Moss Adams - Kevin Villanueva

Industry Expertise

E-Commerce Government Services Higher Education Hospitals & Health Systems Not-for-Profit

Practice Focus

Cybersecurity IT Compliance IT Consulting

Biography

Kevin has been in the information technology field since 1997 and leads the firm’s IT infrastructure and security practice. He specializes in government, not-for-profit, private entity, higher education, and health care clients. His areas of practice include IT security assessments; penetration testing; PCI DSS assessments; HIPAA compliance auditing; HITRUST readiness and validation assessments, strategic technology planning; disaster recovery and business continuity planning; policies, procedures, and documentation development; and project management. In addition, he has designed and conducted technology assessments based on the internationally recognized ISO/IEC 27001/2, NIST, and COBIT standards, and has served as technical counsel on hundreds of technology security projects.

Selected Speaking Engagements

Are You Ready to Deal With a Cyberattack?
(OGFOA 2018 Fall Conference, Salem, October 2018)
Why You Got Hacked (and how to make sure it doesn't happen again)
(Healthcare Financial Management Association Webinar, May 2018)
Emerging Cyber Threats to Casinos
(National Indian Gaming Conference, April 2018)
Internal Controls: Top Reasons Your Tribe Got Hacked
(Native American Finance Officers Association Conference, April 2018)
Cybersecurity Best Practices for Casino Operations
(National Indian Gaming Association, Indian Gaming Tradeshow & Convention, April 2017)
Cybersecurity: Fraud Prevention and Cybersecurity
(Maritime Commerce Club, February 2017)
Disaster Recovery
(Northwest Association of Financial Professionals, February 2017)
The Internet of Things - Smart Devices, Not So Smart Technology
(University of San Diego, Not-For-Profit Governance Conference, January 2017)

Professional Affiliations

Member, Information Systems Audit and Control Association

Education

BS, business administration, Pepperdine University

Insights from Kevin Villanueva

$374.9 Million to Enhance State, Local, and Tribal Cybersecurity Funding

Increased funding from the State and Local Cybersecurity Grant Program (SLCGP) is meant to improve cybersecurity protection.

Updates to the GLBA Safeguards Rule for Higher Education

New Gramm-Leach-Bliley Act (GLBA) Safeguards Rule requirements for institutions of higher education take effect June 9, 2023.

5 Tips for Wineries to Protect Their Business Against a Cyberattack

Explore five strategies to protect your assets and customers’ data, including employee training, penetration tests, and more.

The 6 Intangible Costs of a Cyberbreach

Breaches can cost more than just lost data or access to systems. Learn tips to protect your organization.

How to Identify Top Cybersecurity Threats and Protect Your Organization

Learn to protect your organization with a more stringent cybersecurity strategy.

6 Steps to Help Implement a Cost-Effective Information Security Program

Take these 6 steps to strengthen your information security program while keeping costs low and controls effective.

How to Integrate Cybersecurity with Your IT and Internal Audit Teams

Learn how IT and internal audit teams can better collaborate with one another to help strengthen cybersecurity.

How to Prepare Your Organization for the CMMC by End of Year

Get answers to commonly asked questions about the Cybersecurity Maturity Model Certification (CMMC) requirements and timelines.

Use a 5-Stage Strategic Plan to Implement New Technology

Learn the 5 stages of strategic technology planning along with considerations and questions for each stage to help breakdown the process.

Cybersecurity Checklist for Remote Work

Record numbers are working remotely. This list is a starting point to help review security considerations during COVID-19.

COVID-19 Can Lead to Cybersecurity Risks—Protect Your Organization

Learn how to protect your organization against cyberthreats while hackers take advantage of the COVID-19 pandemic.

Why Cyberthreats Are So Dangerous for the Oil & Gas Industry

Learn how the rise of digitization created unique hacker threats and how you can lower risks of a cyberattack.

Help Protect Your Winery from Cyberthreats Using These Key Strategies

Help your winery reduce damage caused by top-trending cyberthreats by following these key steps.

Stay Ahead of Cybersecurity Breaches and Off the Media’s Radar

Stolen data is extremely profitable. As cyberattacks become more prolific and publicized, it’s easy to conclude that the question becomes not if, but when information will be compromised. Moss Adams can help you stay one step ahead.

Assess Your Cybersecurity to Create a Competitive Advantage

IT security assessments aren’t only useful for warding off potential breaches and hackers.

FSA Updates Cybersecurity Compliance FAQs

The Federal Student Aid senior advisor of cybersecurity updated the Cybersecurity Compliance FAQs.

How to Improve Cybersecurity and Protect Your Organization

A stringent cybersecurity strategy helps prevent breaches, which are often the result of improperly secured systems and lack of awareness.

Protect Patient Data by Executing Best Practices and Controls with the HITRUST CSF

Learn why health care organizations are vulnerable to cyberthreats and how best practices with the HITRUST CSF can help protect valuable data.

Stay Ahead of Cybersecurity Breaches and Off the Media’s Radar

Stolen data is extremely profitable. As cyberattacks become more prolific and publicized, it’s easy to conclude that the question becomes not if, but when information will be compromised. Moss Adams can help you stay one step ahead.