As many of our readers know, this website has often referred the Association of Contingency Planners (ACP) organization as a great source of information regarding business continuity and cybersecurity.
With that in mind, and given the focus of a webinar to be hosted soon by ACP, we invite our readers to join IT/Security and Business Continuity Professionals as they explore the challenges of integrating information security and business continuity goals and objectives.
Click here to register for this webinar which will be held Tuesday, October 12th from 11:00 am to noon (EST).
If applicable, please pass this information along to those cybersecurity, information security, network security risk, business continuity or risk management team members in your organization.
The biographies of this webinar’s panel of experts are:
Daniel A. Dec, CISA, CISM
Daniel is the Senior Vice President of Information Security at Fusion Risk Management, Inc. assisting clients build effective, efficient and economical IT Risk Management solutions. Dan has also held positions as Chief Information Security Officer at Conseco insurance and as a Partner with PricewaterhouseCoopers LLP where he co-led the Business Recovery consulting practice and managed the regional IT Security Risk practice. Dan was also responsible for content management within the Global Risk Information Management division. Dan has over 20 years experience in Information Technology.
He has taught several classes and is a frequent speaker on the subjects of IT Security, Audit and Compliance and Business Continuity Planning including Pandemic Planning and has published several articles on these subjects. Dan also drafted the original Certified Information Security Manager (CISM) Review Manual and the CISM Review Presentation used to teach the topic for the international Information Security Audit and Control Association (ISACA). Dan Hold s a CISM and CISA and is a former President of the Chicago ISACA chapter.
Related experiences include:
- Performing as Chief Information Security Officer (CISO) for a National Insurance firm Dan was responsible for the implementation of Information Technology controls in compliance with HIPAA and Sarbanes-Oxley often involving over 100 people project members;
- As the CISO he also implemented a Security Program and lead the firm through related GLBA, Sarbanes-Oxley and HIPAA requirements including related Continuity Planning requirements which included extensive integration with internal and external auditors and other third-party service providers;
- Led the development and implementation of a governance and compliance process regarding Operational Risk including the coordinating and chairing a multi-functional senior steering committee;
- Co-authored the development of IT Risk Assessment methodology including the integration of regulations and generally accepted standards that is the cornerstone of Fusion’s approach;
- Led a project to assess the business risk and designed and implemented a recovery strategy and plan for companies in a wide variety of industries including Financial Services, Manufacturing, Government, Distribution, and others;
- Created a Security Policy and Information Breach procedures for companies of various sizes following standards and regulations such as HIPAA, CobIT, ISO27002, FISMA, FACTA (Red-flags) and others;
- Led a team, which identified and prioritized mission critical processes, developed recovery strategies, documented and implemented Business Recovery Plans for a National Consumer products firm. This project includes integrating multiple systems strategies and multiple locations into a cohesive recovery plan;
- Completed a multi-national risk assessment for global integrated circuit manufacturer and developed a strategy to manage and improve its overall risk exposure.
David A. Kondrup, MS SPHR
dk@CyberDiligence.com (516) 507 – 4322
Master of Science – Long Island University
Bachelor of Science – New York Institute of Technology
Certified Senior Professional in Human Resources (SPHR)
David Kondrup was a 3 Star Chief with the Nassau County Sheriff’s Department, a 1,260 person law enforcement agency serving a suburban community of 1.3 million residents adjacent to New York City where he also served as the Director of Human Resources and as the NIMS and Incident Command Liaison to the Office of Emergency Management. He is also a twenty year veteran of the New York City Police Department where he supervised and commanded personnel in a variety of mission critical assignments.
Currently he is Vice President, Strategic Initiatives for Cyber Diligence, Inc. and C.E.O. of All Business Management LLC.
During the course of his career Chief Kondrup coordinated numerous technology initiatives and served as an incident commander, as well as a variety of General Staff and Command Staff positions for expanding incidents including natural and manmade disasters such as Nor’easter storms, blizzards, bombings, civil disturbances, the implementation of new computer systems, change management initiatives and major investigations.
In addition to traditional law enforcement positions he also served as the Confidential Advisor to the Deputy Police Commissioner, worked on strategic projects directly for three Police Commissioners and served as the Liaison Officer to the Korean National Police. He has been awarded 20 department medals and in 1995 then Lt. Kondrup designed the NYPD’s Purple Shield Medal.
