ISACA Research Triangle Chapter
Full Day Training Event

Breakfast

Arrive early and enjoy breakfast

Welcome Address Scott Hanchett / Srinivas Saraswatula

Welcome address by the chapter president and program chair

Igniting the Data Dance: A Framework for Data Governance
Joe Perez, CTO, CogniMind

In an age where data is the lifeblood of modern organizations, the need for robust data governance has never been more critical. Yet, as history has shown, adopting significant change can be quite challenging. This session draws compelling comparisons to the Meiji Restoration, which launched Japan into the modern era, urging participants to reevaluate their data management strategies. Just as the Meiji leaders enacted transformative reforms to advance their nation, contemporary business leaders must be prepared to evolve and innovate to fully leverage their data's strategic capabilities.

Quick Break ,

Quick 10 minute break

Supervised AI Agents as Co-Workers
Joe Oringel, CEO, VisualRiskIQ

Agentic AI is rapidly being deployed by leading audit, compliance, and cybersecurity teams. While AI agents are not yet replacing all of today’s knowledge workers like auditors, accountants, and cybersecurity professionals, these knowledge workers that effectively use Agentic AI may soon be replacing those knowledge workers who do not use these tools to drive high quality business growth and scale.
AI is moving beyond automation to become a true teammate, especially in the governance, risk, and compliance processes. This session will show how supervised AI agents can work alongside accountants, auditors and cybersecurity professionals to enhance efficiency, consistency, and assurance quality. 
Of critical importance is training and supervision so that the AI agents accomplish their testing to quality standards that are intended. Attendees will leave with a practical view of how AI-powered testing can be applied to both internal and external assurance

Quick Break ,

Quick 10 minute break

Topic To Be Updated
Cory Sabol, Sr. Security Consultant

Session Synopsis To Be Updated

AI Attack Vectors
James Knight, Senior Principal, Digital Warfare

The talk would be on AI attacks and it's use by hackers throughout the kill chain, AI defenses with the current and future uses, and AI Governance diving into current issues such as Open Claw security, and developing a company wide approach to dealing with AI. 

Lunch ,

Enjoy a catered lunch

Attend the professional development session

Network with your peers / speakers

Insider Threat Lessons from the Eddie Tipton Lottery Fraud Case
Joe Cosgriff, Director of Security, NC Education Lottery

The Eddie Tipton lottery fraud case represents one of the most compelling modern examples of insider threat risk within a high-assurance environment. A trusted security professional exploited privileged access to manipulate a random number generation system, ultimately undermining the integrity of lottery drawings and exposing critical gaps in technical, procedural, and governance controls.
This session examines the case through the lens of cybersecurity, audit, and risk management professionals, focusing not on the sensational aspects of the crime, but on the systemic control failures that enabled it. The presentation will explore how traditional security models often overlook insiders as threat actors, how threat modeling must explicitly include trusted personnel, and how layered controls can reduce the likelihood and impact of similar events.

Quick Break ,

Quick 15 minute break

Network with your peers / speakers

From Data Exposure to Data Resilience: AI-Driven Security for the Modern Enterprise
Kaali Dass,First Citizens Bank

As organizations expand across hybrid environments and cloud platforms, data has become both their most valuable asset and their greatest risk. While enterprises have strengthened infrastructure and perimeter defenses, sensitive data remains widely distributed across production, testing, analytics and third-party environments, creating increased exposure, regulatory pressure and reputational risk. The speaker will explain how organizations can move from reactive data protection to a proactive data resilience strategy. The session will highlight how data masking and AI-generated synthetic data can reduce risk by removing real sensitive information from non-production and analytical environments. By embedding these practices into governance and operations, organizations can lower regulatory exposure, strengthen trust, and support innovation without increasing risk.

The Paradox of Complexity: Why "Effective" Security Fails 
Dmitry Berger Security Delivery Lead, EPAM

According to recent industry reports, "Security System Complexity" is one of the primary factors that increase the cost of a data breach. Why does the addition of advanced security controls often lead to higher risk and operational paralysis?
In this session, I will demonstrate that a company is an Open System governed by the laws of thermodynamics. We will explore how security’s true role is to maintain the "Knowledge Gradient”, the internal order that creates competitive advantage.

Quick Break ,

Quick 15 minute break

Network with your peers / speakers

Panel Discussion
John Fehan RTC Board Member

Panel discussion on the day's topics and any other topics of interest to the audience

Wrap Up Scott Hanchett / Srinivas Saraswatula

Wrap up by the chapter president and program chair

Adjourn at 0430 PM