View Our Events

Join Our Group

May 2022NEWSLETTER

SPECIAL EVENTS, EDUCATION, EXAM REVIEWCLASSES,

CYBER SECURITY TRAINING /SPOTLIGHTS /FLASHBACKS, and CONFERENCES

GREETINGS MEMBERSHIP!

The unofficial start to the summer is underway, we are starting to slowly introduce in person networking events, and weare nearly halfway through the year. How does it feel!? For this month’s edition, I will focus on some quick updates as we have some very important dates and announcementsto make:

Annual Gala - Our Annual Gala is on 6/16 and seating is limited. Please register ASAP! We will have some specialguests in attendance from both near and far.The Leadership Series - The fourth principle will be discussed on 6/29.Board Director Nominations - Voting is underway! Make your vote count.

Annual GalaThe time has come! Our Annual Gala & Wasserman Award Dinner has been confirmed by the Gala Committee.All new place, great new date, and time to celebrate this year’s Wasserman Award Winner, Jim Ambrosini, theaccomplishments of our volunteers & board, and LIFE!Where: City Winery 25 11th Ave, Manhattan, NY, 10011Date: 6/16/22 @ 6PMRegistration: HTTP://BIT.LY/ISACAGALA22Fundraising: Proceeds will support our chapters operations, Ukraine, and Natural and Manmade Disaster Relief effortsWe will be monitoring all local and state requirements for COVID-19 and provide updates as we come across any.IMPORTANT: Seating is limited, and this is a FIRST COME, FIRST SOLD seating arrangement. Register as soon as youcan. Thank you!We are looking forward to celebrating with you all!

Board Nominations

Board NominationsThe current Board Directors have approved the Nominating Committee’s slate of candidates. Please look out for votinginstructions. Voting is slated to begin on June 1st!Special thanks to Nigel James (Chair), Jim Ambrosini, and Teena Bacchus for your tremendous support of this initiative.Make your vote count!

The Leadership SeriesWe have locked in John Picarello, Co-Founder and Chief Leadership Officer of Lion’s Pride Leadership, to speak on thefourth Leadership Principle entitled “Giftedness.”Where: ZoomDate: 6/29/22 @ 11:30AMRegistration: HTTP://BIT.LY/ISACANYLEADER4Price: FreeChad Reyes kicked off the third edition of the Leadership Series with the “Awareness” Leadership Principle. The eventwas well attended.For those who have missed this event, the video link will be on the ISACA Metropolitan New York Websitehttp://ISACA.ny/Leadership and our YouTube page.

Important NoticesWomen in Tech Spotlight: The Women-In-Tech Spotlight series is an honorary programthat recognizes the leadership and professional accomplishments of women in the information technology,information security, and governance, risk, and compliance industry. Nominations are currently being accepted.Submit your nomination using the link here.Top Four Under 40: Nominate your emerging professional rising star here! Our four rising stars will (1) befeatured on our website and social media, and (2) will be reimbursed for their study materials and exam fees for 1certification (upon "pass" grade). The emerging professional must be a member of the New York MetropolitanChapter to be eligible.

Great progress was completed in May by this esteemed board and volunteers. We are looking forward to seeing yourfaces at the Gala! Stay Safe & Awesome New York,

Membership Committee

Sam Vohra, Chair Christina Cruz, Co-Chair

The mission of the ISACA Membership Committee is to provide a meaningful experience for the chapter membersthrough a series of educational, fun, and networking events.Full-time students and veterans are eligible for a 25% discount off membership rates, upon presentation of current classschedules or valid student/veteran ID. Please be sure to register early for the upcoming classes.

Annual Gala

Have you heard?

Registration is open for our Annual Gala and Wasserman Award Recipient Dinner on Thursday, June 16. We will honorthis year’s Wasserman Award Recipient, Jim Ambrosini, CISO, Infinite Group (IGI). You won’t want to miss the spectacular views of the Hudson River at our venue, City Winery and celebrate withcolleagues, partners and friends. Livestream option is available for individuals who cannot attend in person.

