Saturday, September 14

  • 08:30 AM - 12:00 PM
    SCCE's Annual Volunteer Project In additon to networking with your peers and listening to expert speakers, attending an SCCE Compliance & Ethics Institute gives you the opportunity to help a local area charity. Registration is free for this event and provides you with a volunteer t-shirt, lunch and transportation to and from the project location. It's a great way to start the CEI with fellow conference attendees, speakers, and SCCE board members.

Sunday, September 15

  • 08:44 AM - 12:00 PM
    Pre Conference Morning Session
  • 08:45 AM - 10:15 AM
    Breakout Sessions
    #P06
    P6: Cyber Security Due Diligence: Will You Be the One to Save Your Company & CEO From Disaster? Charles Shugg, Partner | Chief Operating Officer, Sylint Group, Inc
    • Discuss the importance and criteria for cyber security due diligence and how it affects corporate or organizational reputation damage, judicial punishment and senior executive careers
    • Review case studies that highlight the lack of "reasonable" corporate cyber security due diligence regarding processes, assets and incident response actions
    • Provide best practice guidance to improve senior executive awareness, reduce corporate risk and increase the likelihood of C-Staff career survival following a cyber security breach
    IT 106
  • 10:15 AM - 10:30 AM
    Networking Break Sunday
  • 10:30 AM - 12:00 PM
    Breakout Sessions
    #P14
    P14: GDPR Compliance Post-Mortems: Lessons Learned from Facebook, Uber, and Others Scott Giordano, V.P. and Sr. Counsel, Privacy and Compliance, Spirion
    • In the nearly 18 months since the EU GDPR was brought into force, several well-known companies have been penalized by EU data protection authorities for misuse and loss of personal data.
    • In this session, we will review these post-mortems, determine what went wrong, and discuss the implications for complying with the GDPR and other multinational data protection regulations going forward.
    • We will also examine recent European Data Protection Board (EDPB) opinions and discuss how they affect overall compliance strategy
    IT 205
  • 12:00 PM - 01:30 PM
    Sunday Lunch (On Your Own). Braindates Time Need Ideas for lunch? Check in with the registration desk to find where to go to grab a quick bite or to mingle with old friends or new peers.
  • 01:00 PM - 04:45 PM
    Pre Conference Afternoon Session
  • 01:30 PM - 03:00 PM
    Breakout Sessions
    #P22
    P22: Move the Needle - Active Agent Approach to Cybersecurity and Data Protection Compliance Brian Novack, Lead Compliance Analyst, AT&T Oleg Vasilyev, Director Compliance, AT&T
    • Core products and processes at each company are dependent on IT. Active threats continue to evolve and drain resources. This limits a company's ability to reinvest, develop products, expand offerings to drive the next wave of growth, or to remain viable.
    • To help, compliance must become an active partner supporting all facets of a company to establish the expectation for compliance, plan for compliance upfront, and drive compliance through strategic resource investment that is balanced with the risk.
    • We will discuss an approach to help move companies towards active compliance, enabling each of us to build a solid foundation on which to reduce the threat opportunity and most importantly: Move the Needle.
    IT 213
  • 03:00 PM - 03:15 PM
    Networking Break
  • 03:15 PM - 04:45 PM
    Breakout Sessions
    #P30
    P30: Software License Compliance & Vendor Management: Why It's Mission-Critical To Reputation & Cybersecurity, 10 Reasons It's Hard (& Getting Harder), & 10 Action Tips For You & Your Team Henry Jones, Owner, Law Office of Henry W Jones III & Intersect Tech.
    • Non-Compliance, Now: How Traditional Purchasing & IT Processes + Vendor & Technology Changes Have Landed Nearly Every Entity In Contract Breach, Copyright Infringement, & Security & Reputation Risk
    • Digital Dependency Reduction & Organizational Quality Control: Best Practices: Recommended, Rank-Ordered Action Items For Compliance Professionals To Help Purchasing, IT & Other Colleagues See & Fix Software License Compliance
    • Get To Not Just Yes & Fixed, But Also Thank You: Tips For Software-Specific Change Enablement, Quantification, Persuasion, Charm, Evidence, Appreciation, Budgeting, & Career Benefits
    IT 221
  • 04:45 PM - 06:30 PM
    Breakout Sessions

Monday, September 16

  • 07:00 AM - 08:00 AM
    Continental Breakfast, Exhibitor Networking and Braindates Time
  • 08:00 AM - 08:15 AM
    Opening Remarks and Awards Presentation
  • 08:15 AM - 09:15 AM
    General Session: From Crisis to an Electric Future: Inside the Cultural Transformation of One of the Largest Companies in the World. A Disscusion. Kurt Michels, Chief Compliance Officer, Volkswagen Group Matt Kelly, Editor & CEO, Radical Compliance -Starting a transformation in the aftermath of a crisis
    -Behind the scenes of Volkswagen’s cultural transformation: the strategies that drove the turnaround
    -Using a crisis to implement change: Lessons learned for compliance professionals
  • 09:15 AM - 10:00 AM
    Networking Break with Exhibitors
  • 10:00 AM - 11:00 AM
    Breakout Sessions
    #106
    106: Privacy Trends in the US and Implications for US and Global Organizations Teresa Troester-Falk, President/Founder, Blue Sky Privacy

    -For the past 2 years, the GDPR has garnered the attention, resources and budget of organizations, but privacy is in the headlines almost everyday in the US and the new California Consumer Privacy Act will take effect Jan 1, 2020 as well as Nevada’s new law in October of this year -Several other States are considering similar legislation and these new US laws and increasing regulator attention will impact operations -This session will provide you with an overview of the state of play of US privacy laws and bills and provide practical insight into how organizations are handling these changes and trying to “future-proof” their operations in order to efficiently deal with any forthcoming law
    IT 306
  • 11:00 AM - 11:30 AM
    Networking Break
  • 11:30 AM - 12:30 PM
    Breakout Sessions
    #206
    206: Password Techniques and Strategies to Promote a Higher Level of IT Security Frank Ruelas, Corporate Responsibility Officer, Hospital Setting

    -Learn key criteria applicable to passwords that have the potential to contribute to a higher level of security with respect to the organization’s information system - Common myths and mistakes that may compromise the strength of passwords - Review and consideration of effective administrative, physical, and technical safeguards to apply to your organization’s password management policy
    IT 356
  • 12:30 PM - 01:15 PM
    Networking Lunch & Braindates Time Starter: Spinach salad Entrée: Mustard and thyme chicken breast Dessert is served in the Exhibit Hall
  • 01:15 PM - 02:00 PM
    Dessert and Networking Break with Exhibitors
  • 02:00 PM - 03:00 PM
    Breakout Sessions
    #306
    306: Demystifying Government Cybersecurity Compliance David Kessler, Public Sector Product Compliance Counsel, Verizon
    • Understand the alphabet soup of the Federal government cyber security landscape, including FISMA, NIST, FIPS, FedRAMP, CNSSI 1253, IRS 1075, and similar requirement
    • Learn techniques for encouraging compliance-by-design for Federal cyber security requirements in a commercial company
    • Appreciate how compliance with Federal cybersecurity requirements can reduce a commercial company’s overall cyber security risk
    IT 406
  • 03:00 PM - 03:15 PM
    Networking Break
  • 03:15 PM - 03:30 PM
    General Session: DOJ Evaluation of Corporate Compliance Programs Guidance Document Matthew Miner, Deputy Assistant Attorney General, DOJ, Criminal Division
  • 03:30 PM - 04:15 PM
    General Session: Investigations and Integrity in the Spotlight Michael Horowitz, Inspector General, United States Department of Justice Adam Turteltaub, SCCE & HCCA staff, SCCE & HCCA staff