Veritas GRC and Schellman LLC Partner on Board Cyber Governance Education
By: Andy Watkin-Child, Ted Dziekanowski
Boards require new approaches and models for cybersecurity risk management under cyber-legal rulings and laws. Veritas GRC is the only organization uniquely positioned to address this global challenge.
Veritas GRC delivers solutions for managing, overseeing, and assuring cyber risk. We provide thought leadership, consulting, and educational solutions to Governments, Agencies, Commissions, and Corporations, reducing the impact of cyber regulatory compliance.
At Veritas GRC, our mission is to empower organizations to navigate the complex landscape of cybersecurity threats with confidence and resilience. We are dedicated to providing unparalleled expertise in cybersecurity risk management, offering strategic solutions and education that safeguard our clients’ digital assets and ensure uninterrupted business operations.
Driven by a commitment to excellence, innovation, and client success, we strive to be the trusted partner for boards, officers, and executives seeking to proactively manage and mitigate cybersecurity risks. Our team of seasoned professionals combines deep industry knowledge, cutting-edge technology, and a proactive approach to deliver customized solutions that align with our clients’ unique needs and objectives.
At Veritas GRC, our vision is to redefine the standards of cybersecurity excellence, setting the benchmark for proactive risk management and resilience in the digital age. We aspire to be the leading authority in safeguarding organizations against evolving cyber threats through knowledge, education, and actionable data.
Driven by innovation and expertise, we envision a world where businesses operate confidently in their digital environments, fortified by robust cybersecurity strategies tailored to their unique needs.
We uphold the highest ethical standards in all our interactions, fostering trust and transparency with our clients, partners, and colleagues.
Our client’s success is our top priority. We listen attentively to their needs, deliver customized solutions, and go above and beyond to exceed their expectations.
We embrace innovation as a catalyst for progress, constantly seeking new ways to enhance cybersecurity effectiveness, efficiency, and resilience for our clients.
We are committed to continuous learning and development, maintaining deep industry knowledge, and staying abreast of the latest cybersecurity trends, technologies, and best practices.
We empower our clients with the knowledge, skills, and resources they need to confidently navigate the complexities of cybersecurity risk management, enabling them to embrace digital transformation securely and achieve their business objectives.
Andy Watkin-Child CEng, CSyP, MSyI, MIMechE
Andy is a 20-year veteran of cyber security, risk management, and technology. He has held international leadership positions in the 1st and 2nd Lines of Defense (LoD) for cyber security, cyber risk management, operational risk, and technology for companies across engineering and manufacturing, financial services, publishing, and media. Working with leadership teams of companies with balance sheets over €1 trillion. He is an experienced member of management boards, global risk leadership teams, cyber security, operational risk, and GDPR committees.
Andy holds Royal Charters in Security (CSyP), recognized by the UK Centre for the Protection of National Infrastructure (CPNI) and Engineering (CEng). He has a place on the UK’s Register of Chartered Security Professionals. Andy is a member of the Security Institute (MSyI), the largest UK members-only security trade association, a Freeman of the Worshipful Company of Security Professionals (CSP), and a Freeman of the City of London. He is a counsel-appointed expert witness specializing in cyber and risk management, and advised the Information Commissionaires Office (ICO) on high-profile GDPR cases. He is a founding member of the US CMMC Accreditation Body (CMMC-AB) standards working group, developing the CMMC assessment methodology.
Andy is the Founding Partner of Parava Security Solutions, an independent cyber risk management advisory firm supporting organizations to deliver cyber risk management and regulatory programs. He runs CMMC Europe, an advisory company that supports the European DIB deploy CMMC.
Ted Dziekanowski
Ted is a cybersecurity veteran with over 40 years of experience designing, delivering, overseeing, and assuring cybersecurity and risk management systems. Ted’s area of expertise is risk management in Information Technology developed over decades. He is an experienced systems auditor and integrator, giving him a unique insight into the challenges of developing an eGRC program that satisfies the compliance requirements of organizations of all sizes.
He is an internationally recognized cybersecurity, risk management, and Information system auditor and a highly respected security trainer authorized to train ISACA CISA, CISM, CRISC, ISC2 CAP, CCSP, and CISSP. He holds DoD secret clearance and has taught causes for various public and private sectors (available on request).
