
Gone are the days when audit preparation was a once-a-year exercise. With expanding regulations, hybrid environments, and pressure to prove compliance at any moment, organizations face an uncomfortable truth: gaps exist—and they’re growing.
In this Cyber Risk Series: Audit & Compliance Edition leading experts, practitioners, and compliance strategists come together to address one core issue: how to build a state of always-on audit readiness without gaps.
We’ll examine the root causes of audit fatigue, explore what continuous compliance looks like in practice, and reveal how forward-thinking teams are automating their way out of reactive cycles—with new innovations designed to bring policy and proof together in real time.
June 25, 2025
9:00 AM – 12:00 PM PT
Don’t miss the opportunity to learn from industry experts. Register now.
Featuring

Milan Patel
Chief Client Enablement Officer
Schellman

Rowenna Fielding
“Miss IG Geek”
Data Protection, Privacy & Data Ethics Consultant

Charity Otwell
Director for Critical Security Controls
Center For Internet Security

Jonathan Armstrong
Partner
Punter Southhall Law

Steven Lodin
VP, Information Security
Sallie Mae

Jonathan Trull
CISO & SVP Customer Solutions Strategy
Qualys

Anu Kapil
Senior Product Manager
Qualys
Agenda
9:00 AM PT
Compliance Return on Investment – Reframing Qualitative and Quantitative Value
In this session, Milan will discuss Compliance ROI, what have been the traditional challenges and how we got here, and how transformative metrics can be used to show quantitative cost savings, as well as support overall increase of security posture and automation towards continuous compliance. He will discuss specific, practical metrics and process changes that will streamline the compliance process and provide the ability to articulate cost savings in a meaningful way. He will address what specific benefits you can expect including how this will increase response and engagement from the engineering team, drive longer term continuous compliance in a scalable, and increase general trust and support from the engineering teams.

Milan Patel
Chief Client Enablement Officer
Schellman
9:30 AM PT
Cui Bono: Why Comply?
Cui bono – who benefits? While it may seem that privacy and data protection laws are a burden to business; there are also significant advantages to having well-managed data, strong assurances, and confidence in digital safety measures. In this session Rowenna will explore the strategic and operational benefits of taking an ethics-led approach to data, and ways in which an organization can move from performative gestures towards meaningful change.

Rowenna Fielding
“Miss IG Geek”
Data Protection
Privacy & Data Ethics Consultant
10:00 AM PT
CIS Controls – The Smart Starting Point for Cyber Risk Reduction
Learn how the CIS Controls offer a prioritized roadmap for building a strong security foundation and aligning with broader frameworks. Charity will share real-world examples from her governance and risk work in finance to illustrate practical application.

Charity Otwell
Director for Critical Security Controls
Center For Internet Security
10:30 AM PT
The Legal and Regulatory Shifts Facing Today’s Security Leaders
The last 12 months have been possibly the most turbulent for CISOs on the legal front with new legislation like DORA, NIS2 and the EU AI Act. In addition, prosecutors are increasingly looking at personal liability with high profile investigations into CISOs and litigation on the rise. And recent events remind us that attacks hit share price which gets boards engaged. In this session we’ll look at the challenges for CISOs and security professionals and some of the solutions.

Jonathan Armstrong
Partner
Punter Southhall Law
11:00 AM PT
Fireside Chat: Moving Beyond the Checklist to Drive Better Security Outcomes
Join a candid conversation with security leaders as they discuss real-world strategies to move beyond check-the-box compliance. Learn how risk-based approaches, automation, and continuous controls monitoring are transforming audit readiness into a foundation for stronger, more resilient cybersecurity programs.

Steven Lodin
VP, Information Security
Sallie Mae

Jonathan Trull
CISO & SVP Customer Solutions Strategy
Qualys
11:30 AM PT
Audit Ready Always – The New Standard for Scalable Compliance
Staying compliant across evolving frameworks like DORA and PCI DSS 4.0 often feels like a never-ending fire drill. It’s costly, reactive, and often misaligned with business priorities. In this session, we’ll explore why traditional compliance approaches are buckling under modern pressure and how forward-thinking organizations are transforming compliance into a strategic advantage.
You’ll learn how automation and risk-based prioritization can reduce audit fatigue, simplify reporting, and keep your organization continuously prepared for any mandate without draining resources or creating chaos.

Anu Kapil
Senior Product Manager
Qualys