“We turned tribal knowledge into a repeatable, auditable playbook — think blue‑team discipline with rogue‑hacker swagger.

What we did:

• Recon: Interviewed engineers, architects, analysts, and leaders to expose undocumented ops and inconsistent controls.

• Exploit the gaps: Mapped policies, SOPs, and GRC to reveal missing/ineffective controls and untracked risks.

• Score & Prioritize: Work with second line of defense to standardized risk scoring (likelihood × impact) aligned to NIST/ISO.

• Deploy the framework: Process → Risk → Controls with owners, templates, review cadences, and preventive/detective/corrective controls.

• Ship culture: Accessible docs, continuous monitoring, and training to make resilience repeatable.

Result: From chaotic scripts to a hardened playbook — proactive risk management that works.

SPEAKERS:

• Curtis Jones – Technology Analyst II at LPL Financial

Curtis Jones is a cybersecurity professional with a strong background in information systems and a commitment to advancing enterprise security programs. He holds a bachelor’s degree in management information systems from San Diego State University (SDSU).

Curtis began his career in Technology Governance, helping mature the policy management process through annual reviews, new policy development, and alignment with the NIST Cybersecurity Framework. He later led the creation of the Process, Risk, and Controls (PRC) Program, establishing its foundational structure and driving its evolution.

He is currently focused on expanding the PRC Program by integrating Key Risk Indicators (KRIs) and building an enterprise risk register to support proactive approaches to risk. Curtis continually strengthens his technical expertise and holds certifications including Security+, CySA+, AWS Cloud Practitioner, and CRTO.

DETAILS:
Date: Thursday, March 19
Time: 12:00 – 1:15 p.m.
Location: In-Person and Online via Zoom
CPE: 1

ON PREMISES
XiFin, Inc.
12225 El Camino Real
San Diego, CA 92130
Attendance capacity is limited to 50

ONLINE
Online access is available via the chapter’s Zoom account (registration below).
Attendance capacity is 500