Ask the Experts: Securing Third Parties and Cloud Services
OL125-17 | On Demand | Update | Self-Study
In this engaging panel discussion, moderator Mark Burnette will host a panel of cybersecurity experts who will share their insights on securing the “cloud”, as well as how to properly and effectively secure third parties that are processing information on behalf of a company.
This video was recorded at the 2017 Cyber Security Conference
|Number of Credits||Type of Credits|
TEST YOUR SYSTEM
We have updated the format of the vidoes in the TSCPA On Demand Video Library to optimize your viewing experience. Please take a quick moment to view the video below and test your system.
Can you play the video above? If not, your network's firewall is likely blocking our on-demand courses. Please have an IT professional whitelist vimeo.com and vimeocdn.com. If you have additional questions, please contact TSCPA at 615/377-3825.Login and eMaterials: To access TSCPA's On Demand Video Library courses and related eMaterials, click on your My CPE page. All On Demand course purchases will be accessible from this personalized page.
Cancellations, substitutions and transfers are not available for On Demand courses or self-study products. By registering for this On Demand course, you agree to TSCPA's Policies and Procedures.
- Member (Early Bird)
- Non-Member (Early Bird)
Mark B. Burnette, CPA, CISA, CISSP, CISM, QSA
Mark Burnette is a Shareholder in LBMC’s Information Security practice. LBMC is the 45th largest accounting and professional services firm in the United States. Mark oversees LBMC’s information security consulting services and technical information security assessment capabilities, and serves as the service line leader for LBMC’s PCI (credit card security rules) security practice.
During his decorated career, Mark has served as the President and Global Practice Leader for a national information security consulting company and built and led information security functions for two major publicly-traded corporations. He worked for several years in key leadership roles with two of the Big 6 (now Big 4) accounting firms where he specialized in developing, implementing, assessing, and securing information technology solutions for companies in the healthcare, retail, manufacturing, banking, and insurance industries.
In 2005, while serving as the Global Information Security Officer for international insurance broker The Willis Group, Mark was named the Information Security Executive of the Year at the ISE Southeast Awards. In 2008, while serving as the Executive Director of IT Operations and Security for hotelier Gaylord Entertainment Company, he was named one of Information Security Magazine’s “Security 7” top seven security leaders, and was chosen by ComputerWorld Magazine as one of the Premier 100 IT Leaders for 2009.
In January 2011, the Information Systems Security Association (ISSA), the international trade association for information security professionals, named Mark a Fellow. This prestigious honor, which has only been granted to a handful of individuals worldwide, is bestowed by the ISSA Fellow Program for distinguished accomplishments in the field of information security, leadership, and future service to the association and profession. Mark’s unique background allows him to bring a “walk a mile in the shoes” perspective to all of LBMC’s security engagements. His experience building and running information security functions allows him to develop solutions that are relevant, practical, and actionable.
Recognized as an IT security expert by technology think-tank Gartner, Mark has repeatedly been featured as a subject matter expert on ABC and CBS television affiliates and in print media such as CSO, Secure Enterprise, Information Security, and ComputerWorld magazines. He is a regular collaborator with the Middle Tennessee office of the Federal Bureau of Investigation and has co-presented on cybersecurity with FBI agents several times. He is a noted author and a frequent speaker to International conferences and specialty groups such as the Tennessee Bar Association, the Pennsylvania Institute of Certified Public Accountants, the Tennessee Society of Certified Public Accountants, Information Systems Audit and Control Association, Institute of Management Accountants, Institute of Internal Auditors, & ISSA, and on College and University campuses across the United States. Mark also served as an Adjunct Professor of Accounting at Belmont University for four years, where he taught Accounting Information Systems.
Mark currently serves on the American Institute of CPAs’ national Cybersecurity Working Group. That group of cybersecurity experts has worked on behalf of the AICPA to update existing cybersecurity control descriptions for the CPA profession and to develop a new cybersecurity risk management attestation standard that will be publicly available in May, 2017.