Where: City Winery 25 11th Ave, Manhattan, NY, 10011Date: 6/16/22 @ 6PMRegistration: HTTP://BIT.LY/ISACAGALA22Fundraising: Proceeds will support our chapters operations, Ukraine, and Natural and Manmade Disaster Relief efforts

A big thank you to our Past Presidents, Past Wasserman Award Recipients, Sponsors, Members, Student Members,Volunteers, and Partners for helping us make this a night to remember!

Membership Committee PageCheck out our newly updated committee page for Membership Committee and its sub-committees – SheLeadsTech andEmerging Professionals our website here.

SheLeadsTech Subcommittee

Christina Cruz Christeen Russell Alyssa Vumbaco

What is SheLeadsTech?SheLeadsTech is a women-focused program which works to increase the representation of women in Technologyleadership roles and the workforce. Powered by a vast global network of women IT professionals dedicated tosupporting others, SheLeadsTech provides women with mentorship, leadership training, and skills training to grow andexcel within the industry.

We would like to thank all our speakers and all that participated in our first SheLeadsTech and Emerging Professionalshosted 3-Day Event – Breaking Barriers. From the first day’s interactive session about giving permission to ourselves andothers to break barriers, as well as practical tips on how to manage and grow from feedback to the second day’skeynote and panel of women leaders being candid about the current work environment for women in tech, to the thirdnight of networking and finally reconnecting in person, it was an amazing event that allowed for the sharing of a lot ofgreat information and networking with a lot of great people. If you missed Day Two, the recording is available on ourwebsite, at ISACANY.ORG. We strongly encourage you to check it out.

The ISACA New York Metropolitan Chapter is proud to present ourWoman in Tech of the Quarter.

Call to Action!Nominate - Each quarter, SheLeadsTech highlights a woman in Technology or Cybersecurity to celebrate herprofessional accomplishments. Submit your nomination using the link here

Volunteer - Join our Task Force to help support the SheLeadsTech initiative. If interested in joining please emailsheleadstech@isacany.org.

Speaker Opportunities – If interested in speaking at an upcoming event please email sheleadstech@isacany.org.

Mentoring Opportunities – If interested in being a mentor please email sheleadstech@isacany.org.

Emerging Professionals Subcommittee

Christina Cruz Alyssa Vumbaco

The Emerging Professionals (EP) Committee focus on members new to the profession and members 40 and under,representing the future of the profession. We provide guidance and networking opportunities as emergingprofessionals navigate through the early stages of their career.

Thank you to all our emerging professionals that joined our 3-Day Event – Breaking Barriers hosted with SheLeadsTech.See the SheLeadsTech section for further details on the event. If you missed Day Two, the recording is available on ourwebsite, at ISACANY.ORG.

Call to Action!

Volunteer - Join our Task Force to help support the Emerging Professionals initiative. Get your ideas heard, planevents, build your network. If interested in joining please email emergingpros@isacany.org.

Speaker Opportunities – If interested in speaking at an upcoming event please email emergingpros@isacany.org.

Mentoring Opportunities – If interested in being a mentor please email emergingpros@isacany.org.

Nominate - Top Four Under 40 is an annual program that recognizes four ISACA New York Metro members under 40in the IT Audit, Cybersecurity, and/or GRC space that have contributed extensive value to the team and company inwhich they work. They go above & beyond, and we want to recognize them for their contributions to our sector. TheFour Emerging Professionals are honored at our annual recognition event and highlighted on our social media channels.They also score a seat at future exam review classes (worth approximately $600)!

Note: The emerging professional must be a New York Metropolitan Chapter Member to be eligible.Top Four Under 40 Recognition Award nomination form

can be found here.

Training and Development CommitteeCERTIFICATION & EDUCATION

Ms. Kwongmei (May), Chair Mr. Lance Flocco, Co-Chair

ISACA Training & Development Classes Summer/Fall 2022 Schedule

Please click below to register for the desired course(s) of your choiceLast Call for EARLY BIRD REGISTRATION Starts now for Summer/Fall 2022 classes.

