Integrating Cybersecurity and Enterprise Risk Management Webinar

Brought to you by the Association for Federal Enterprise Risk Management (AFERM).

Cybersecurity and privacy risks continue to be among the top risks of concern at many federal agencies. Integrating conversations on cybersecurity and related risks to agency ERM programs is critical to ensuring that these risks are discussed alongside other enterprise risks. A virtual panel of IT and ERM practitioners will discuss several methods to enable greater understanding of these topics across these areas of practice and to advance integration in your own agencies. Several of these methods will be further expanded on in a new chapter planned for the ERM Playbook Version 1.1.

AFERM members will expand their understanding of cybersecurity and related risks and will learn about approaches they can consider using within their own agencies, as well as recent NIST guidance published on the subject. Members will also learn more about an upcoming chapter to the ERM Playbook that will address the topic.

Event Details & Registration

The webinar will be hosted using GoToMeeting. Registration is free, but required. Those registered will receive instructions for accessing the webinar by email prior to the event.

Presenters

Julie Chua, HHS
Julie Chua is Director of the Governance, Risk Management and Compliance (GRC) Division within the U.S. Department of Health and Human Services (HHS), Office of Information Security (OIS).  Julie is also the Federal Lead for the implementation of the Cybersecurity Act of 2015, Section 405(d): Aligning Healthcare Security Approaches.  This public-private partnership effort is one of many HHS cybersecurity initiatives to help push forward the cybersecurity and resiliency of the HPH sector.  Prior to joining OIS, Julie was the Cybersecurity Team Lead within the HHS Office of the National Coordinator for Health IT (ONC) leading Critical Infrastructure cybersecurity efforts.

Nahla Ivy, NIST
Nahla Ivy is the Enterprise Risk Management (ERM) Officer for the National Institute of Standards and Technology (NIST), a bureau of the U.S. Department of Commerce in Gaithersburg, MD. At NIST, Ms. Ivy leads the development and implementation of the agency’s ERM program.  She is currently co-chairing an interagency community of interest on the intersection of cybersecurity and agency ERM.  Prior to joining NIST, Ms. Ivy supported the risk management and internal controls functions at the U.S. Department of Energy and served in private industry as a research director and product manager for a financial services and corporate governance firm.

Nnake Nweke, US AGM
Dr. Nnake Nweke is the Chief Risk Officer (CRO) at the U.S. Agency for Global Media (USAGM), formerly, the Broadcasting Board of Governors (BBG), an independent federal government agency that oversees all U.S. civilian international media. In this role, Dr. Nweke leads the Office of Risk Management responsible for all Agency-wide risk programs, including Enterprise Risk Management, Information Security Risk Management, Business Continuity Planning, and Continuity of Operations. He previously worked as the Director of the Office of Internet Freedom also at USAGM, a Branch Chief in the Office of Engineering and Technology at the Federal Communications Commission (FCC), and a Senior Staff member at the John’s Hopkins University Applied Physics Lab.

Dr. Nweke has a Ph.D. in Electrical Engineering from Johns Hopkins University and a law degree from the University of Maryland School of Law.

Karen Francis, FRTIB
Karen Francis is the Deputy Chief Risk Officer with the Federal Retirement Thrift Investment Board (FRTIB), an independent federal agency charged with administering the Thrift Savings Plan (TSP).  At FRTIB, Ms. Francis leads the Agency’s Audit Management, Internal Control, and Enterprise Risk Management (ERM) programs. She is an active contributor and member of the federal ERM community, including an interagency community of interest on the intersection of cybersecurity and agency ERM. Prior to joining FRTIB, Ms. Francis was a career Foreign Service Officer with US Agency for International Development (USAID). She developed the USAID ERM program roadmap and government structure and supported the agency leadership in standing up the ERM program.

Moderator

Kate Sylvis, Guidehouse
Ms. Sylvis is a Director with Guidehouse and has over 18 years of experience advising clients on complex organizational and governance, internal controls, operational, compliance, and risk management challenges coupled with high transparency and regulatory scrutiny. She advises public and private sector clients across various industries. Her expertise and experience cover a range of risk and compliance related competencies such as ERM program design and implementation; COSO-based risk and internal control program design, assessments and practices; risk, compliance and internal control testing and monitoring programs; governance model design; operating model design and implementation (i.e., compliance, and risk functions); business process design and process improvement; compliance risk frameworks, programs and monitoring activities; and integrating robust risk management and internal controls into business operations.