Understanding the role of SOC Examination Reports in the Marketplace and Zero Trust Architecture and End to End Encryption for Collaboration Tools

This will be an online meeting with the link sent out the day before the meeting.

Agenda

5:00 – 5:15  Welcome and Chapter Business

5:15 – 5:35  ­­­­­­­­­What Colonial Pipeline means to the US

5:35 – 6:15  Understanding the role of SOC Examination Reports in the Marketplace

6:20b- 7:15  Zero Trust Architecture and End to End Encryption for Collaboration Tools

Baker Tilly will offer attendees the ability to enter a raffle for a pair of Apple AirPods

Special Briefing:
What Colonial Pipeline means to the US
Speakers:
Paul Ferrillo
Partner, Privacy & Cybersecurity
Seyfarth Shaw LLP

Abstract:
The recent ransomware attack on Colonial Pipeline amplified the fact that the US is current in the midst of a ransomware pandemic of proportions we have never seen before. Eric Goldstein, executive assistant director of the cybersecurity division at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA recently stated that the attack “This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.” In part 1 of the Colonial Pipeline discussion, we will discuss the issues raised by the attack for US companies, including issues concerning cybersecurity insurance for ransomware attacks, as well as official positions taken by the US government and the FBI.

Speaker Bio:
Paul focuses his practice on the largest matters facing US corporations and financial firms today: complex securities class actions, major data breaches and associated privacy class actions, and corporate and regulatory investigations.

Paul has throughout his career represented public companies and their directors and officers in shareholder class and derivative actions, as well as in internal investigations. In particular, he has coordinated numerous internal investigations on behalf of audit committees and special committees, and handled the defense of securities class actions alleging accounting irregularities and/or financial fraud.
Paul also has extensive experience in cybersecurity matters. Paul is a cybersecurity incident “first responder.” He assists clients with governance, disclosure, and regulatory matters relating to their cybersecurity postures and the regulatory requirements that govern them. He also litigates privacy class actions in federal and state court.
Paul maintains an active pro bono practice and has acted as pro bono counsel/litigator for the Humane Society of the United States in connection with successful effort to close a puppy mill accused of improper sales tactics and abuse of puppies.
He is also the author of “Navigating the Cybersecurity Storm: A Guide for Directors and Officers” (Advisen 2015) and co-author of “Take Back Control of Your Cybersecurity Now: Game Changing Concepts on AI and Cyber Governance Solutions for Executives” (Advisen 2017).
Paul represents clients across a wide range of industries, including retail, aerospace contractors and subcontractors, apparel, financial services, investment banking, private equity, hedge funds, 1940 Act funds, energy, oil and gas, and real estate.

Session 1:
Understanding the role of SOC Examination Reports in the Marketplace

Speakers:
Russell Sommers, CPA, CISA
Senior Manager at Baker Tilly
Dennis Schaefer, CISSP, CISA
Manager at Baker Tilly
https://www.bakertilly.com/

Abstract:
Overview of the role of SOC reports in the marketplace
2. Types of SOC reports
3. Stakeholder expectations
a. Of service organizations
b. Of SOC report user entities
4. Preparing for a SOC examination
5. Key steps in reviewing a SOC Report

Speaker Bio:
Russell Sommers, CPA, CISA
Senior Manager at Baker Tilly
Russ has over 15 years of experience in the field of public accounting and risk advisory specializing in the financial services, healthcare and public companies. He has led a broad array of projects including regulatory compliance consulting, cybersecurity, internal controls advisory, internal audit, risk assessment, information technology audit, vendor risk management, enterprise risk management, corporate governance, process reengineering, SOC reporting and specialized consulting.

Dennis Schaefer, CISSP, CISA
Manager at Baker Tilly
Dennis has over 20 years of experience in technology consulting and assurance engagements for both public and privately held companies, including manufacturing, distribution, financial services, construction, healthcare, retail and not-for-profit entities. He has led a broad array of projects including regulatory compliance consulting, regulatory compliance examinations, SOC reporting readiness, SOC reporting examinations, Sarbanes-Oxley compliance testing, cybersecurity, internal audit, incident response planning and business disaster recovery/business continuity planning.

Session 2:
Zero Trust Architecture and End to End Encryption for Collaboration Tools

Speaker:
Matt Jones, Director of Federal Sales, Wickr
https://wickr.com/
Abstract:
Movement from traditional cybersecurity and movement to zero-trust (Pending add’l info)

Speaker Bios:
Matt Jones is a Sr Executive with 20+ years in federal and DoD secure communication development discovering several patents during his development work from secure wireless transceivers to weapon mounted image relay systems.

Matt is a Serial Entrepreneurial in companies specifically impacting Communication Security, Human Intelligence and Digital Intelligence.