Don’t wait. Save now

Certification Prep Classes

1. Last Call Summer 2022 - CISM exam prep class (Live online webinar)

RegisterDates: June 4, 11, 2022, 9:00 AM to 5:00 PM EST, CPEs 14, Member $595, Non-Member $695Final class registration May 30th, 2022

CISM class handouts, seminar, and supporting documents will be as per new announcements made byISACA Global in January. CISM exam wef 6/1/2022 will be as per new syllabus.

2. Last Call Summer 2022 - CGEIT Exam Prem class (Live online webinar)

Register Dates: June 18, 25, 2022, 9:00 AM to 5:00 PM EST, CPEs 14, Member $595, Non-Member $595Final class registration June 12th, 2022

3. New!! Summer 2022- CRISC Exam Prep class , (Live online webinar)

RegisterDates: July 23, 30, 2022, 9:00 AM to 5:00 PM EST,CPEs 14, Early Bird: Member $495, Non-Member $595 by June 25th, 2022Final class registration July 16th, 2022

4. New!! Fall 2022 – CISA exam prep (live online webinar)

Dates: Sept 10, 17, Oct 1, 2022, 9:00 AM to 5:00 PM EST,

RegisterDates: Sept 10, 17, Oct 1, 2022, 9:00 AM to 5:00 PM EST,CPEs 21, Early Bird Member: $695, Non-Member $795 by August 10th, 2022. Final class registration August 31st, 2022

5. New!! Fall 2022 – CISA+ IT Boot Camp Combo (Live online webinar),

RegisterDates: Sept 10, 17, 24 Oct 1, 2022, 9:00 AM to 5:00 PM EST,CPEs 28, Early Bird Member: $895, Non-Member $995 by August 10th, 2022. Final class registration September 5st, 2022

6. New!! Fall 2022 – IT BootCamp for CISA, CISM, CRISC (live online webinar)

RegisterDates: September 24 2022, 9:00 AM to 5:00 PM EST, CPEs 7, Early Bird: Member $300, Non-Member $350Final class registration Sept 15th, 2022

Note: All exam review classes do not include the actual certification/ certificate exam.Please go to www.isaca.org and search exam to register for the exam.

Education Classes

1. New Summer 2022 - IT General Controls Boot Camp, (Live online webinar)

RegisterDates: June 19, 26, 2022, 9:00 AM to 5:00 PM ESTCPEs 14, Member $595, Non-Member $695Final class registration June 13th, 2022

2. Last Call Summer 2022 - Automating compliance in AWS and Azure - Compliance as a code (live onlinewebinar)

Register Dates: June 9 2022, 1:00 PM to 4:00 PM ESTCPEs 3, Chapter Member Complimentary, ISACA Member $15, Non-Member $25Final class registration June 6th, 2022

3. New!!! Summer 2022 - Digital Forensics Fundamentals (live online webinar)

Register Dates: July 16 2022, 9:00 AM to 5:00 PM ESTCPEs 7, Early bird: Member $245, Non-Member $295 by June 16, 2022Final class registration July 9th, 2022

4. New!! Summer 2022, Fraud Risk Management for IT Professionals (live online webinar)

Register Dates: August 7, 14 2022, 9:00 AM to 5:00 PM EST

CPEs 14, Early Bird: Member $495, Non-Member $595 by July 8th, 2022Final class registration August 1st, 2022

5. New!! Summer 2022- Change Risk Management and Auditing (live online webinar)

Register Dates: August 21 2022, 9:00 AM to 5:00 PM ESTCPEs 7, Early Bird: Member $195, Non-Member $295 by July 21st, 2022Final class registration August 16th, 2022

6. New !! Fall 2022 - Auditing Business Continuity & Disaster Recovery (live online webinar)

Register Dates: September 25 2022, 9:00 AM to 5:00 PM ESTCPEs 7, Early Bird: Member $245, Non-Member $295 by Aug 25th, 2022Final class registration Sept 20th, 2022

7. New!! Fall 2022 - Risk Based Annual IT Audit Planning for CAEs (live online webinar)

Register Dates: October 16 2022, 9:00 AM to 5:00 PM ESTCPEs 7, Early Bird: Member $295, Non-Member $345 by Sept 16th, 2022 Final class registration October 11th, 2022

NOTE: If you have any topics that you would like the committee to present or would like to present a topic as a guestspeaker, please write to education@isacany.org

ACADEMIC RELATIONS

Ashey Mangar, Chair Eugene Levin, Co-Chair

2022 Cybersecurity Case Study Competition.

2022 competition welcomed 17 student teams from 7 institutions: Pace University, Yeshiva University, Baruch College,Queens College, Manhattan High School for Girls, Success Academy High School of the Liberal Arts, and BrooklynTech High School.

