Risk Management Conference

June 26

The conference will be held on June 26, 2025 from
8:30 am to 12:30 pm.

Add this event to your calendar using the Add to Calendar link at the bottom of the page.

Virtual Event

The workshop will be held using Zoom.

Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.

GWDC Member Fee – $10

The fee for GWDC Members is $10 for the conference.
The fee for all other registrants is $30 for the conference.

To become a member and take advantage of the member rate for our events, among other benefits, join ISACA and select the Greater Washington D.C. Chapter as your local chapter.

Earn up to 4 CPEs

Attendees can earn up to 4 CPEs for this event.

Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls.

Cyber Risk Management in Practice: A Strategic Playbook for CISOs

Presenter: Russell Eubanks (Cyverity, SANS Institute)

Balancing risk reduction with business enablement isn’t just a theory—it’s a challenge cybersecurity leaders face daily. Cyber Risk Management in Practice: A Strategic Playbook for CISOs is a presentation designed for CISOs, cybersecurity executives, and program managers who need more than frameworks—they need guidance they can act on.

In this session, Russell Eubanks, Principal Instructor at the SANS Institute and Managing Partner at Cyverity, will discuss the practical elements of an effective cybersecurity risk management program. He’ll explain how to evaluate your current cybersecurity posture, prioritize safeguard investments using a “good, better, best” model, and close the gap between today’s risk realities and tomorrow’s security goals.

Attendees will be introduced to a structured approach from the Cybersecurity Risk Foundation’s Governance and Risk Model (CRF-GRM), a proven methodology for turning cybersecurity strategy into repeatable action. You’ll leave with concrete steps to build a risk-informed roadmap, embed cybersecurity into business decision-making, and create a continuous improvement cycle.

Whether strengthening your existing risk management program or building one from the ground up, this webcast offers real-world techniques and strategic insight to help you make smarter, more defensible decisions.

Building Strong Governance for Accountability and Resilience

Presenter: Elizabeth Dunsmoor (Shared Assessments)

Learn how to strengthen governance structures to drive accountability and organizational resilience. The session will cover:

• Governance Models – Overview of effective governance models and their key components
• Accountability Mechanisms – Strategies for establishing clear accountability and oversight
• Resilience Building – Enhancing organizational resilience through robust governance practices

A Fireside chat on “AI in the Crosshairs: Legal, Risk and Cybersecurity Challenges in the Age of Generative AI”

Presenters: Nick Lockett (ADL Solicitors) and Sushila Nair (Cybernetic LLC)

Artificial Intelligence, particularly Generative AI (GenAI), is reshaping industries with its innovative capabilities, from content creation to complex decision-making. However, with these advancements come significant cybersecurity and legal challenges. In this one-hour fireside chat, a cybersecurity expert and a legal professional will dive into the complex interplay between AI technology and its risks.

The discussion will explore how GenAI is both a tool and a target in cybersecurity, examining its role in threat detection as well as its misuse for creating deep fakes and automating cyberattacks. From a legal standpoint, the conversation will delve into data privacy concerns, intellectual property issues, regulatory implications, and ethical considerations surrounding AI use and development, considering EU,UK and US AI laws and Codes of Practice and how this impacts on competition in the AI field. Together, the speakers will offer practical insights into securing AI-driven systems and ensuring compliance with emerging legal frameworks.

This engaging dialogue aims to provide actionable strategies for managing AI’s risks while embracing its potential, catering to professionals navigating this transformative.

Risk and Compliance: A Digital Transformation Journey – Day 0 to Day 5

Presenter: Bhargav Trivedi (Capital One)

This five-day journey guides organizations through a focused digital transformation of the risk and compliance functions. Starting with Day 0 alignment on vision and priorities, the process quickly progresses to designing future-state models, identifying digital enablers, and integrating data-driven strategies. By Day 5, organizations emerge with a clear roadmap and executive buy-in to implement agile, tech-enabled risk and compliance capabilities.

Russell Eubanks
Managing Partner @ Cyverity
Principal Instructor at the SANS Institute

Russell is a Principal Instructor at the SANS Institute and Managing Partner at Cyverity, an information security consulting firm specializing in governance and fractional CISO. He is the former CIO and CISO of the Federal Reserve Bank of Atlanta. Russell has developed cybersecurity programs from the ground up and also led extensive cybersecurity teams. Russell actively seeks opportunities to add value to organizations and measurably increase their overall security posture.

