Enterprise Risk Management: Provide Security from Cyberthreats 


Education Sessions | Agenda | Why Attend | FAQs | The Virtual Conference Environment

Earn up to 5 free CPE without the cost of travel!


How to Earn CPE (472K)

Cyberrisk is a significant enterprise threat and proactive risk management means identifying the risk and implementing appropriate risk mitigation strategies. With the threat landscapes evolving due to such liberating technologies as cloud computing, successful enterprises understand that they must adapt a fundamentally new approach to managing the complexity and risk introduced by these new technologies and business services. Learn how to recognize your organization's vulnerability to cyberattacks and understand the importance of protecting your most sensitive assets by having proper security controls in place within your IT infrastructure.

Join us for a live, virtual event where industry experts share their expcyeriences and provide insights into cyberrisk and security. The educational sessions will be presented by leading industry experts on topics relevant to the IT community. Attendees will have the opportunity to engage with speakers and sponsors, network with colleagues and download sponsor provided resource materials. ISACA members earn free CPE credits for participation.

Join us on 19 March from 9:00 AM to 4:00 PM CST (UTC–6) to:

  • Connect with thousands of your peers from across the globe
  • Earn 5 FREE CPE hours without the cost of travel
  • Ask questions directly to industry experts and speakers
  • Enhance your professional knowledge


Education Sessions:

Session 1: Building a Cloud-Ready Security Program

Presented by: Renee Bradshaw, Manager, Product Marketing, NetIQ Corporation

Renee BradshawRenee Bradshaw joined NetIQ in 2009 and is primarily responsible for the positioning, go-to-market strategies and sales enablement for the Security & Compliance management business. Previously, Bradshaw was a Senior Marketing Manager at Halliburton and Hewlett-Packard, where she was responsible for creating and implementing marketing programs to support strategic business objectives. Bradshaw also spent time in various corporate positions at Compaq, Motorola and Microwave Networks, Inc. Bradshaw holds a master of business degree from the University of Houston and a bachelor of science degree in electrical engineering from Trinity University.

The cloud can bring great benefits to your company, yet there is little doubt that it can also affect the security of your sensitive data and systems. It introduces levels of complexity to the IT environment that can lead to greatly increased risks of breach or compliance gaps. This session will provide simple steps you can take to deliver superior protection of your sensitive assets, whether they reside on premise or with a 3rd party. Gain the control you need to lower your level of IT risk associated with cloud computing while securely delivering business services that originate from, reside in, or are going to the cloud.


Session 2: Don’t Gamble With Your Data: Five Absolutely Critical Questions for Data Security in the Cloud

Presented by: Arleen Urquhart, Product Marketing Manager, eVault

Arleen UrquhartArleen Urquhart is a Product Marketing Manager focused on Cloud-as-a-Service solutions at EVault. She has more than 15 years of experience in the IT industry, helping companies such as Oracle, Siemens-Nixdorf, Stratus Technologies and Symantec bring business critical solutions to market.


The reasons for moving to the Cloud are as varied as the businesses that are deploying Cloud solutions:

  • Increased efficiency and reduced costs
  • Frees up the IT team from having to manage some or all of the IT infrastructure
  • Pay-as-you-go model—software, hardware and platform all as-a-service
  • It’s elastic—the Cloud allows businesses to quickly scale up or scale down, as business requirements dictate

But not all Clouds are created equal. When evaluating a Cloud service provider to manage your critical business data, it’s important to understand how your security goals and those of the Cloud provider are aligned.

Join us March 19, as our EVault expert shares with you the five critical questions you need to ask to make sure your data is secure in the Cloud. What are the right answers to these questions?

  1. What are your encryption procedures?
  2. How is communication access to your Cloud handled?
  3. How is physical access to Cloud data centers handled?
  4. Do you adhere to the Data Privacy Bill of Rights?
  5. What will you do to get my business back online when disaster strikes?

The Cloud is no place to gamble with your organization’s data. Get the answers you need to choose wisely.


Session 3: Emerging Trends in Cybersecurity and Risk Management

Presented by: Urs Fischer, CISA, CRISC, Owner, Fischer IT GRC Beratung & Schulung

Urs Fischer Fischer is a governance expert with proven knowledge of IT Governance, operational and IT risk management, internal control systems, and information and infrastructure security. Urs was a member of ISACA’s COBIT Steering Committee for multiple years and as a volunteer for ISACA was involved in the development of different COBIT versions and supporting material. For his contributions to the development and enhancement of the common body of knowledge used by ISACA’s constituencies, he received in 2010 the John Lainhart Common Body of Knowledge Award.

Our daily life, economics etc. depend on a stable, secure and resilient cyberspace. We rely on a variety of networks to communicate and travel, power our homes and run our economy. Yet cyber intrusions and attacks have increased dramatically over the last decade, exposing sensitive personal and business information, disrupting critical operations and imposing high costs on the economy.


Session 4: Cyber Threats in Today’s World

Presented by: Leighton Johnson, CISA, CISM, CRISC, CTO, ISFMT

Leighton JohnsonAs CTO of ISFMT (Information Security Forensics Management Team), a provider of computer security, forensics consulting and certification training, Johnson has presented computer security, cyber security, and forensics classes and seminars and conferences across the United States and Europe. He has more than 35 years of experience in computer security, cyber security, software development and communications equipment operations and maintenance, and has delivered multiple presentations for military and civilian conferences for customers and clients worldwide.