Ted has a proven record providing training to an extensive range of public and private sector clients, including the US States Army, Navy, Air Force, Marine Corps, Defense Intelligence Agency, NSA, DHS, US Treasury, DoA, DoJ, DoL, Federal Reserve Bank of the U.S, Boeing, Lockheed Martin, Northrop Grumman, General Dynamics, General Electric, Microsoft, Verizon, AT&T, IBM, HP, SAP, Cisco, Dell, VMWare, Blackberry. Wells Fargo, Charles Schwab, PNC Bank, JPM, Goldman Sachs, Options Clearing Corporation, AIG, Bank of Canada, MasterCard, Bank of New York Mellon, Prudential Insurance, Bloomberg, Blue Cross Blue Shield of NJ, CVS Health. PWC, EY, Booze Allen, Deloitte, Health Canada, Home Depot, Nestle, M&M Mars, MIT Lincoln Labs, Johnson and Johnson, Merck, Novartis, and Lowes, to name a few.
Brian McCarthy
Brian is the founder and President of 327 Solutions, Inc., a global technology, cybersecurity, and risk management training firm with over 30 years of experience in training design, development, facilitation, and human capital performance. Brian enables the best solutions for measurable impact and improvement, from pharmaceutical product launch training to reskilling thousands of developers in the financial sector to Department of Defense (DoD) compliance.
Brian formed 327 Solutions in 2014, has worked with every DoD service branch and most prime contractors, and has deployed training globally. 327 has created global soft-skills programs for organizations like Thomson Reuters in multiple localized languages, recruited and staffed multi-lingual global facilitation teams, and architected multiple telecom programs for teams like Comcast and Verizon. 327 Solutions has placed the top echelon of cybersecurity, risk management, compliance, audit, and technology trainers for organizations such as Global Knowledge, Marines, University of Arizona, and leading “Bootcamp Styled” training providers.
327 Solutions is an ISACA ELITE Authorized Training Organization (ATO), delivering the highest caliber training and ISACA programs for information management, audit, risk, and cyber, with resources to deploy globally.
Amid increased regulatory scrutiny from the SEC and EU (NIS2/DORA), boards and executives must grasp cybersecurity risk management intricacies.
Veritas GRC understands the challenge of demonstrating due diligence and competence. Our educational solutions offer a single source to meet regulatory demands, providing the tools and knowledge to navigate complexities confidently.
Cyber risk management has become a pivotal focus in today’s complex legal and compliance environment, compelling boards to establish robust programs for regulatory oversight and assurance.
At Veritas GRC, our expert team stays ahead of cybersecurity regulations, offering comprehensive guidance to manage cyber risks and ensure compliance. With our tailored approach, we empower organizations to navigate the intricate regulatory landscape confidently.
In today’s rapidly evolving cyber landscape, ensuring regulatory compliance and robust cybersecurity strategy delivery is non-negotiable. Our tailored 3rd Line of Defense cyber audit is your key to closing the cyber risk gap and fortifying board cyber governance. With our trusted internal audit partners, we ensure compliance with cybersecurity standards, empowering your board to confidently attest to regulatory compliance. Don’t just meet baseline requirements—thrive in cybersecurity assurance with our expert solutions.
We’ve cultivated and are continually expanding a vibrant cybersecurity community that fosters informal learning. Our dynamic environment encourages collaboration, knowledge sharing, and ongoing growth. This network not only enriches the professional development of its members but also strengthens the overall resilience of the cybersecurity community.
Your gateway to global cybersecurity training and certification excellence! Join forces with us to access world-class programs curated by leading authorities such as ISC2, EC-Council, CompTIA, ISACA, and the Cloud Security Alliance.
Dive into top-tier programs including CISSP, CCSP, CISM, CRISC, CISA, CGEIT, CCAK, and more. Elevate your cybersecurity prowess and stay ahead in today’s dynamic landscape!
By: Andy Watkin-Child, Ted Dziekanowski
By: Andy Watkin-Child and Peter Thornton MBE
By: Andy Watkin-Child, Ted Dziekanowski, Rachel V. Rose, & Bob Dix.
By: Andy Watkin-Child, Ted Dziekanowski
By: Andy Watkin-Child, Jamie Foster
By: Andy Watkin-Child, Ted Dziekanowski, & Rachel Rose
Cybersecurity risk management poses legal and regulatory challenges, necessitating a structured approach to mitigate board liabilities. We collaborate with boards to evaluate their cybersecurity competencies and establish organizational frameworks for regulatory compliance.
Boards and Accountable Executives, due to new regulatory oversight by the Security and Exchange Commission (SEC) and European Union (NIS2/DORA), must have a unique awareness of not only cybersecurity risk management but also an understanding of how SEC, EU, and other regulators will interpret their actions as board members and accountable executives. With the SEC cyber ruling in effect now and EU oversights coming online in the third quarter of 2024, organizations must build their leadership teams to manage cyber risk proactively to attest to cyber risk management maturity.
Veritas GRC is the single answer to address these requirements, helping organizations show due-diligence in competence and competency.