Ask the Experts: Securing Third Parties and Cloud Services
OL125-17 | On Demand | Update | Self-Study
In this engaging panel discussion, moderator Mark Burnette will host a panel of cybersecurity experts who will share their insights on securing the “cloud”, as well as how to properly and effectively secure third parties that are processing information on behalf of a company.
This video was recorded at the 2017 Cyber Security Conference
|Number of Credits||Type of Credits|
TEST YOUR SYSTEM
We have updated the format of the vidoes in the TSCPA On Demand Video Library to optimize your viewing experience. Please take a quick moment to view the video below and test your system.
Can you play the video above? If not, your network's firewall is likely blocking our on-demand courses. Please have an IT professional whitelist vimeo.com and vimeocdn.com. If you have additional questions, please contact TSCPA at 615/377-3825.Login and eMaterials: To access TSCPA's On Demand Video Library courses and related eMaterials, click on your My CPE page. All On Demand course purchases will be accessible from this personalized page.
Cancellations, substitutions and transfers are not available for On Demand courses or self-study products. By registering for this On Demand course, you agree to TSCPA's Policies and Procedures.
- Member (Early Bird)
- Non-Member (Early Bird)
Mark B. Burnette, CPA, CISA, CISSP, CISM, QSA
Mark Burnette is a Shareholder in LBMC’s Information Security practice. LBMC is the 45th largest accounting and professional services firm in the United States. Mark oversees LBMC’s information security consulting services and technical information security assessment capabilities, and serves as the service line leader for LBMC’s PCI (credit card security rules) security practice.
During his decorated career, Mark has served as the President and Global Practice Leader for a national information security consulting company and built and led information security functions for two major publicly-traded corporations. He worked for several years in key leadership roles with two of the Big 6 (now Big 4) accounting firms where he specialized in developing, implementing, assessing, and securing information technology solutions for companies in the healthcare, retail, manufacturing, banking, and insurance industries.
In 2005, while serving as the Global Information Security Officer for international insurance broker The Willis Group, Mark was named the Information Security Executive of the Year at the ISE Southeast Awards. In 2008, while serving as the Executive Director of IT Operations and Security for hotelier Gaylord Entertainment Company, he was named one of Information Security Magazine’s “Security 7” top seven security leaders, and was chosen by ComputerWorld Magazine as one of the Premier 100 IT Leaders for 2009.
In January 2011, the Information Systems Security Association (ISSA), the international trade association for information security professionals, named Mark a Fellow. This prestigious honor, which has only been granted to a handful of individuals worldwide, is bestowed by the ISSA Fellow Program for distinguished accomplishments in the field of information security, leadership, and future service to the association and profession. Mark’s unique background allows him to bring a “walk a mile in the shoes” perspective to all of LBMC’s security engagements. His experience building and running information security functions allows him to develop solutions that are relevant, practical, and actionable.
Recognized as an IT security expert by technology think-tank Gartner, Mark has repeatedly been featured as a subject matter expert on ABC and CBS television affiliates and in print media such as CSO, Secure Enterprise, Information Security, and ComputerWorld magazines. He is a regular collaborator with the Middle Tennessee office of the Federal Bureau of Investigation and has co-presented on cybersecurity with FBI agents several times. He is a noted author and a frequent speaker to International conferences and specialty groups such as the Tennessee Bar Association, the Pennsylvania Institute of Certified Public Accountants, the Tennessee Society of Certified Public Accountants, Information Systems Audit and Control Association, Institute of Management Accountants, Institute of Internal Auditors, & ISSA, and on College and University campuses across the United States. Mark also served as an Adjunct Professor of Accounting at Belmont University for four years, where he taught Accounting Information Systems.
Mark currently serves on the American Institute of CPAs’ national Cybersecurity Working Group. That group of cybersecurity experts has worked on behalf of the AICPA to update existing cybersecurity control descriptions for the CPA profession and to develop a new cybersecurity risk management attestation standard that will be publicly available in May, 2017.