  1. What are the threats “out there” that cause the security professional to lose sleep at night?
  2. What are the actual trends and activities that organized crime elements and cyber-terrorists are performing in the identity theft arena and other compromising actions or extortion in order to finance their other criminal efforts?
  3. What are the tools, techniques, and activities that these cyber-criminals and terrorists are using? What do we look for? How do we respond when we find the results?
  4. Why is it so easy? They can and do target our most valuable logistic and infrastructure assets without leaving their home. They can sit anywhere in the world with a phone line, an internet connection and attack at will, whenever they want.

This session will offer answers to these and other pertinent questions surrounding computer security today. We will present the modern tools and techniques of the modern “hacker, cracker, and terrorist” as well as the methods of detection and prevention available. In addition, we will discuss the full scope of the situation today: international and national, private and public, corporate and government and see what is being used to combat these illegal and illicit activities.


Spotlight Session: APT Survey Results

Presented by: Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, FACS CP, Director of Information Security and IT Assurance, BRM Holdich

Jo Stewart-RattrayStewart-Rattray has 25 years of experience in the IT field, some of it spent as CIO in the utilities space, and 16 years in the information security arena. She is a Fellow of the Australian Computer Society and was a member of CIGRE’s international working group B5.38, which assessed information security risks in power system operations within SCADA systems and the implementation of appropriate controls. She is a past international vice president of ISACA and has served as president of the ISACA Adelaide Chapter, and chair of ISACA’s Leadership Development Committee and Security Management Committee. Currently, she is chair of the Audit Committee and a member of the COBIT Security Task Force.

Advanced persistent threat (APT) has been a term used frequently during security threat discussion; however, confusion exists as to what an APT is and how to manage the risk associated with it. Although the study reveals that a large number of respondents feel that APTs are important and have the ability to impact national security and economic stability, the study also demonstrates that the controls being used to defend against APT might not be sufficient to adequately protect enterprise networks.

Further Insight: Participants may submit questions during the live Q&A sessions that follow each presentation.



Live Show:
Date: 19 March 2013
Title: Enterprise Risk Management: Provide Security from Cyberthreats
Show hours: 9:00–16:00 CDT (UTC-6)

Virtual Seminar Agenda

9:00 Doors open
9:15 Session 1: Building a Cloud-Ready Security Program and Live Q&A
10:15 Dedicated networking time in the Exhibit Hall
10:30 Session 2 and Live Q&A
11:30 Dedicated networking time in the Exhibit Hall
11:45 Networking lounge
12:15 Spotlight Session: APT Survey Results
12:45 Networking Lounge
13:00 Session 3: Emerging Trends in Cybersecurity and Risk Management and Live Q&A
14:00 Dedicated networking time in the Exhibit Hall
14:15 Session 4: Cybersecurity and Live Q&A
15:15 Dedicated networking time in the Exhibit Hall
16:00 Doors Close

Why Attend?

Gain exposure to new thoughts and ideas to discover, implement and deliver results. The Virtual Conference provides a convenient and open forum where you can:

  • Participate in educational sessions presented by knowledgeable speakers and industry experts
  • Earn up to 5 CPE hours with no travel cost
  • Connect with peers around the world
  • Explore the exhibit hall in between sessions, and interact with sponsors, speakers, experts and peers

A resource center, complete with additional information and materials such as white papers, ISACA Journal articles and speaker materials, will also be available.


FAQs and Tips for an Enriching, Educational Virtual Experience

How to Earn CPE (472K)

Describe the virtual conference experience.
You (and several hundred of your peers) will enter a vibrant interface to experience expert informational sessions, peer interaction and the sharing of technology solution insights. Attend sessions with security and compliance experts, visit vendor booths for product information and speak with representatives to answer your questions, download background information on enterprise risk management best practices, and interact with your peers.

How will I be reminded of the seminar?
We don't want you to miss this live interactive broadcast. We will send you email reminders with a link to the environment the day before and the morning of the event, and an Outlook calendar invitation to block out the time on your schedule.

What will I get from this virtual seminar?
Walk away with proven techniques from top experts on managing enterprise risk for improved results. This is a great venue to network with hundreds of peers and leading information systems experts, as well as ISACA staff.

PC Requirements
Click Here to Run System Check

For Technical Support, please email support@inxpo.com

To attend this event you will need a Windows PC with Internet Explorer 7.0 (minimum), Firefox 10 or 11, or Google Chrome 18. Mac users will need Firefox 10 or 11, Safari 4.5 or higher, or Google Chrome 18. We support Windows XP, Windows Vista and Windows 7 on PCs;. Leopard, Lion and Snow Leopard on Macs. Red Hat Enterprise Linux Server Release 6.2 (64 bit) is also supported. Adobe Flash Player 10 or higher is required. Access to the internet using high-speed access (Cable, DSL, Network) is highly recommended for the overall environment and required for all presentations. Pop-up blockers must be disabled; cookies and JavaScript must be enabled. On entering the seminar, a system check is run to identify computer requirements essential to interact with the virtual conference. It is recommended to view the environment with the display resolution of 1024 x 768.


The Virtual Conference Environment

  • Exhibit Hall—Stop by vendor booths to learn more about products and services important to you and your organization.
  • Resource Center—Browse content by subject in this digital library. Select content for immediate viewing or save it for future reference.
  • Conference Hall—Make yourself comfortable in a virtual auditorium where speakers and presentations take place.
  • Networking Lounge—Connect with attendees from across the globe. Start a discussion, meet new people or capture the latest information from your peers in this live, dynamic environment.