Gone are the days when audit preparation was a once-a-year exercise. With expanding regulations, hybrid environments, and pressure to prove compliance at any moment, organizations face an uncomfortable truth: gaps exist—and they’re growing.
In this Cyber Risk Series: Audit & Compliance Edition leading experts, practitioners, and compliance strategists come together to address one core issue: how to build a state of always-on audit readiness without gaps.
We’ll examine the root causes of audit fatigue, explore what continuous compliance looks like in practice, and reveal how forward-thinking teams are automating their way out of reactive cycles—with new innovations designed to bring policy and proof together in real time.
Wednesday, June 25, 2025
Virtual
Don’t miss the opportunity to learn from industry experts.
Featured Speakers
Milan Patel
Rowenna Fielding
Charity Otwell
Jonathan Armstrong
Steven Lodin
Jonathan Trull
Anu Kapil
Agenda
Compliance Return on Investment – Reframing Qualitative and Quantitative Value
Milan Patel
Chief Client Enablement Officer, Schellman
In this session, Milan will discuss Compliance ROI, what have been the traditional challenges and how we got here, and how transformative metrics can be used to show quantitative cost savings, as well as support overall increase of security posture and automation towards continuous compliance. He will discuss specific, practical metrics and process changes that will streamline the compliance process and provide the ability to articulate cost savings in a meaningful way. He will address what specific benefits you can expect including how this will increase response and engagement from the engineering team, drive longer term continuous compliance in a scalable, and increase general trust and support from the engineering teams.
Cui Bono: Why Comply?
Rowenna Fielding
Data Protection, Privacy & Data Ethics Consultant, "Miss IG Geek"
Cui bono – who benefits? While it may seem that privacy and data protection laws are a burden to business; there are also significant advantages to having well-managed data, strong assurances, and confidence in digital safety measures. In this session Rowenna will explore the strategic and operational benefits of taking an ethics-led approach to data, and ways in which an organization can move from performative gestures towards meaningful change.
CIS Controls - The Smart Starting Point for Cyber Risk Reduction
Charity Otwell
Director for Critical Security Controls, Center For Internet Security
Learn how the CIS Controls offer a prioritized roadmap for building a strong security foundation and aligning with broader frameworks. Charity will share real-world examples from her governance and risk work in finance to illustrate practical application.
The Legal and Regulatory Shifts Facing Today's Security Leaders
Jonathan Armstrong
Partner, Punter Southhall Law
The last 12 months have been possibly the most turbulent for CISOs on the legal front with new legislation like DORA, NIS2 and the EU AI Act. In addition, prosecutors are increasingly looking at personal liability with high profile investigations into CISOs and litigation on the rise. And recent events remind us that attacks hit share price which gets boards engaged. In this session we'll look at the challenges for CISOs and security professionals and some of the solutions.
Fireside Chat: Moving Beyond the Checklist to Drive Better Security Outcomes
Steven Lodin
VP, Information Security, <br>Sallie Mae
Jonathan Trull
CISO & SVP Customer Solutions Strategy, Qualys
Join a candid conversation with security leaders as they discuss real-world strategies to move beyond check-the-box compliance. Learn how risk-based approaches, automation, and continuous controls monitoring are transforming audit readiness into a foundation for stronger, more resilient cybersecurity programs.
Audit Ready Always – The New Standard for Scalable Compliance
Anu Kapil
Senior Product Manager, Qualys
Staying compliant across evolving frameworks like DORA and PCI DSS 4.0 often feels like a never-ending fire drill. It's costly, reactive, and often misaligned with business priorities. In this session, we'll explore why traditional compliance approaches are buckling under modern pressure and how forward-thinking organizations are transforming compliance into a strategic advantage.
You'll learn how automation and risk-based prioritization can reduce audit fatigue, simplify reporting, and keep your organization continuously prepared for any mandate without draining resources or creating chaos.