For several weeks teams have done an admirable work of identifying, assessing potential security risks, and controlingthe risks of distributed denial of service (DDoS) attacks based on a real-world situation.

The following are the winners of the competition

The following are the winners of the competition

We are exceptionally proud of the progress made by students and the hard work they have put into analysing the casestudy. Students in top 3 teams received scholarships from the chapter.

Volunteer Opportunity

CUNY Tech-In-Residence (TIPC) Program

SignUp

The City University of New York (CUNY) are looking for volunteers for their Tech-in-ResidenceCorps (TIRC) program. The Tech-in-Residence Corps was launched in 2017 by the City of NewYork, NYC tech companies, and CUNY to equip college students with the in-demand skills theyneed to enter the workforce. Co-designed by industry and academia, the program aims toinfuse real-world experience and skills, taught by today’s top tech leaders, into tech degreeprograms. Tech-in-Residence Corps members are equipped with training and support to teachthe next generation of NYC students.

GenCyber Teacher Training Cybersecurity Academy

The GenCyber Teacher Training Cybersecurity Academy, hosted at York College, offers middle-school and high-schoolSTEM teachers a professional development program that incorporates cybersecurity concepts into classrooms andextracurriculars. More details on the program can be found here: https://www.york.cuny.edu/gencyber

Looking for guest speakers from the industry to talk about Cybersecurity careers and related topics with programteacher participants. There will be two camp sessions, from July 11-15 and from July 18-22 (9am - 4pm). The talk will beone hour for each session.

York College would like speakers to share:Their background/experience and perspective on current state of cybersecurity spaceWhat career avenues are available (current and emerging) in the spaceWhat base technical skills are important to develop (within and transferrable across role types)Suggested ways to help students gain exposure and develop those base skills

Careers represented might be (but not limited to): Incident Response, Security Analyst, Auditor, Pen Tester,Cryptographer.

CSX LIAISON & CYBERSECURITY EDUCATION LEADER

Farid Abdelkader, Chair Jay Rofsky, Co-Chair

OverviewThe Cybersecurity Education Leader provides CSX-Fundamental (CSX-F) training for chapter members as well asCybersecurity awareness updates and hot topics of interest to the membership.

Call to ActionIf you are interested in supporting the Cybersecurity outreach of thisChapter, please contact Corresponding.secretary@isacany.org or click here for volunteering information.

Current Hot TopicsEvery month, the Cybersecurity Education Leader plans to provide the latest Cybersecurity industry updates related to ITAudit, Cyber Breaches and Threats, Cloud Technology, Data & Privacy, and Enabling Technology.

If you have any updates, you believe are worth noting, please email our chapter lead.

Spotlight TopicsLincoln College Closes After 157 Years due to Cyber AttackLincoln College, a liberal-arts school in rural Illinois, will be closed in May after 157 years following a brutal financial hitamid the Covid-19 pandemic and a recent ransomware attack. The ransomware acted as a final straw bringing thedecision to shut down on May 13, 2022. The Board of Trustees voted to cease all the academic activity at the end of thespring semester. In December 2021, Lincoln College became the victim of a cyberattack that harmed the admissionactivities and hindered access to all institutional data. Lincoln College was one of the 1000 schools hit by a cyberattack last year that directly impacted the learning at 1043individual schools, which have been a constant threat for years to US education. These activities extort the informationand steal the data that makes all the systems required for recruitment, retention, and fundraising efforts inoperable. Thejoint advisory of the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) inDecember 2020 has also warned of the same. For more info: Source 1 Source 2

Significant Growth Projected for Disaster Recovery as a Service (DRaaS) Market Per Yahoo Finance and Technavio, the Disaster Recovery as a Service (DRaaS) market is projected to grow at a rate of44.65% per year from 2020 to 2025. Kurt Seifried, Chief Blockchain Officer and Director of Special Projects for the not-for-profit Cloud Security Alliance, attributes this trend to the increased complexity in the IT environments across allenterprises. For example, a single firm running a large mix of off-the-shelf and custom applications across a multi-cloudinfrastructure has become more common than rare. DRaaS tools ensure that these complex environments can betransitioned over to a secondary cloud site in a disaster scenario.