During 2016, the AICPA also tapped Mark to develop a cybersecurity toolkit for its member firms that provides guidance on how CPA firms can develop and staff a cybersecurity consulting function that will allow them to offer cybersecurity services to their clients. The toolkit also provides a description of the nature of services that could be provided and insights on how to ensure they are effectively delivered to clients. In further recognition of Mark’s cybersecurity acumen, the AICPA asked him to lead the development of the AICPA’s official training curriculum on cybersecurity risk assessment and consulting services. This new training course, delivered for the first time in June 2017, will train the next generation of cybersecurity auditors and assessors in the proper scoping, evaluation, execution, review, and reporting of an entity’s cybersecurity posture.Back to Facilitators
Charles Henson has worked in the IT industry for over 25 years and currently serves as Managing Partner of Nashville Computer, Inc. He has written three books, Hassle-Free Computer Support, Cloud Computing A Guide for Executives & Business Owners, and his latest book The Business Owners Guide To I.T. and All Things Digital, Vol.2: 17 Critical Facts Every Business Must Know To Maximize Their Company’s Efficiency, Security, Employee Productivity and Profits. In this book Mr. Henson was joined by a select group of leading I.T. experts from across North America to co-write what instantly became an Amazon best seller.
Charles became interested in technology at a very young age. He got his first computer from a school friend in 1984. His thought was that if computers break, someone would need to fix them. This simple thought drove Charles to get a degree in Electrical Engineering from ITT Technical Institute. Since then he has never stopped reading about and learning all of the new technologies as they become available. He feels that he needs to be a trusted advisor to all of his clients.
In May 2010 he was invited to the Google Headquarters in California for his personal feedback and opinions on the Google Adwords product offering and to give feedback on the training in which he took part. Charles has been interviewed and featured in the Redmond IT Magazine regarding Backup Disaster Recovery solutions. He has worked with and has been trained on PKI (Public Key Infrastructure) a technology used to encrypt data and communications. Additionally, he has been asked for his insight and invited to discussion groups and interviewed by peers and industry leaders to help build a common Cloud Computing Blueprint.
In 2014, Mr. Henson received the Nashville Business Journal’s CIO Award which recognizes top technology leaders in Middle Tennessee. He is passionate about teaching and advising all who will benefit from his IT experience and has become well known around the Nashville area through speaking engagements, news interviews, teleseminars and webinars.
Mr. Henson resides in Brentwood, TN with his wife and two children.Back to Facilitators
Corey Wilson, CHPC, CICISO
Corey Wilson has over 28 years of IT, security, and healthcare privacy experience, and is currently the Chief Information Security Officer for Sound Physicians. Sound Physicians is a leading healthcare organization that provides acute episodes of care services to hospitals, that include emergency medicine, critical care, hospital medicine, transitional care and advisory services. Sound Physicians partners with over 200 hospitals across the country and employs over 3000 clinicians.
Corey joined Cogent Healthcare in 2004 with responsibilities over IT infrastructure and helpdesk areas, then in 2012 was asked to develop and lead the company’s first formal Information Security program. In 2014, Cogent Healthcare was acquired by Sound Physicians and Corey was again asked to lead the Information Security program for the combined organization.
During Corey’s tenure with Cogent / Sound, he has led the IT and Security teams through various projects including; business relocation and consolidation efforts, implementation of Sarbanes-Oxley requirements, internal and external investigations, and multiple company acquisitions, including the Sound acquisition of Cogent in 2014. Corey is also a member of Sound’s Compliance Board Committee with responsibility for the oversight and execution of the Sound Physicians Information Security Platform.
Prior to joining Sound, Corey served as an IT leader in various industries, including semiconductor manufacturing, research institute, library software development, academia, and real estate related IT services.
Mr. Wilson is a member of the Health Care Compliance Association, HIMSS, and Nashville Technology Council.Back to Facilitators
Gina B. Pruitt, CPA/CITP, CRISC, CISA, CCSFP
Gina Pruitt is the member-in-charge of risk assurance & advisory services with KraftCPAs. Her responsibilities include IT audit and consulting, risk management, internal audit, HIPAA compliance reviews, PCI DSS (Payment Card Industry Data Security Standards) compliance, network security assessment and network vulnerability assessment, Sarbanes-Oxley audits and service organization control (SOC) reviews.
Gina has more than 25 years of experience. She spent 10 years in Big 4 public accounting as the partner in charge of the Nashville practice of enterprise risk services (ERS) with Deloitte & Touche. Gina was also the national healthcare industry partner for ERS where she led the development of a national healthcare compliance consulting practice, a national NCQA certified HEDIS consulting practice, and a national HIPAA assessment and implementation consulting practice.
In addition, she was the southeast regional director for internal audit services at Deloitte & Touche. In this role, Gina managed various procedures for all internal audit clients in the southeast region. Annual audits consisted of financial, operational, IT and fully-integrated audits.Back to Facilitators