Chief Kondrup’s experience includes testing and preparing emergency generators and power systems, inspecting facilities for Y2K, contingency planning, business continuity management, implementing new computer systems, commanding City-wide response units during blackouts, civil disturbances and crisis response to natural and man-made disasters.
Chief Kondrup has held positions in the private sector as a Corporate Director of Facilities Management for a firm with 17 sites in the metropolitan New York City area, and as a Manager of Security Operations for a division of the New York and American Stock Exchanges where he was involved with infrastructure protection, (including bomb detection), the setup of Emergency Command Centers, Continuity of Operations and the testing of Business Contingency Plans.
Since 1990 he has been a member of the International Association of Chiefs of Police and a member since 1985 and served as a Board Officer of the American Academy for Professional Law Enforcement. He is also a member of the Contingency Planners Exchange, the Association of Contingency Planners, and the Society for Human Resource Management.
Available as a subject matter expert and consultant for: executive briefings & staff briefings, computer forensics, cyber security, presentations, School Safety, NIMS & ICS training, review of NIMS & ICS capabilities, management analysis, training, planning, after-action reports, threat assessments, crisis and business continuity/contingency management, Pandemic Flu, facility and security reviews.
Certified by DHS to teach NIMS and ICS courses ICS-100, ICS-200, ICS-300, ICS-400, IS-700, IS-800; ICS-401 for Executives and Senior Officials; and certified by DRii to teach Business Continuity Management (BCLE1500).
Donald Byrne, CBCP, CDCP, CBRO-M, Lead Auditor, Adjunct Professor, Boston University
The former CEO of several companies, Don Byrne brings an executive perspective to resiliency planning. Don’s expertise includes all types of technology, dealing with operational challenges, and strategic planning. He is on the Board of Directors of several companies and professional organizations. His experience includes working with government agencies and firms in legal, insurance, manufacturing, maritime, energy and supply chain fields, as well as, cultural institutions, non-profits and data centers. Don is an Adjunct Professor at Boston University where teaches graduate programs in business continuity, risk and security.
A sought-after speaker at conferences, Don serves as a Director of several professional societies. Currently, he is the Association of Contingency Planners representative to the ANSI National Accreditation Board’s Committee of Experts (ANAB-COE). Working under a contract with the Department of Homeland Security (DHS) this group is charged with developing national standards and practices for the United States in the area of Business Continuity Management and advising the government on the PS-Prep program. Don is also a member of the core technical committee working with the American Society for Industrial Security (ASIS International) on a forthcoming international (ISO) standard in the area of business continuity.
A Lead Auditor, Don is the Program Manager for Business Continuity at one of the largest certification firms in the U.S. He has participated in sanctioned audits of international standard BS 25999 in both the US and Asia. Don is working with other interested parties and organizations to develop a small business continuity standard, a community resiliency benchmark tool, and personal preparedness guidelines.
A graduate of the U.S. Army Chemical and Biological Warfare School, Don has spent much of the past thirty years working in the fields of computer development, emergency management, business continuity, and operational resiliency. His technical expertise includes storage technologies, customer relationship management, document management, and workflow solutions. He has been the CEO of several successful firms involved in the development of risk management software and is active in the emerging area of electronic discovery (e-Discovery).
An entrepreneur and former venture capitalist, he has helped launch several technology firms. Don is the founder and Managing Director of North River Solutions (NRS), a consulting, and research firm; and is CEO of Metrix411, a software company specializing in assessments and business benchmarking. Both these companies maintain a worldwide presence with offices in North America, Europe, the Middle East, and China. North River Solutions offers a full range of business and resiliency planning services including strategy development, pre-audit assessments, crisis management, risk assessments, business impact analysis, education and awareness programs, executive communications training, and plan testing and evaluation.
NRS has teamed with several insurance firms and leading educational organizations to develop specialized programs for various government, private sector, and non-profit institutions. Working with others, the firm has developed the Resiliency-1™ Index, a benchmarking tool that assesses an organization’s level of preparedness across twelve operational areas. Similar assessment tools covering various ISO standards as well as supply chain concerns and the threat from natural hazards are in active development and will shortly be available from Metrix411.
Don holds degrees in mathematics and philosophy, has a Masters in International Marketing, and has earned professional certifications in the areas of business continuity planning (CBCP) and data center operations (CDCP). He is an ISO Lead Auditor and a contributing writer for the Domestic Preparedness Journal and the NEWS website https://www.continuitycompliance.org/ .