The disaster recovery (DR) plan and failover process in a DRaaS model is executed by the vendor rather than theimpacted entity. Enterprises that lack the resources and expertise to manage crucial components of a businesscontinuity plan can turn to a DRaaS to oversee this entire process. As with all other "as a service" solutions, DRaaSprovides tremendous cost benefits as well – the cost of outsourcing the DR function to a service provider can be far

provides tremendous cost benefits as well – the cost of outsourcing the DR function to a service provider can be farmore cost-effective than maintaining and operating a secondary on-premises data center. DRaaS is yet another cloudsolution that provides value and specialized services while enabling customers to focus on their core competencies. For more info: Source 1 Source 2

IT Audit UpdatesUpdate to Data Security PCI Standard Published Source 1 Source 2Could Musk’s Plan to Open-Source Twitter’s Algorithm Create Security Issues? Source 1 Source 2

Cyber Breaches & ThreatsPrivilege Escalation Vulnerability Referred as 'Nimbuspwn' Discovered by Microsoft Source 1 Source 2US Justice Department Won’t Pursue White-hat Hacker Prosecution Under the CFAA Source 1 Source 2

Cloud TechnologyDell Technologies is Offering New Cloud Security Services Source 1 Source 2New Cloud Controls Framework Released by Cisco Source 1

Data & PrivacyIndia Introduces Cybersecurity Incident Reporting and Customer Data Collection Requirements Source 1 Source 2Google Play’s Android Apps Introduced New Apple-Like Privacy Labels Source 1 Source 2

Enabling TechnologyThe Rising Threat of Apps in the World in SaaS Platforms Source 1 Source 2Apple, Google, and Microsoft Promise Password-Less Authentication Source 1 Source 2

Special thanks to our CSX and Cyber Education Leader Volunteers for their great work identifying andsummarizing the content for the Chapter.

International Conference on Cyber Security 2022 Check out . . for additional conference details and updated information.

VOLUNTEER OPPORTUNITIES

If you are interested in volunteering, see our volunteer webpage, and send an email to volunteer@isacany.org to let usknow the following: 1. What committee(s) you are interested in? 2. What is your time commitment?3. Submit a photo

2. What is your time commitment?3. Submit a photo4. Short Bio (up to 250 words)

Feel free to reach out to me at president@isacany.org with questions.Stay informed, follow CDC guidelines: https://www.cdc.gov/

JOB OPPORTUNITIESEmployers: List open positions on our website for FREE! Openings are posted for 30 days unless you directotherwise. Send position description and contact information to jobs@isacany.org. NOTE: job postings can only be seenby registered users logged into our site.

ISACA NEW YORK METROPOLITAN BOARD MEMBERS

Chapter OfficersFarid Abdelkader - PresidentWei Tschang - 1st Vice PresidentTim Mortimer - 2nd Vice PresidentEugene Levin - Corresponding SecretaryTeena Bacchus - TreasurerEmanuell James - Recording Secretary

Board of DirectorsAlex BrazyChristeen RussellChristina CruzMichael ShanahanBarry DynkinKwongmei ToLance Flocco

Board of DirectorsPeter TseJustin HonovichJoseph TsoAshley MangarSam VohraJames PowersAlyssa VumbacoKaren Alexander (Immediate Past President)

INFORMATION ANDCOMMUNICATIONS

Thank you for reading the newsletter.

Please let us know your thoughts and suggestions aboutthe content at corresponding.secretary@isacany.org

Eugene Levin, Corresponding Secretary

ISACA New York Metropolitan

Chapter954 Lexington Avenue #525New York, NY 10021-5013

(646) 659 8313

Contact Us