Kevin Villanueva
Partner
CISA, CISSP, CCSFP, PCI QSA, HITRUST CCSFP, CDPSE

Biography

Kevin has been in the information technology field since 1997 and leads the firm’s IT infrastructure and security practice. He specializes in government, not-for-profit, private entity, higher education, and health care clients. His areas of practice include IT security assessments; penetration testing; PCI DSS assessments; HIPAA compliance auditing; HITRUST readiness and validation assessments, strategic technology planning; disaster recovery and business continuity planning; policies, procedures, and documentation development; and project management. In addition, he has designed and conducted technology assessments based on the internationally recognized ISO/IEC 27001/2, NIST, and COBIT standards, and has served as technical counsel on hundreds of technology security projects.

External Publications

Selected Speaking Engagements

  • 3 Steps to Protect Company Data While Working Remotely
    (Moss Adams Webcast, October 2020)
  • Cybersecurity for Energy Companies
    (Moss Adams Webcast, October 2020)
  • Cybersecurity for Transportation and Logistics Companies
    (Moss Adams Webcast, October 2020)
  • Transportation and Logistics Trends
    (Moss Adams Webcast, September 2020)
  • 3 Steps to Protect Your Company Data While Working Remotely
    (Moss Adams Webcast, August 2020)
  • Are You Ready to Deal With a Cyberattack?
    (OGFOA 2018 Fall Conference, Salem, October 2018)
  • Red Team Penetration Testing: Taking the Offensive in Cybersecurity
    (Moss Adams Webcast, June 2018)
  • Why You Got Hacked (and how to make sure it doesn't happen again)
    (Healthcare Financial Management Association Webinar, May 2018)
  • Emerging Cyber Threats to Casinos
    (National Indian Gaming Conference, April 2018)
  • Internal Controls: Top Reasons Your Tribe Got Hacked
    (Native American Finance Officers Association Conference, April 2018)
  • Five Challenges Every Chief Information Officer Faces
    (Moss Adams Webcast, October 2017)
  • IT You Can Use: Third-party Cloud Risks
    (Moss Adams Webcast, June 2017)
  • Protecting Health Care IT: Understanding the Benefits of HITRUST Certification
    (Moss Adams Webcast, April 2017)
  • Cybersecurity Best Practices for Casino Operations
    (National Indian Gaming Association, Indian Gaming Tradeshow & Convention, April 2017)
  • Cybersecurity: Fraud Prevention and Cybersecurity
    (Maritime Commerce Club, February 2017)
  • Disaster Recovery
    (Northwest Association of Financial Professionals, February 2017)
  • The Internet of Things - Smart Devices, Not So Smart Technology
    (University of San Diego, Not-For-Profit Governance Conference, January 2017)

Professional Affiliations

  • Member, Information Systems Audit and Control Association

Education

  • BS, business administration, Pepperdine University

Insights from Kevin Villanueva