Find a Speaker

Learn more about this speaker, including:
certifications, speaking topics, and previous engagements.

GRC Content Manager

Alyssa Pugh

10 Years Speaking Experience

Speaking Topics

  • Risk Assessments
  • Incident Management
  • Remote Work
  • Risk Management
  • Third Party Oversight
  • Cybersecurity
  • Security Awareness
  • Information Security
  • Business Continuity Management
  • FFIEC Cybersecurity Assessment Tool
  • IT Exam Handbook Updates
  • Phishing Employee Training


  • Security+
  • CISM



As a millennial, Alyssa grew up with technology at her fingertips. She has more than ten years of professional technical and information security experience. She earned a B.A. in Technical Communications and has achieved the CISM and Security+ certifications. Alyssa currently serves as the GRC Content Manager for Tandem, an information security and compliance application. In this role, she participates in the development of content for Tandem, as well as educational resources related to information security governance, risk management, and regulatory compliance. Alyssa has presented multiple conference sessions over topics including risk assessments, incident management, third-party oversight, and cybersecurity. In addition to her passion for technology, Alyssa is also a wife, graphic designer, and video game enthusiast.


Recent Speaking Engagements

  • 2024 Tandem Webinars
    • 2024 Cybersecurity Trends with the NCUA & NCU-ISAO
  • 2023 Tandem Webinars
    • Cyber Incident Notification Requirements: What Credit Unions Need to Know
    • Maintaining Compliance with Freddie Mac's New Information Security Requirements
    • The NCUA's New Information Security Examination Procedures
    • How to Address Frequently Found Security Issues
  • 2023 KEYS Conference
    • Level Up Your Tabletop Exercises
    • All About Vulnerability & Patch Management
  • 2022 NEACH Winter Meeting
    • Top Cyber Threats for Payments in 2022
  • 2022 South Plains Trust and Estate Council (SPTEC) Meeting
    • Cybersecurity & You: Today's Top Cyber Threats and How to Combat Them
  • 2022 Wisconsin Bankers Association Secur-IT Conference
    • Lessons Learned from the FFIEC's New AIO Booklet
  • 2022 NEACH Conference
    • A Payment Professional's Guide to Phishing
  • 2022 ISACA Conference
    • Lessons Learned from the FFIEC's New Booklet
  • 2022 ICBA New Mexico Conference
    • Securing Your Bank from Unknown Threats
  • 2022 Tandem Webinars
    • A Banker's Guide to Understanding the New Incident Notification Rule
    • Ask the Experts: The NCUA's ACET
    • Ask the Experts: Multi-Factor Authentication
    • How to Write an Information Security Policy
  • 2022 KEYS Conference
    • How to Write a Policy
    • ISO's Guide to Managing Ransomware
    • 7 Ways to Transform How You Report Cybersecurity
  • 2021 RSA Conference
    • 10 Things to Include in Remote Work Risk Assessments
  • 2021 Tandem Webinars
    • The New FFIEC Architecture, Infrastructure, and Operations Booklet
    • Third-Party Incident Handling
    • Reporting Cybersecurity to the Board – Why, What, and How
  • 2021 CUNA / NASCUS Cybersecurity eSchool
    • How to Create an Effective Incident Management Program
  • 2021 ICBA New Mexico Conferences
    • How to Build an Effective Incident Management Plan
    • The Community Bankers' Guide to Phishing
  • 2021 Oklahoma Bankers Association Senior Management Forum
    • The State of Cybersecurity
  • 2021 Houston Area Governance Roundtable Committee (HAGRC) Meeting
    • Managing the Risk of Ransomware
  • 2021 ISACA Hawaii Chapter Meeting
    • Securing Your Remote Workforce
  • 2020 Tandem Webinars
    • The FFIEC's Updated Business Continuity Management Booklet
    • Understanding and Updating Your BCP for Coronavirus
    • Validating Your Risk Assessment Controls
  • 2019 WBA Secur-IT Conference
    • Discovering Stability: Reviewing Important Due Diligence Documents
  • 2019 KEYS Conference
    • The Risk Assessment Experience
    • Pre-Conference Seminar: Third Party Oversight
    • Interactive Learning Keynote: The Vendor
  • 2019 IBA The ONE Conference
    • The ISO's Guide to Third Party Oversight