IWCE is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Josh KruegerCISOProject Hosts

As the Chief Information Security Officer (CISO) at Project Hosts, I lead the charge in managing compliance and conducting Third Party Assessment Organization (3PAO) assessments across a variety of industry frameworks, including FedRAMP, DoD IL4/IL5, HITRUST, ISO 27001, PCI, HIPAA, FISMA, CMMC, GDPR, and NISPOM. Overseeing more than 14 FedRAMP moderate, IL5, and IL4 assessments annually for Project Hosts and our clients on Microsoft Azure and AWS, I ensure rigorous adherence to these critical standards. In addition to compliance management, I spearhead the development and implementation of our security education and training program. This initiative empowers our employees to understand and comply with relevant frameworks, protect information according to its classification, and adapt to evolving compliance requirements. I also lead the Configuration Management Board, guaranteeing that only authorized changes are implemented across our security enclaves, and manage all incident response activities, including containment, eradication, recovery, and necessary notifications to governing bodies. As the Data Protection and Privacy Officer, I enforce the safeguarding of PII, PHI, and ePHI, ensuring compliance with EU GDPR, HITRUST, and HIPAA control requirements. Additionally, in my role as a certified Facility Security Officer, I manage Project Hosts' Facility Clearance Level and personnel clearances under the National Industrial Security Program (NISP). Moreover, I am a Certified CMMC Registered Practitioner, overseeing Project Hosts' Registered Provider Organizational duties to members within the Defense Industrial Base. Recently, I have been appointed to the Federal Secure Cloud Advisory Committee, where I contribute to shaping policies and strategies for secure cloud adoption across federal agencies.

Presenting: