North America ISRM 2013 

Browse All of Our Events »

First-time North America ISRM conference attendee Nashira Layade.


North America ISRM Has Concluded!

On the final day of North America ISRM, presentations focused on topics ranging from email hacking to global risk management to safety in the Cloud.

Special keynote presenter Captain Richard Phillips enthralled the audience by recounting his tale of kidnapping at sea, the basis for the film Captain Phillips. He followed his presentation by signing copies of his memoir.

Captain Phillips' keynote presentation is recapped in the Las Vegas Review-Journal.

Ex-CIA man Robert Bigman took the stage for the closing keynote, titled "Why What We're Doing Isn't Working." Bigman explored the evolving world of cyberthreats, addressed security tactics that no longer work, and offered new tactics for the audience of security professionals.

Captain Phillips signs copies of his memoir at ISACA's North America ISRM.

Congratulations to Vivian Agu, winner of a drawing for a tablet at North America ISRM, pictured with ISACA CEO Ron Hale.

QR CodeScan the adjacent code to download the North America ISRM Mobile App from iTunes or Google Play.

Stay connected at this year’sNorth America ISRM Conference with your smart phone or other mobile device!

Smart Phone AppWith this FREE new feature you will be able to:

  • Build your own conference schedule
  • Complete conference session surveys
  • Take notes, and export to email to yourself for review later
  • View session presentations

To access this powerful tool, please visit our smart link.

Get Social

While at North America ISRM, connect with your fellow attendees in person and online. Find photos, videos and daily recaps on ISACA’s Facebook page. Share LinkedIn status updates. And use #ISACANA on Twitter to follow the conversation and ensure that your tweets are seen by fellow attendees.

Share your conference experiences with us! Tweet or email a conference “selfie” and it may be published on the ISACA Facebook page or web site. Remember to use #ISACANA or email socialmedia@isaca.org.

Have a great conference. We’ll see you in Las Vegas and in the social sphere!

32 Hours
Earn up to 32 CPE Hours!

 Thank You to Our Sponsors!

Microsoft

Modulo

RSA

C&F AdaptiveGRC

BEW Global

Boldon James

Fishnet


To view all sponsors and exhibitors,
click the Sponsors tab

  Follow @ISACANews on Twitter and get the latest updates about ISRM with the hash tag #ISACANA


Program Information


Immerse yourself in 2.5 days of:

Educational sessions — workshops, keynotes, case studies and panel discussions
Networking events — spotlight educational sessions, attendee receptions, workshops and more

View program tracks and workshops below.

Track 1: Cybersecurity
Track 2: Privacy/Security
Track 3: Risk Management
Track 4: Compliance
Track 5: Forums


One-Day Workshops

Monday, 4 November 2013

WS1: COBIT 5 for Security
WS3: Data Privacy Risks
WS5: A Practical Approach to Network Vulnerability Assessment (closed)


Tuesday, 5 November 2013:

WS2: COBIT 5 for Risk (WS2 has sold out. Please contact the
conference department to add your name to the waiting list.)
WS4: Innovate your Cybersecurity Solutions: Understand and Respond to Current Threats and Incidents
WS6: BYOD: Securing Mobile Technologies (closed)
WS7: Tools & Techniques of Digital Forensics and eDiscovery


2013 Conference Dates and Times

Pre-Conference Workshop Registration

Monday, 4 November; 7:30AM - 12:00PM
Tuesday, 5 November; 7:30AM - 12:00PM

Pre-Conference Workshops

Monday, 4 November; 9:00AM - 5:00PM
Tuesday, 5 November; 9:00AM - 5:00PM

Conference Registration Times

Tuesday, 5 November; 3:00PM - 7:00PM
Wednesday, 6 November; 7:00AM - 5:00PM
Thursday, 7 November; 7:30AM - 5:00PM
Friday, 8 November; 8:00AM - 12:00PM

Conference

Wednesday, 6 November; 8:30AM - 5:00PM
Thursday, 7 November; 8:30AM - 5:15PM
Friday, 8 November; 8:30AM - 12:30PM


Friday Morning, 8 November: Closing Keynote Address

Why What We’re Doing isn’t Working

  Download Presentation

Robert BigmanRobert Bigman, President of 2BSecure, LLC, recently retired from the Central Intelligence Agency (CIA) after serving a 30-year career. Recognized as a pioneer in the field of classified information protection, Bigman developed technical measures and procedures to manage the nation’s most sensitive secrets. Bigman participated in developing security measures for government computers, and then developed solutions to allow the CIA to use the Internet to further its mission without exposure.

