IT Summit - Fall
Wednesday-Thursday, September 11-12, 2019

SynerComm's 17th Annual IT Conference, at Potawatomi Hotel & Casino

Registration Closed

Abstract

Compliance doesn't equal security and security doesn't equal compliance.

Presented by

SynerComm logo

Presentation

Download

Bill Curtis, Jeff Lemmermann, Paul Hendler

CISSP, CISA, CCSP, QSA, Managing Consultant; CPA, CISA, CITP, C|EH, Information Assurance Consultant; CISSP, CISA, QSA, Sr. Information Assurance Consultant
SynerComm

Bill Curtis

History

As an accomplished Information Technology leader, Bill offers a wealth of expertise garnered from a successful and progressive 30+ year career in Information Systems, Systems Auditing and Program Management.

Prior to working with SynerComm, Bill spent seven years with Caterpillar, Inc., a $65B publicly traded global enterprise, supplying strategic direction and tactical leadership for a team of domestic and international professionals supporting and executing IT, Information Security and 6-Sigma based projects.

Responsibilities

Bill began his tenure with SynerComm as an Information Assurance Consultant. His responsibilities in this role included conducting security audits and information security program assessment and development.

After 5-years with the organization Bill stepped into a Managing Consultant role. In this role Bill oversees the team engaging clients in the development, assessment and maturing of their information security program.


Jeff Lemmermann

History

Jeff has more than 20 years of experience implementing and developing IT solutions with a proven record of accomplishment, developing a risk services practice for a public accounting firm, and working as a consultant in many industries including banking, healthcare, and construction. He worked for 21 years in public accounting, gaining valuable audit experience with clients of all sizes. He continues to assist in the development of the CPA and CITP credential programs.

Prior to joining SynerComm, Jeff served for 5 years as the CIO for a manufacturing company, delivering company-wide key performance Indicators through data integrations, developing IT audit and assessment programs, and securing environments to protect information assets.

Responsibilities

Jeff began his tenure with SynerComm as an Information Assurance Consultant. His responsibilities in this role include: conducting information program security audits, information security policy development, incident response and business continuity planning consulting, and security awareness training.

Jeff has experience working with a variety of frameworks and compliance requirements, including NIST, PCI, and SOC related audits.

He currently speaks on information security topics for several professional groups and is part of the editorial board for the Wisconsin CPA magazine, On Balance.


Paul Hendler

History

Paul Hendler has over nineteen years of information technology (IT) experience, with additional experience in security controls from his time serving as a United States Naval Officer. Prior to working with SynerComm, Paul worked as a Security Consultant to advise and assess financial, state government and industrial institutions on all components within the area of information security. In addition, Paul spent several years as an Information Security Officer (ISO) with federal medical providers, delivering deployment of the entire NIST 800-53 control framework, to meet compliance with FISMA and the HIPAA security rule. Within his role as an ISO, he took part in leading the information security program and successfully passed multiple certification and accreditation (C & A) audits and inspections, resulting in recognition of several business best practices under his direct management. He has also worked in enterprise environments, assessing and enhancing defensive security postures.

Responsibilities

As a Senior Information Assurance Consultant with SynerComm, Paul reviews and advises on FISMA and NIST based security controls to assist with constructing System Security Plans (SSP). He performs information security audits, risk assessments, vulnerability assessments, PCI-DSS assessments and information security controls assessments. He also advises clients on the deployment of security controls, information security program management and how to use policy and procedures to support those efforts and programs.