February 2020 Training Session

When: February 05, 2020 - 1300-1630
Where: RTP HQ
Registration: Website
ISACA-RTC Members - Free (Log in to register to ensure discounted fee)
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $25
All Others: $50
CPEs: Upto 3
Handouts: Will Be Uploaded When available

This training session is part of the ISACA "She Leads Tech" initiative.

Session I Title: Networking: The Most Important Thing Women Should Do for Their Careers -- But Aren't (1:10 PM to 1:45PM)

For many professionals, the causes of their success have largely been contributed to the strong networking channels they have created over time. Through storytelling and humor, this presentation will persuade you why networking is an essential  part of your job, whether you know it (or like it).
Main topics: • Learning how to stand out • Setting networking goals • Gaining Confidence • Becoming a resource • Learning your value • Developing long-lasting relationships

As professional women, we have a responsibility to the younger generations of women who are struggling with the same issues we are. We must pay it forward.

Speaker: Gina Yacone, AGIO, Cybersecurity Consultant

Gina Yacone is a cybersecurity consultant with Agio’s Morrisville, NC, office. Gina is experienced in developing, implementing and evaluating health information security compliance programs for both government and private sector organizations. Gina focuses on the healthcare space wherein she looks deep into the efficiency and effectiveness of technical, physical and administrative control structures. Gina’s experience includes virtual CISO (vCISO) responsibilities for clients concentrated in healthcare, pharmaceuticals, technology and local government. She has conducted numerous HIPAA-focused security risk assessments of hospitals and healthcare organizations, as well performed HITRUST assessments. Gina has built an extensive track record of success delivering the vision, key leadership, and strategies to take IT performance and security to new levels of performance.
Gina is a designated CompTIA Subject Matter Expert and holds certifications from (ISC) 2 as a Systems Security. Certified Practitioner, CompTIA in Security Plus (Sec+), as well as the Health Information Trust Alliance (HITRUST) as a Certified CSF Practitioner (CCSFP) and a Certified HITRUST Quality Professional (CHQP). Gina is a Rotarian and an active member in the local NC chapters of the Information Systems Security Association (ISSA), InfraGard, and North Carolina Healthcare Information and Communications Alliance (NCHICA) and regularly participates in DEFCON and other local hacker meetups. Gina sits on the board for Women in Cybersecurity (WiCyS) North Carolina, Tweens & Technology, BsidesRDU as well as the Information Services Advisory Board for the Town of Cary.

Session II Will be Updated (1:45 PM to 2:30 PM)

When opportunity strikes! It’s often said opportunity knocks only once. You never know if you’ll get another opportunity. My journey into security has been due to opportunities I have seized along the way. I would like to share my journey as a motivational speech to inspire other females in this industry of Cybersecurity.

Speaker: Noureen Njoroge, Cisco, Security Threat Intel Engineer

Noureen Njoroge is a passionate Cybersecurity specialist, a global keynote speaker and listed among the Top 30 Most Admired Minority Professionals in Cybersecurity by https://sequre.world/diversity-matters-the-case-for-inclusivity-in-cybersecurity/. She currently works at Cisco Systems as a Cybersecurity consulting engineer. Noureen is a people’s leader and very passionate in mentoring others. She is the owner of the Mentor & Mentee women in Cybersecurity  https://www.linkedin.com/groups/8673525/; and the president of North Carolina Women in Cybersecurity (WiCyS) Affliate chapter. Noureen Njoroge has continued to be the advocate for many women in the IT industry. She volunteers in both local and international speaking engagements advocating for women. Her voice can be heard on several podcasts advocating for women in this industry. Noureen is very passionate about mentoring others and being the voice for many. Noureen sets an example for others to follow in her hard work to keep ahead of the pack in a rapidly changing industry, her commitment to generously share insights on an ongoing basis, and her desire to help clients protect their business and their data in a complex and uncertain world. She holds a bachelor’s degree in Information Technology from university of Massachusetts Lowell (UML) and a graduate of the Cybersecurity program at Massachusetts Institute of Technology (MIT).

Session III Put a $ on it (2:45 PM to 3:15 PM)

Managing cybersecurity risk for an IT infrastructure requires investment. But how does an executive know how much to invest? And for what cause? A challenge in our industry today is that all kinds of rating systems obscure the level of risk, and  decisions to improve security posture don’t go forward. We can change this: we can begin to put a $ amount on loss so that executives can go forward with decisions about which part of security to invest in. Using the FAIR framing, we discipline our language to talk about risk in terms of frequency and magnitudes of losses. We can further decompose frequency into threat event frequency and susceptibility. Loss magnitudes can be decomposed as well. The people most interested in these skills  are the people who can see an issue from both sides: e.g, prevention or mitigation, online interaction or customer service, configuration item or architecture.

Speaker: Anna Kirkland Smith, MetLife, Security Analyst

Anna Kirkland Smith enjoys blending data science and cybersecurity. She currently works at MetLife on the Cyberfraud team. She is not only interested in protecting companies, but also growing communities. She is the founding president of the  Data Scientista Society, a local group for women enthusiastic about data. She is also recruiting for www.dorotheadixdigital.org, a stack of volunteer-driven IOT “cyberscape architecture” projects for Dorothea Dix Park.

Session IV - Seven things I have learned about Security

Speaker: Deb Romeo, Co-Founder/COO,Security Jorney

Co-Founder at Security Journey along with her husband, Chris Romeo. COO responsible for day-to-day operations and finances for the company.

For more information and to register for the training session, please visit the ISACA RTC website.



March 2020 Full Day Session

When: March 4, 2020 - 8:30AM - 4:30PM
Where: RTP HQ
Registration: Stay Tuned
ISACA-RTC Members - $75 (Log in to register to ensure discounted fee)
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $100
All Others: $125
CPEs: Upto 7
Handouts: Will be uploaded when available


  1. “The Management of Security Tool Usage and How SOAR can Improve Workload Efficiencies”, Anthony Tanzi  | Partner Architect, Optiv
  2. “Get Attention and Budget: How to Effectively Communicate Important Audit Findings to Your Executives”,Craig LaCava | Global Executive Services Director, Optiv
  3. "Managing Risk through Digital Transformation”, Jim Tiller | DVP, Security Services Operations, Optiv
  4. “A Zero Trust Journey: What are the Building Blocks?”, Jerry W. Chapman | Technical Director – Digital Identity and Data Management, Optiv

Zero Trust can transform your companies security as organizations migrate to a universal platform - a result of digital transformation and the cloud. Knowing where to start, however, and how to get to the top of the Zero Trust mountain and its maturity levels can be challenging. Join Optiv's Jerry W. Chapman to discuss what are the key building blocks to methodically achieve full Zero Trust and optimal security while adapting to an evolving infrastructure.