As the Agency's Chief Information Security Officer (CISO), Bigman managed a large organization of technical and program officers responsible for the protection of all Agency information. Bigman also served as the designated officer for all discussions with the information security industry and its commercial partners. He has contributed to almost every Intelligence Community information security policy/technical standard, and has provided numerous briefings to the National Security Council, Congress and presidential commissions. Bigman has received numerous CIA and Director of National Intelligence awards.

  • Stage Setting – The Current State of Computing Technology
  • Fighting Today’s Threats With Yesterday’s Technology
  • The Lessons From Plug-X
  • Protecting O/S Kernels with Applications
  • Signatures, Heuristics and Cyber Intelligence Clouds
  • Positive Changes in Protection Philosophy

Wednesday Morning, 6 November: Opening Keynote Address

Embracing Uncertainty—How Big Data Is Transforming Security Management

  Download Presentation (19M)

Eddie Schwartz, CISA, CISM

Despite the best efforts and significant investments of security teams, various classes of threat actors continue to wreak havoc within organizations today. The challenge for our profession is how to reduce the impact of unknown and unexpected attacks and risks when traditional security technologies, processes and skills have proven to be inadequate.

Big data is transforming four critical areas of security in leading organizations: security management, fraud, GRC, and identity management. This keynote will discuss the drivers for this transformation and provide a blueprint for organizations looking to embrace uncertainty and succeed in the face of advanced threats and complex security risks.


Hear what Keynote Speaker Eddie Schwartz, CISA, CISM, VP of Global Security Solutions at Verizon Enterprise Solutions, has to say about the value of attending ISRM.

Eddie Schwartz is Vice President of Global Security Solutions for Verizon Enterprise Solutions. Previously he was Chief Information Security Officer (CISO) for RSA and was co-founder and CSO of NetWitness (acquired by EMC), CTO of ManTech, EVP and General Manager of Global Integrity (acquired by INS), SVP of Operations of Guardent (acquired by VeriSign), CISO of Nationwide Insurance, a Senior Computer Scientist at CSC, and a Foreign Service Officer with the U.S. Dept. of State. Schwartz has 25 years experience in the information security field,.

Schwartz has advised a number of early stage security companies, and served on the Executive Committee for the Banking Information Technology Secretariat (BITS). Schwartz has a B.I.S. in Information Security Management and an M.S. in Information Technology Management from the George Mason University School of Management.

Want more from Eddie? Read his recent ISACA Now Blog post, which previews his presentation, here.

Friday Morning, 8 November: Special Keynote Address

Insights on Protecting Enterprise Assets from Even the Most Unpredictable Threats

Captain Richard PhillipsCaptain Richard Phillips
Captain of the Maersk Alabama
Maersk Line

Hero of the high seas, author of "A Captain’s Duty: Somali Pirates, Navy SEALs, and Dangerous Days at Sea," Captain Phillips caught the world’s attention when he was captured by Somali pirates in 2009.

On 8 April of that year, his vessel, the Maersk Alabama, became the first U.S. ship in more than 200 years to be hijacked at sea. Over the course of the next five days, Captain Phillips’s forward planning, quick thinking and heroism saved him, his crew and his ship.

A graduate of the Massachusetts Maritime Academy, Captain Phillips is a member of the International Organization of Masters, Mates & Pilots Union, and a licensed American merchant mariner. He became Captain of the MV Maersk Alabama in 2009. The gripping events surrounding his ship’s capture and his eventual rescue by US Navy SEALS have been made into a soon-to-be released Columbia pictures movie starring multiple Oscar-winner Tom Hanks.

His story highlights the need for all enterprises to have clear guidelines for safety and security. It also stresses the importance of leadership and creativity in any crisis situation. Ultimately it demonstrates that having an action plan for any eventuality is an essential foundation for protecting enterprise assets in the face of even the most unpredictable of threats.

Hear from Captain Phillips himself in the ISACA Now Blog post, “Risk and reward, typhoons and hurricanes—thoughts from a floating CEO”, which is linked here.



Program Sessions and Workshops


Monday, 4 November 2013

Time Pre-Conference Workshops

9:00AM–5:00PM

WS1—COBIT 5 for Security
WS3—Data Privacy Risks
WS5—A Practical Approach to Network Vulnerability Assessment


Tuesday, 5 November 2013

Time Pre-Conference Workshops

9:00AM–5:00PM

WS2—COBIT 5 for Risk
WS4—Innovate your Cybersecurity Solutions: Understand and Respond to Current Threats and Incidents
WS6—BYOD: Securing Mobile Technologies
WS7—Tools & Techniques of Digital Forensics and eDiscovery


Wednesday, 6 November 2013

Time Sessions

8:30AM–9:45AM

Opening Keynote—Embracing Uncertainty—How Big Data Is Transforming Security Management

