CSX North America Presentations and Descriptions 


As the program is developed, we will continue to add information to this page – check back frequently for updates!



WS1—Cybersecurity Fundamentals

Saturday, 13 October – Sunday, 14 October

John Tannahill, CISM, CGEIT, CRISC, CSXP

Why become a cybersecurity professional? The protection of information is a critical function for all enterprises. Cybersecurity is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of Information Technologies (IT). The CSX Fundamentals workshop is designed for this purpose, as well as to provide insight into the importance of cybersecurity, and the integral role of cybersecurity professionals. This workshop will also prepare learners for the CSX Fundamentals Exam.


Saturday, 13 October – Sunday, 14 October

2017 Top-Rated SpeakerMark Thomas, CGEIT, CRISC

The course is designed for individuals who have a basic understanding of both COBIT 5 and security concepts, and who are involved in improving the cybersecurity program for their enterprises. This course is focused on the Cybersecurity Framework (CSF), its goals, the implementation steps, and the ability to apply this information. In addition to learning the core concepts and implementation essentials, this class is full of practical examples, tricks, tips and advice.

WS3—Hands-on Technical Cybersecurity Training

Saturday, 13 October – Sunday, 14 October

2017 Top-Rated SpeakerKeatron Evans

Have you downloaded Kali or other security tools and suites but never quite figured out how to do really useful things with it? Were you once technical and now want to get your technical chops back? Are you new to technical cybersecurity? Does it seem like magic when you see forensics, hacks, or penetration testing done? Never hacked a box, performed packet forensics, or memory forensics? Never actually seen an attack happen in real time? Then come take this training. We will spend one day walking you through completing a successful penetration of a server, then spend day 2 doing incident response and forensics on the server and network you spent day one exploiting. The only pre-requisite skill needed is basic familiarity with the Windows operating system. You will learn the Linux techniques you need during the training. You will leave with the tools and techniques to continue learning and more importantly demonstrate to others what the attacks look like, and how to investigate them.

WS4—CSX-P Lab Bonanza

Saturday, 13 October – Sunday, 14 October

2017 Top-Rated SpeakerFrank Downs




Dustin Brewer

The CSX Practitioner Lab Bonanza offers attendees the opportunity to experience all of the labs presented in the one week Bootcamp in two intensive, action-packed days!

ISACA staff instructors and program developers will guide you through these technically advanced, hands-on labs where you will be dissecting typical problem spots, and learning through detailed insight to ensure your comprehension and application upon return to the office so you are better equipped to overcome threats and create competitive advantages for your career and your organization.

By attending this workshop you will find that by being immersed into the CSX-P process you will be able to develop a more robust background to meet current a future cyber security challenges and be better prepared to sit for the rigorous demands of the CSX-P certification program.

*Please note, while this course is intended to help provide insights into the rigors of the CSX P Exam, students will still need to prepare for the exam independently following the conclusion of this workshop. Students will have access to these labs for 6 months following this workshop to help facilitate this ongoing exam preparation.

*Please note: To fully participate in this workshop, all attendees are required to bring a laptop with an Internet accessible browser.

WS5—CSX Packet Analysis Course

Sunday, 14 October

Kevin Keh




Matt Weber

Leverage packets to characterize networks, devices, and people!

The Cybersecurity Nexus (CSX) Packet Analysis Course (CPAC) provides students an understanding of packet and protocol analysis. Students will work with real network traffic captures in real environments and will analyze different communication types and their components. Upon completion, students will be able to passively analyze packet captures and create network topologies and device characterizations – valuable traits in the cybersecurity field.

*Please note: To fully participate in this workshop, all attendees are required to bring a laptop with an Internet accessible browser.

WS6—Develop An Effective Security Roadmap + Program

Sunday, 14 October

Todd Fitzgerald

For the technical or managerial individual desiring to lead an information security program, providing the steps and information necessary. The session will build a program from the Board of Directors interaction through training the end user.

The session will provide guidance for the technical individual desiring to become a CISO in the future. Coverage includes building an information security program from the security strategy development through implementation of technical security controls and the process challenges. The session will cover interactions with the C-suite, policy development, reporting structures, managerial/operational/technical control selection, security awareness, challenges, frameworks, privacy regulations, law and ethical considerations, security incidents, and interacting with senior and middle management to move the security program forward. This program fills the gap in taking a technical individual and providing insight into what leadership of the security program entails. The individual may be planning a CISO career path in the near term or future, and this will provide the skills necessary.


