Mr. John Bates JD, CISSP, CCSP, CIPP/US, CIPP/E

John Bates is Senior Manager in the Cybersecurity Program Transformation capability at EY. He has consulted on cybersecurity matters for more than 15 years with clients in highly-regulated industries. With a cross-functional background as in-house counsel and CISO, John has initiated ISO 27001 and HITRUST programs through recurring audits. He has also conducted enterprise cyber assessments for Fortune 500 companies utilizing NIST, CIS, ISO 27001, CMMI, HITRUST, NYDFS, CA OSFI and other cyber standards and frameworks. His hands-on experience includes third-party risk management, governance, strategy, data protection, policies and standards, privacy and incident response.