9:45AM–10:15AM

Break

10:15AM–11:45AM

111—Hot Topic: SCADA/NERC CIP
112—Big Data & Privacy by Design
113—Vendor Supply Chain Management
114—RX for Healthy Security
115—Responding to Cyberattacks Forum

11:45AM–12:45PM

Lunch

12:45PM–1:45PM

121—Hot Topic: Cloud Maturity Survey
122—Cybersecurity: an Advanced Innovative Approach to Advanced Persistent Threats
123—Hot Topic: COBIT 5 for Risk
124—FISMA - The Private Sector Impact
125—Megatrend Session: The Evolving Threat Landscape – Microsoft Security Intelligence Report (Sponsored by Microsoft)

1:45PM–2:15PM

Break

2:15PM–3:15PM

131—Advances in Incident Management
132—Hot Topic: Addressing Vendor Risk
133—Towards Trustworthy Cloud Computing
134—Security Metrics
135—Megatrend Session: Time for BCM? Why and When to Include BCM in Broader Risk Management Efforts (Sponsored by Modulo)

3:15PM–3:45PM

Break

3:45PM–5:00PM

141—Modern Cyberthreats
142—Data Privacy and Protecting Personal Information
143—BYOD Risk Management
144—SOC 2SM at Age 2
145—COBIT 5 Forum

5:00PM–7:00PM

Solution Center/Expo Hall Reception

5:15PM–5:45PM

SP1—GRC Information Security Management for Data Privacy, Cloud and Enterprise (Sponsored by AdaptiveGRC™)
SP2—Building a Security Program that Protects an Organization’s Most Critical Assets (Sponsored by BEW Global)

6:00PM–6:30PM

SP3—How Data Classification can Harness the Value of Big Data (Sponsored by BoldonJames)
SP4—Impact of PCI DSS 3.0 (Sponsored by FishNet Security)


Thursday, 7 November 2013

Time Sessions

8:30AM–9:45AM

211—Cybersecurity: What's Your Plan?
212—Don't Let Your Apples Fall Far from the Tree—Understanding iOS Deployment Risk
213—Social Media — Managing Key Organizational Risks
214—Compliance in the Cloud
215—Cybersecurity Forum

9:45AM–10:15AM

Break

10:15AM–11:45AM

221—Automating the 20 Critical Security Controls
222—Forensics and Big Data
223—Business Continuity in Emerging Technologies
224—Forensics and eDiscovery: Managing Risk and Privacy
225—Industry Analyst Forum

11:45AM–1:00PM

Lunch
LL1 – Modulo Lunch & Learn - Embracing Shadow IT - How to encourage innovation within a secure Shadow IT infrastructure

1:00PM–2:00PM

231—Digital Forensics: Bringing It In-House
232—Creating a Culture of Continuous Compliance via IAG
233—Stored Data…Time to say Goodbye
234—Security Managers Understanding Privacy
235—OMG! Boomers, Gen X, Gen Y and Traditionalists

2:00PM–2:30PM

Break

2:30PM–3:30PM

241—Cybersecurity with COBIT 5 Part 1
242—Resistance in a Cyber Cold War: Security as a Service
243—Hot Topic: Assessing & Managing Info Risk in an Outsourced Environment
244—SSH User Key Mismanagement in Today’s Large Enterprise
245—Megatrend Session: Next Generation Security and Compliance Programs (Sponsored by RSA)

3:30PM–4:00PM

Break

4:00PM–5:15PM

251—Cybersecurity with COBIT 5 Part 2
252—PCI DSS 3.0, What Does It Mean For All of Us?
253—Operational Risk Management
254—Certified ISO 31000 Risk Manager
255—Risk Forum

5:30PM–6:00PM

SP5—Risk Management 2.0 - From Information Security to Enterprise Risk Management (Sponsored by Modulo)

6:00PM–8:00PM

Free Night


Friday, 8 November 2013

Time Sessions

8:30AM–9:30AM

311—All Quiet on the Cyber Front: Monitoring & Breaches
312—Hackers Get Personal: New Face of Email Security
313—Deploying Information Risk Management Globally and Avoiding the Pitfalls
314—ISO 27001 - What You Need to Know About Recent Changes
315—Is Your Data Safer in the Cloud?

9:30AM–10:00AM

Break

10:00AM–11:00AM

Special Keynote—Insights on Protecting Enterprise Assets from Even the Most Unpredictable Threats

11:00AM–12:30PM

Closing Keynote—Why What We’re Doing isn’t Working

 

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a three-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 32 CPE credits; 18 by attending North America ISRM and an additional 7 CPE credits for attending each day of optional workshops. ISACA conferences are Group Live and do not require any advanced preparation.

ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site:  www.learningmarket.org.

