November 2025 Chapter Meeting
Join us on-site in New York City, or on Long Island, or virtually, for our November 2025 Chapter Meeting on November 19, 2025 featuring:
- A presentation on third party risk management by Suraj Raghupathy Iswaran from Deloitte, and;
- A discussion on today’s Operational Technology threat landscape by Shawn Taylor from Forescout.
The registration link can be found below. Members can get their promo codes by logging into the Chapter website and going to their “My Page”. Sponsor promo codes have been previously distributed. Non-members and the public are invited to attend and can register for a nominal fee or join the Chapter. Our annual membership is $40 for professionals and $15 for students. Meeting fees are waived for members. This event will qualify for two Continuing Professional Education (CPE) credits.
Membership in the Chapter is open to all cybersecurity professionals and students. If you are not already a member, please visit our membership page for more information.
Agenda:
5:00 pm – 6:00 pm In-Person Registration, Networking and Event Setup
6:00 pm – 6:10 pm Welcome and Chapter Updates
6:10 pm – 7:00 pm Securing the Extended Enterprise: Next-Gen Third-Party Risk Management by Suraj Raghupathy Iswaran, Cyber and Strategic Risk – Senior Consultant, Deloitte – Onsite in New York City
7:10 pm – 8:00 pm Today’s Threat Landscape Requires a Unique Solution by Shawn Taylor, Field CTO, Americas, Forescout Technologies – Presenting virtually.
⚠️ Registrations for New York City: Due to building security requirements, we will be closing ticket sales to our New York City site at 12:00 pm one day before the event.
ℹ️ Registrations for Long Island and Virtual: We will be closing ticket sales to our Long Island site and Virtual admission at 3:00 pm on the day of the event.
Topic Summary: Securing the Extended Enterprise: Next-Gen Third-Party Risk Management
Organizations are becoming more dependent on third parties, especially within increasingly complex supply chains. As this dependency grows, so does the range and scale of risk exposure. While many risk management programs focus on cybersecurity and data privacy, current conditions demand a broader and more integrated approach. This presentation presents a practical framework that helps organizations improve visibility into third-party relationships, assess risk in context, apply a mix of control evaluation and continuous monitoring, and use operational data to support timely decisions. As third-party incidents continue to rise, building a more agile and resilient risk management program has become essential for sustainable operations and supply chain continuity.
Speaker Bio: Suraj Raghupathy Iswaran, Cyber and Strategic Risk – Senior Consultant
Suraj is a senior cyber and strategic risk consultant at Deloitte with more than six years of experience in cyber risk consulting and management at PwC and Deloitte. He specializes in designing and executing third-party risk assessments, conducting vendor due diligence, and supporting enterprise compliance and threat monitoring efforts for clients across the financial services, healthcare, and technology industries.
Topic Summary: Today’s Threat Landscape Requires a Unique Solution
Specialized threats targeting operational technology (OT) environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors has continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices is that are pervasive in critical infrastructure systems. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting not just OT environments, but leveraging vulnerabilities across the enterprise to gain access and establish persistence.
Speaker: Shawn Taylor, Field CTO, Americas
Shawn is a seasoned solutions engineer and evangelist with over 25 years of experience, recognized for his technical expertise, architectural vision, and commitment to operational excellence. As a trusted advisor, he helps customers navigate complex business-technology challenges with a cross-functional approach.
Specializing in Cyber-Physical Systems, CAASM, Identity Management, IT Service Management, and IT Asset Management, Shawn has designed and championed innovative solutions across diverse industries. He is a sought-after speaker and thought leader, frequently presenting at industry conferences, panels, and webinars on emerging cybersecurity trends, risk mitigation strategies, and best practices for securing critical infrastructure. His ability to translate complex technical concepts into actionable insights has made him a valuable resource for both technical and executive audiences.