Free to ISC2 members, attendees will learn about essential GRC insights from industry leaders at the two-day virtual event

Alexandria, VA, May 3, 2023 – ISC2 – the world’s largest nonprofit association of certified cybersecurity professionals, today kicks off the inaugural ISC2 Spotlight on Governance, Risk and Compliance, with more than 3,000 cybersecurity professionals in attendance. The two-day virtual event is taking place on May 3 and May 4 from 10 a.m. to 1:05 p.m. ET each day. The event allows attendees to learn about the latest challenges and best practices in governance, risk and compliance (GRC) from industry experts and thought leaders.

This virtual event is open to cybersecurity professionals at every stage of their careers and will be available for on-demand viewing after the event for all registrants. ISC2 Members, Candidates and Associates can attend for free and earn 5.5 CPE credits.

Over the past decade, GRC has become critical to ensuring cybersecurity risks are correctly monitored, mitigated and controlled. As adversaries continue to innovate and the regulatory landscape across sectors becomes even more complex, ensuring organizations have a strong GRC framework is critical for successfully and securely scaling business operations.

“The ISC2 Spotlight on Governance, Risk and Compliance provides an unparalleled opportunity for cybersecurity professionals to understand modern-day challenges, identify the necessary resources and take critical steps to build a resilient GRC program," said Clar Rosso, CEO, ISC2. “With the demand for GRC practices surging globally, we are thrilled to see such a strong turnout for our inaugural event as it provides attendees with the opportunity to expand GRC skill sets, add value to their organizations, and progress in their careers.”

The Spotlight begins with a session titled “Cyber Risk Excellence: Risk Infused with Threat Intelligence, a Secure Culture and Partnerships,” from Brenda Bjerke, CISSP, CIPP, Senior Director of Cybersecurity, Target. Bjerke will cover how internal collaboration and cyber risk and threat intelligence partnerships drive meaningful conversations about risk tolerance, governance and policy.

The event agenda also includes sessions and panels on:

  • Cyber Risk Management Strategies – A CISO’s Perspective
  • Third-Party Risk Management: What You Don’t Know CAN Hurt You
  • Cyber Risk is Business Risk: Maximizing Your Cyber Insurance Coverage with Attack Surface Risk Management
  • Building Your Risk Management Program for Success
  • Regulatory Operations: Understanding the Impact and How to Improve

All sessions will be moderated by Brandon Dunlap, Senior Executive Partner, Security & Risk Management, Gartner.

Additional event speakers include:

  • Anil Karmel, Co-founder and CEO, RegScale, Inc.
  • Andrew J. Smeaton, CISSP, CISM, CISA, CGEIT, CRISC, Chief Information Security Officer, Afiniti
  • Richard Marcus, VP, Information Security, AuditBoard
  • Chris LaFleur, Global Manager, Incident Response, Trend Micro
  • Gregory Rasner, CISSP, CCNA, CIPM, ITIL, Author of "Cybersecurity and Third-Party Risk" and SVP, Cybersecurity, Truist Financial Corp.

ISC2 is committed to advancing cybersecurity professionals’ knowledge of GRC through education, certificates and the CGRC certification. Learn more on how to get involved.

About ISC2
ISC2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, ISC2 offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our association of candidates, associates and members, more than 365,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education™. For more information on ISC2, visit, follow us on Twitter or connect with us on Facebook and LinkedIn.

© 2023 ISC2 Inc., ISC2, CISSP, SSCP, CGRC, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and CBK are registered marks, and CC is a service mark of ISC2, Inc.

Media Contact: