Host: Wendy Frank, principal, Deloitte & Touche LLP
Presenters: John Cusimano, managing director, Deloitte & Touche LLP
Veronica Lim, principal, Deloitte & Touche LLP
What do medical devices, autonomous vehicles, smart buildings, and industrial control systems have in common? They are all smart products or systems that interact with or control the physical world. This interaction makes them vulnerable to cyber incidents and the consequences can have serious health, safety, or environmental implications. We’ll discuss:
- Internet of Things (IoT) Security – Securing IoT devices such as connected cars, smart homes, and cities, etc.
- Product Security - Building security into smart products through design
- Operational Technology Security – Securing new and existing industrial control systems through various applications
Meet the speakers
Wendy, a principal at Deloitte & Touche LLP, is the Cyber IoT and 5G Leader in the Cyber & Strategic Risk practice of Deloitte Risk & Financial Advisory. She focuses on providing Cyber Risk services to Technology, Media & Telecommunications (TMT) industry clients, and is also part of the Cyber Internet of Things (IoT) offering. As a leader in product innovation, technology, and cybersecurity, she has counseled senior leadership at Fortune 500 companies and start-ups, as well as government agencies for more than 25 years. She provides business-focused, results-oriented insights using her knowledge of products and technology, with a relentless focus on cybersecurity and privacy. Prior to her role at Deloitte, Wendy was a principal at a large advisory organization in the TMT industry, servicing TMT clients as well as clients in the health care space. She also has experience in a variety of other industries including consumer products, retail, manufacturing, finance, education, media, government, construction, power & utilities, automotive, non-profit, and aviation. She founded and led 10 innovative cross-sector products throughout four different global platforms, all of which were related to security or cybersecurity. Additionally, she was the founder and leader of the Cybersecurity W2W (Woman to Woman) Group and the Strategic Technology W2W Group. Wendy also served as the Chief Security Officer, Content Security Program Leader, and Acting Chief Information Officer of a trade association in the motion picture industry. In these roles, she was responsible for the organization’s global security program and the content security program of the six major movie studio members. Wendy has degrees in Computer Science and Accounting from Alvernia University and received a Presidents and Key Executives MBA (PKE MBA) from Pepperdine Graziadio Business School. She holds multiple certifications and has presented at more than 40 domestic and global technology and security events.
Veronica has 30 years of experience in helping global companies transform their product security programs across several industries. Veronica is a founding member of Deloitte’s Product Security practice. She has extensive experience in building global Product Security programs from the ground up, embedding security and privacy into the development of new products and the support of products on market. She has led the development and operations of Product Security solutions for global organizations in alignment with industry leading practices, certification requirements, readiness to standards and certifications, as well as both regulatory and customer requirements. She has led several China market entry programs including compliance with CSL, DSL, PIPL, CBDT, CPCS, data localization, data governance, office and plant expansions, device certifications and product registration. She has also led several global Digital, ISRM, Manufacturing, Quality, Regulatory, and IT transformation initiatives across several industries. Further, she has authored several industry insights on product security. Veronica received a Bachelor of Science in Computer Science from the University of Denver. In her personal time, Veronica enjoys hiking and hosting and cooking dinners themed to various cultures around the world.
John is an electrical & computer engineer and business leader with more than 25 years of experience in process control, functional safety, operational technology (OT) and industrial cybersecurity. He has performed countless industrial control system (ICS) cybersecurity vulnerability and risk assessments. He is a voting member of the ISA 99 cybersecurity standards committee. As part of that committee, he chaired the subcommittee that authored the ISA/IEC 62443-3-2:2020 standard, "IACS Security Risk Assessment & Design." He is the developer and primary instructor of the multiple courses on OT cybersecurity. John is a Certified Functional Safety Expert (CFSE), a Certified Information Systems Security Professional (CISSP), Global Industrial Cyber Security Professional (GICSP), and ISA 62443 Expert.