Return to Event Page >>



Opening Keynote Speaker

Laura GalanteLaura Galante
Former Director Of Global Intelligence at FireEye, Ted Speaker

Laura Galante analyzes how states use cyberspace, or more precisely, our information space. She describes a domain where militaries, intelligence services, criminal groups, and individuals actively pursue their interests—with far fewer restraints than in the physical world.

Formerly the Director of Global Intelligence at cybersecurity company FireEye, her teams investigated network activity, profiled advanced cyber threats, and portrayed the political, military, and financial implications of cyber operations. A founding member of Mandiant Intelligence, her work has included leading strategic analysis, developing intelligence capabilities and offerings, and directing intelligence publications including: APT28: A Window into Russia’s State Cyber Espionage; Red Line Drawn: China Recalculates its Use of Cyber Espionage; and Hacking the Street? FIN4 Likely Playing the Market among others.

In November 2016 she spoke at the UN Security Council’s Arria Formula meeting on cybersecurity and international peace and security. She frequently appears on and provides commentary to: CNN, Bloomberg, NPR, BBC, Fox News, The New York Times, The Financial Times, The Wall Street Journal, Reuters, the Associated Press, and other global and industry media.

Prior to her work at FireEye and Mandiant, Laura led the first team analyzing cyber capability development and military doctrine at the U.S. Department of Defense. She supported the 2010 U.S.-Russia bilateral information security talks. Laura holds a J.D. from the Catholic University of America, and a B.A. in Foreign Affairs and Italian from the University of Virginia.

Tuesday Keynote Speaker

Kevin PoulsenKevin Poulsen
Award-winning journalist and a contributing editor at WIRED magazine and The Daily Beast

A one-time hacker, Poulsen was prosecuted in 1991 for using his illicit access to telephone company systems to cheat at radio station phone-in contests. He began writing in 1997, and later served as editor of SecurityFocus before joining Wired in 2005. In 2006 Poulsen conducted a computer-assisted investigation into the presence of sex offenders on social networking sites, which spawned federal legislation. In 2010, Poulsen broke the news that an Army intelligence analyst named Bradley (now Chelsea) Manning had been quietly arrested for leaking hundreds of thousands of classified documents to WikiLeaks. More recently, Poulsen worked with the late Aaron Swartz to design and develop SecureDrop, an open-source software platform for secure communication between journalists and sources, now used at over a dozen news organizations including the Washington Post and the Associated Press. He is the author of Kingpin: How One Hacker Took Over the Billion Dollar Cyber Crime Underground.

Closing Keynote Speaker

P.W. SingerP.W. Singer, PH.D.
Strategist and Senior Fellow at the New America Foundation

Peter Warren Singer is Strategist and Senior Fellow at the New America Foundation, the author of multiple award-winning books, and a contributing editor at Popular Science. He has been named by the Smithsonian Institution-National Portrait Gallery as one of the 100 "leading innovators in the nation," by Defense News as one of the 100 most influential people in defense issues, by Onalytica social media data analysis as one of the ten most influential voices in the world on cybersecurity and 25th most influential in the field of robotics, and by Foreign Policy to their Top 100 Global Thinkers List, of the people whose ideas most influenced the world that year.

Described in The Wall Street Journal as "the premier futurist in the national security environment," Dr. Singer is considered one of the world's leading experts on changes in 21st century warfare, with more books on the military professional reading lists than any other author, living or dead. He has consulted for the US Military, Defense Intelligence Agency, and FBI, as well as advised a range of entertainment programs, including for Warner Brothers, Dreamworks, Universal, HBO, Discovery, History Channel, and the video game series Call of Duty, the best-selling entertainment project in history. He served as coordinator of the Obama-08 campaign's defense policy task force and was named by the President to the US Military's Transformation Advisory Group. He has provided commentary on security issues for nearly every major TV and radio outlet, including ABC, Al Jazeera, BBC, CBS, CNN, FOX, NPR, and the NBC Today Show. In addition to his work on conflict issues, Singer served as a member of the State Department's Advisory Committee on International Communications and Information Policy and as an advisor to IDS. In the entertainment sector, he has received awards/support from the Tribeca Film Institute, Sloan Filmmakers Fund, Film Independent, and FAST Track at the L.A. Film Festival.


Return to Event Page >>