Conference Registration Fees

Member US $1,550 Non-member US $1,750


One-Day Workshop

Member US $550 Non-member US $750


Cancellation Deadline:


9 October 2013


Online Registration Close Date


1 November 2013

Group Discounts

ISACA offers discounts to organizations sending 4 or more employees to a single conference. Please contact the ISACA Conference department for more details at +1.847.660.5585 or conference@isaca.org.


All fees are quoted in US dollars. The entire registration fee must be received by ISACA before your registration will be considered paid in full.

 

Registration Methods

On-line registration for the 2013 ISRM Conference is now closed.
On-site Workshop and Conference registration will open on Monday, 4 November at 7:30AM at the Cosmopolitan Hotel’s Belmont Registration Area located on the 4th level.  We look forward to seeing you there!


Email your completed registration form to conference@isaca.org.

 

Cancellation Policy

If your plans change and you won’t be able to attend the conference and/or workshop, contact us by phone, fax or e-mail to cancel your registration. All cancellations must be received by 9 October 2013 to receive a refund of registration fees. A cancellation charge of US $100 will be subtracted from conference refunds, and US $50 from workshop refunds. No refunds can be given after 9 October 2013. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees.

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, conference and/or workshop fees must be received by the published deadline. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. Conference materials are not guaranteed to those who register onsite or fail to submit payment prior to the event. For more information regarding administrative policies, please contact the ISACA conference department.
Phone: +1.847.660.5585
Fax: +1.847.253.1443
E-mail: conference@isaca.org

Disclaimer

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.


Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the web site at www.isaca.org/membership or contact the membership department at membership@isaca.org.

NOTE: This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.


Permission to be Photographed

By attending this event, the registrant grants permission to be photographed and videotaped during the event. The resultant photographs and videos may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site, in social media and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs and videos will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs or videos now or in the future.


Dress

Business casual is appropriate for this and all ISACA conference events.

A City Room at The Cosmopolitan of Las Vegas

Day club pool

Terrace studio balcony

 

Venue and Accommodations

The Cosmopolitan of Las Vegas

3708 Las Vegas Boulevard South
Las Vegas, NV 89109
702.698.7000

Web: www.cosmopolitanlasvegas.com

 

The Cosmopolitan’s specially discounted ISRM rate is no longer available.


We suggest these other hotels nearest to the Cosmopolitan:

Planet Hollywood Resort and Casino
Vdara Hotel and Spa
Paris Las Vegas Hotel and Casino
Aria Hotel and Casino

  Gold

Microsoft

  125—Megatrend Session: The Evolving Threat Landscape — Microsoft Security Intelligence Report

Microsoft’s Trustworthy Computing group focuses on creating and delivering secure, private, and reliable computing experiences based on sound business practices. Our goal is a safer, more trusted Internet.

 


Modulo
  135—Megatrend Session: Time for BCM? Why and When to Include BCM in Broader Risk Management Efforts
  SP5—Risk Management 2.0 - From Information Security to Enterprise Risk Management
  LL1—Embracing Shadow IT - How to Encourage Innovation Within a Secure Shadow IT infrastructure

Modulo is the leading global provider of information & technology GRC solutions, offering flexible and affordable methods for managing risk, compliance, and business continuity across the enterprise and extended enterprise of vendors. 1,000+ customers leverage Modulo to automate workflow; report compliance against regulations, standards, policies; prioritize risk through analytics and business metrics; secure cloud environments; remediate vulnerabilities; and more.

Modulo is the first company in the world to obtain ISO 27001 certification – the international standard for the governance of information security management systems – which guides Modulo’s product development and risk-reduction methodology. Modulo continues to lead the creation of International Standards in the GRC space.

Modulo’s software solutions streamline GRC by automating processes enterprise-wide, reducing complexity and cost. A broad range of organizations – especially those heavily reliant on technology systems, vendor networks, and electronic transactions – report a high ROI from Modulo’s quickly deployed, scalable, and content-rich platform.
 

Silver

RSA  

 

Bronze


 
Event Exhibitors

  2013 NA ISRM Floor Plan
 

For Exhibitor and Sponsorship Opportunities

Please contact:

Sean Stringer
Director of Sponsorship
Phone: +1.847.660.5729
Fax: +1.847.253.1443
sstringer@isaca.org

  2014 North America ISRM Sponsorship Brochure
  2014 North America ISRM Sponsor License Agreement
  Exhibitor and Sponsorship Information

Questions

Contact ISACA's Education/Conference Department:
Tel: +1.847.660.5585
Fax: +1.847.253.1443
conference@isaca.org

Media Inquiries

Contact the ISACA Communications Department:
Tel: +1.847.660.5512 or
+1.847.660.5564
news@isaca.org

Please address Sponsorship questions to: sstringer@isaca.org