Resilience in the Age of Al: Threat or Opportunity?

Event Title: Resilience in the Age of Al: Threat or Opportunity?

Format: Live webinar - after registration via Eventbrite. 1 CPE for attendance.

Synopsis:

Building cyber resilience requires more than policies, tools, or even talented teams it demands proof that your defenses can withstand real-world threats. Testing your environment before attackers do is essential. Controlled, realistic simulations such as penetration testing, red teaming, and cyber tabletop exercises expose vulnerabilities in systems, processes, and people under safe conditions. This proactive approach turns potential weaknesses into opportunities for improvement, reducing the likelihood and impact of a successful attack. Testing not only validates security controls but also strengthens response coordination, builds confidence in incident management, and ensures that resilience is embedded in the organization’s DNA not just in theory, but in practice.

How do you build a cyber resilience testing program from the ground up?

1. What should be tested in an organization to truly strengthen resilience systems, processes, people, or all of the above?
2. How often should resilience tests be run, and how do you balance frequency with operational impact?
3. Can you share a real-world example of a cyber testing scenario and how it helped uncover gaps or improve response?
4. What strategies have you found most effective for building cyber resilience within an organization?

Key takeaways:

1. Start with a structured framework and threat-based scenarios to build your resilience testing program.

1. Test systems, processes, and people together to uncover real vulnerabilities.
2. Start with a structured framework and threat-based scenarios to build your resilience testing program.
3. Test systems, processes, and people together to uncover real vulnerabilities.
4. Run tests regularly but tailor frequency to business impact and criticality.
5. Simulated attacks reveal hidden gaps and drive meaningful improvements.
6. Leadership, culture, and layered defenses are essential for lasting cyber resilience.

Speaker Details :

Speaker 1: Ramona Ratiu- MS, CISM, CISA, GSTRT, GCCC, Head of Cyber Resilience Testing, Zurich Insurance

Ramona Ratiu is a distinguished cybersecurity leader with over 15 years of global experience in cyber resilience,

governance, risk, and compliance. As Head of Cyber Resilience Testing at Zurich Insurance, she drives strategic initiatives to prepare organizations for AI-driven threats and emerging digital risks.

Ramona is the U.S. Ambassador for the Global Council for Responsible AI and serves as an adjunct professor at DePaul University, where she shapes the next generation of It risk professionals. She has held multiple leadership roles with ISACA, including two terms as President of the Chicago Chapter and currently serves as Strategic Advisor.

Widely recognized for her contributions to the field, Ramona

is the recipient of ISACA's 2025 Technology for Humanity

Award, among other global accolades. A vocal advocate for inclusive innovation and women in tech, she champions global collaboration, mentorship, and ethical Al practices to build a resilient digital future.

Speaker 2: Alex Islamov, Director of Security Risk Management at Verizon

With over 19 years of experience, Alex Islamov is a seasoned cybersecurity leader known for helping organizations successfully navigate complex regulatory and compliance landscapes. He specializes in delivering end-to-end operational, IT, and information security risk management solutions across both private and public sectors, including federal, state, and local government agencies. Throughout his career, Alex has held leadership and management roles at top global accounting firms, financial institutions, and technology companies, where he has built a strong track record of driving enterprise-wide risk and compliance programs for multinational organizations. His expertise lies in bridging technical execution with strategic oversight, ensuring cybersecurity programs not only meet regulatory mandates but also align with broader business objectives.

Alex brings extensive cross-industry experience, having advised clients in software and technology, healthcare, manufacturing and distribution, financial services, and the public sector. His core areas of specialization include IT audit, SOX compliance, IT/IS governance, regulatory readiness, data privacy, cybersecurity, enterprise risk management (ERM), third-party risk management (TPRM).

Speaker 3 and Speaker 4 - to follow

Any questions? Please contact admin@isaca-london.org