations, he says, never grow beyond the challenges of risk management and compliance management. "Too many tools to assist building corporate governance are expensive, complex and provide small return on the investment," he says.
At RiskSec Toronto, Williams will be discussing how at his company, Lattice Engines, he implemented the various components of a GRC program, risk assessment, analysis and management – achieving and maintaining compliance with the various laws and standards, and putting into place the processes, internal audits, process reviews, technical and processual metrics, documentation and training needed to govern an information security management system without complex and expensive tools.
GRC is not a tool, Williams (left) says, but a set of integrated processes which can help an organization scale. At RiskSec Toronto, Williams says he will be discussing how to build the systematic integrated processes and various inexpensive tools that an organization can leverage to both scale and mature the governance, risk and compliance management involved in managing an information security management system.
SC Media, the leading IT security media brand, brings you RiskSec Toronto, an all-new conference discussing the latest in threat intelligence and risk management strategies. This conference is designed for IT security professionals with a focus on the most pressing issues confronting Toronto's cybersecurity landscape.
"GRC is not a tool but a set of integrated processes which can help an organization scale.”
– Walt Williams, director of security and compliance, Lattice Engines
Evolving from our SC Congress series, the leading cybersecurity conference and expo known throughout the globe, RiskSec Toronto is comprised of interactive learning sessions, keynotes and panel discussions, and features an area designated for technology companies to demo and share their latest products and services. This event was created to immerse attendees in highly personalized and focused interactive exercises with discussions from senior thought-leaders in the cybersecurity industry.
Attendees will share perspectives with peers and discuss steps to tackle the cybersecurity issues proving most challenging to us all. RiskSec Toronto will enhance your knowledge set to bolster your organization's security controls and build up your threat intelligence, risk management plans and best practices.
More than 30 industry leaders will be keynoting and presenting. As well, attendees can earn up to 15 CPEs at RiskSec Toronto.
Come hear Walt Williams at RiskSec Toronto. You will not want to miss this gathering.
Walt Williams has served in leadership roles of organizations that have provided secure and scalable services in the cloud for over 10 years. He currently serves as director of security and compliance at Lattice Engines. He is an outspoken proponent of design before build, and an advocate of frameworks and standards. He has spoken at Security B-Sides, Boston App Sec, Rochester Security Summit, DefCon's Wall of Sheep, and the 2016 27K summit.
Mr. Williams' articles on security and service-oriented architecture have appeared in the Information Security Management Handbook, and he has a book on the same subject with CRC Press. He has sat on the board of directors for the New England ISSA chapter and served as a member of the program committee for Metricon.
Among the other speakers presenting at RiskSec Toronto:
This is the first in a series of articles promoting RiskSec Toronto, SC Media's new threat intelligence and risk management gathering for cybersecurity industry leaders.