During 2016, the AICPA also tapped Mark to develop a cybersecurity toolkit for its member firms that provides guidance on how CPA firms can develop and staff a cybersecurity consulting function that will allow them to offer cybersecurity services to their clients. The toolkit also provides a description of the nature of services that could be provided and insights on how to ensure they are effectively delivered to clients. In further recognition of Mark’s cybersecurity acumen, the AICPA asked him to lead the development of the AICPA’s official training curriculum on cybersecurity risk assessment and consulting services. This new training course, delivered for the first time in June 2017, will train the next generation of cybersecurity auditors and assessors in the proper scoping, evaluation, execution, review, and reporting of an entity’s cybersecurity posture.Back to Facilitators
Charles Henson has been in the IT industry for over twenty-five years, and is currently serving as Managing Partner for Nashville Computer. He started working for the growing firm in 1991.
In May 2010, he was invited to the Google Headquarters in California for his personal feedback on Google products. Redmond IT Magazine featured Charles regarding Backup Disaster Recovery Solutions. He was also featured in ChannelPro Magazine and hosts an online television show, InsecurITy TV on the Really Cool Humans TV Network. He’s an Amazon best-selling author. He has written three books, Hassle-Free Computer Support, Cloud Computing: A Guide for Executives & Business Owners and most recently The Business Owner’s Guide To I.T. And All Things Digital.
In his effort to give back, Charles is a mentor for other IT professionals. Each week he leads mastermind’s groups of IT leaders around the country, comparing notes and staying on top of technology problems, changes, and trends. In 2017, he took top honors at an international conference held by Robin Robins at the Omni Hotel in Nashville for his accomplishments and was named “Ambassador to the IT Industry”.
Charles is passionate about helping business owners and office staffs become well educated about all of the technologies that can help them grow, be more efficient, and stay safe dealing with today’s cyber security issues. Wanting to share his IT experience, he has become well known around the Nashville area through speaking engagements at seminars, giving interviews to news reporters, and hosting teleseminars and webinars.Back to Facilitators
Corey Wilson, CHPC, CICISO
Corey Wilson has over 28 years of IT, security, and healthcare privacy experience, and is currently the Chief Information Security Officer for Sound Physicians. Sound Physicians is a leading healthcare organization that provides acute episodes of care services to hospitals, that include emergency medicine, critical care, hospital medicine, transitional care and advisory services. Sound Physicians partners with over 200 hospitals across the country and employs over 3000 clinicians.
Corey joined Cogent Healthcare in 2004 with responsibilities over IT infrastructure and helpdesk areas, then in 2012 was asked to develop and lead the company’s first formal Information Security program. In 2014, Cogent Healthcare was acquired by Sound Physicians and Corey was again asked to lead the Information Security program for the combined organization.
During Corey’s tenure with Cogent / Sound, he has led the IT and Security teams through various projects including; business relocation and consolidation efforts, implementation of Sarbanes-Oxley requirements, internal and external investigations, and multiple company acquisitions, including the Sound acquisition of Cogent in 2014. Corey is also a member of Sound’s Compliance Board Committee with responsibility for the oversight and execution of the Sound Physicians Information Security Platform.
Prior to joining Sound, Corey served as an IT leader in various industries, including semiconductor manufacturing, research institute, library software development, academia, and real estate related IT services.
Mr. Wilson is a member of the Health Care Compliance Association, HIMSS, and Nashville Technology Council.Back to Facilitators
Gina B. Pruitt, CPA/CITP, CRISC, CISA, CCSFP
Gina Pruitt is the member-in-charge of risk assurance & advisory services with KraftCPAs. Her responsibilities include IT audit and consulting, risk management, internal audit, HIPAA compliance reviews, PCI DSS (Payment Card Industry Data Security Standards) compliance, network security assessment and network vulnerability assessment, Sarbanes-Oxley audits and service organization control (SOC) reviews.
Gina has more than 25 years of experience. She spent 10 years in Big 4 public accounting as the partner in charge of the Nashville practice of enterprise risk services (ERS) with Deloitte & Touche. Gina was also the national healthcare industry partner for ERS where she led the development of a national healthcare compliance consulting practice, a national NCQA certified HEDIS consulting practice, and a national HIPAA assessment and implementation consulting practice.
In addition, she was the southeast regional director for internal audit services at Deloitte & Touche. In this role, Gina managed various procedures for all internal audit clients in the southeast region. Annual audits consisted of financial, operational, IT and fully-integrated audits.Back to Facilitators