Elizabeth Dunsmoor
Third-Party Risk Management (TPRM) Principal @ Shared Assessments

Elizabeth Dunsmoor is a Third-Party Risk Management (TPRM) Principal at Shared Assessments. With over 15 years of experience in the TPRM field, Elizabeth has designed holistic TPRM programs and assessed risks across various sectors, such as cybersecurity, financial services, manufacturing, and healthcare. Elizabeth excels at transforming risk strategies into actionable frameworks, partnering with procurement and corporate teams to strengthen risk resilience. She is also committed to developing cross-functional leadership within the risk management space. In her current role, Elizabeth trains business leaders on third-party risk program requirements, third-party capabilities, and performance expectations.

About Shared Assessments: In our global economy where third-party services are essential, Shared Assessments is at the forefront of providing thought leadership, standards, and education to drive third-party risk assurance.

Nick Lockett
Founding partner @ ADL Solicitors (London)

Nick Lockett, founding partner of ADL Solicitors in London, is a barrister and solicitor-advocate with over 30 years of experience in IT law, including leading roles in top law firms, Sidley & Austin (London) and McDermott Will, Emery & Stanbrook (Brussels). Currently within Nick’s Advanced Technology practice, Nick focuses on the legal and ethical implications of AI and founder of the Centre for Assessment of AI Risk & Opportunity (CAAIRO) and has a forthcoming book, “Techsistential Risk: AI Law and Ethics,” (due late 2025). Nick’s extensive experience allows him to navigate the complexities of AI governance, ensuring compliance with evolving legal frameworks, and addressing ethical considerations in technology deployment.

Sushila Nair
CEO @ Cybernetic LLC
CISSP, GIAC GSTRT, GSNA GDSA, CISA, CISM, CRISC, CDPSE, CCSK, CCAK

Sushila Nair is the CEO of Cybernetic LLC and former Vice President of Capgemini’s North American Cybersecurity practice, where she played a crucial role in driving secure digital transformation on a global scale. With over 30 years of experience in computing infrastructure, business, and security risk analysis, Sushila has established herself as a leading authority in the cybersecurity domain. Her career highlights include serving as Vice President responsible for global security offers at NTT DATA Services, a decade of leading her own IT and cybersecurity company across major UK cities, and serving as a Chief Information Security Officer (CISO) and trusted advisor to boards, where she honed her expertise in protecting organizations from evolving digital threats. Recognized through the top cybersecurity leader award by Security Magazine, Sushila’s influence in the industry is undeniable.

An esteemed thought leader, Sushila has shared her insights on prestigious platforms such as public radio, RSA Conference and ISACA’s global events. Her active participation in ISACA’s global emerging trends working group and her leadership as President of ISACA’s Greater Washington, D.C. Chapter underscore her dedication to advancing the field of cybersecurity. In 2024, her commitment to nurturing the next generation of cybersecurity professionals and promoting diversity in the industry was honored with the prestigious ISACA Technology for Humanity Award and Security Magazine’s Top Cybersecurity leader.

Bhargav Trivedi
Senior Director of Software Engineering @ Capital One

Bhargav leads the Enterprise and Operational Risk Management Technology teams within Risk Tech. Over the past 6 years, he has played a pivotal role in architecting and delivering technology solutions that support Capital One’s risk identification, assessment, control monitoring, and issue management processes. Prior to this, he spent 5 years in Commercial Bank Technology, focusing on resilient, scalable platforms. Bhargav is passionate about the intersection of risk and technology, particularly in using AI, automation, and data analytics to strengthen risk posture, enable proactive risk management, and improve control effectiveness. He is a champion of building secure, transparent systems that empower first and second-line risk teams to make timely, risk-informed decisions. Bhargav is based in Richmond, VA. Before joining Capital One, he was a software architect at American Express, supporting critical capabilities in the Business Travel division. His early career included roles at GE Commercial Finance and PNC Bank, where he gained foundational experience in financial risk, credit systems, and data governance frameworks. Outside the office, Bhargav enjoys playing chess, spending time with his two young boys, and keeping up with the latest in tech innovation through podcasts. His mission is not only to build software—but to lead the transformation of risk management through technology.