Virtual Conference: IT Security Roadmap 2019: How to Survive Emerging Threats and Thrive in Complexity 


Education Sessions  |  Agenda  |  FAQs  |  Technical Requirements

Earn up to 5 free CPE!

View Archive



Available On-Demand until 7 December 2018

IT Security Roadmap 2019: How to Survive Emerging Threats and Thrive in Complexity

In almost any direction you look, enterprise IT technology is in a period of wholesale change. One shift that is already having a profound influence on IT security departments is the arrival of AI and machine learning disciplines, particularly as it applies to big data analytics and generating quick comprehension of anomalous events within the IT infrastructure.

Elsewhere, enterprises are moving beyond conventional endpoint attack detection methods, embracing a host of techniques that are collectively being referred to as endpoint detection and response (EDR).

Meanwhile, as users log in from those endpoints, the now commonplace move of account directories to the cloud has facilitated a long-anticipated shift to viewing identity as more of a layer in the security stack, creating new possibilities for managing fine-grained entitlements but also generating important new capabilities for addressing audits and compliance.

Plan to attend on Wednesday 7 November 2018 from 8:15AM to 5:00PM EST to:

  • Connect with thousands of your peers from across the globe
  • Earn 5 FREE CPE hours without the cost of travel
  • Ask questions directly to industry experts and speakers
  • Enhance your professional knowledge

  Download ISACA Contest Rules

  Education Sessions

Session 1: The New IG: The Identity Governance and Compliance Balance

As the number of users, systems and applications in the typical enterprise IT environment has grown, it has become increasingly difficult to maintain accurate and reliable data about very user on every system. Identity governance products not only enable organizations to define, enforce, review and audit identity/access management (IAM) policy, but also map IAM functions to the organization's unique compliance requirements and audit user access to support compliance reporting.

In this session, learn about identity governance strategies to maintain data security and regulatory compliance.

Topics covered will include:

  • Implementing the key components of identity governance, including access requests, access certification, auditing, reporting and analytics, workflow management, entitlement management, and identity lifecycle management.
  • Authentication processes, including how they can fail and what organizations can do to prevent compliance risk
  • Authorization techniques to ensure that user profile data is accurate and reliable.
  • Auditing best practices to audit identity management processes and strategies, including how to test the limitations of identity governance compliance

Session 2: Cybersecurity Analytics Meets AI: Network, IT threat Detection Strategies

With company data spread across multiple on-premises and cloud-based endpoints, conducting cybersecurity analytics is a challenge. Artificial intelligence technologies are helping identify anomalies in IT systems, analyze the network for potential threats and provide notifications when threats are detected. However, AI-based cybersecurity analytic capabilities are still in their infancy, and require human maintenance as well as high quality data to be effective.

In this session, learn how to tap into AI to improve cybersecurity analytics capabilities.

Topics covered will include:

  • Steps to ensure data quality – AI analytics relies on valid, up to the minute network operations data to avoid false positives and incorrect threat detection.
  • Strategies to identify vulnerabilities in IT operations where AI and machine learning capabilities will prove most useful for threat detection
  • Best practices to use AI tech to augment the security team's data protection techniques and operations
  • Cybersecurity data analysis strategies that can be used to improve AI algorithms and their threat detection capabilities

Session 3: Putting an End to Endpoint Security Risks with Modern Tools

Late last year, Gartner redefined endpoint protection to incorporate new approaches and tools, such endpoint detection and response (EDR), to refine this critical aspect of enterprise security. With new vendor solutions coming to market, EDR is front and center in the battle to keep desktops secure in areas where traditional anti-virus tools have fallen short.

In this webcast, independent information security consultant, Kevin Beaver of Atlanta, Georgia-based Principle Logic, LLC will talk about endpoint security risks, what he sees in his work, and what you need to be thinking about in this final, yet elusive, frontier of security. You’ll learn about how EDR vendors are responding to the rise in attack complexity while reducing the management requirements that come with more and more endpoint security controls. You’ll also hear about how you can tweak your systems and processes to fine-tune the oscillation of threats and vulnerabilities at the endpoint to bring your security program full circle.

Session 4: When Worlds Collide: Cybersecurity, Virtualized Infrastructure, and Next-Generation Software Development

Software developers are moving from traditional waterfall to agile and DevOps development based on microservices, microsegmentation, and containers. Infrastructure teams are increasingly virtualizing, deploying software-defined networks (SDN) and software-defined WANs (SD-WANs). But what are the cybersecurity implications of these shifts in software development and infrastructure architecture?

This session takes a cybersecurity lens to the following technology areas:

  • Microservices
  • Microsegmentation
  • Containers
  • SDN
  • SD-WAN

We’ll review these concepts and assess them from two angles. First, we’ll discuss the cybersecurity implications of these technologies, and what steps cybersecurity teams should take to secure them. Then we’ll discuss how next-generation cybersecurity initiatives can take advantage of the inherent capabilities of these technologies.


Check back for more information.

  FAQs and Tips for an Enriching, Educational Virtual Experience

Describe the virtual conference experience.
You (and several hundred of your peers) will enter a vibrant interface to experience expert informational sessions, peer interaction and the sharing of technology solution insights. Attend sessions with security and compliance experts, visit vendor booths for product information and speak with representatives to answer your questions, download background information on enterprise risk management best practices, and interact with your peers.

How will I be reminded of the seminar?
We don't want you to miss this live interactive broadcast. We will send you email reminders with a link to the environment the day before and the morning of the event, and an Outlook calendar invitation to block out the time on your schedule.

What will I get from this virtual seminar?
Walk away with proven techniques from top experts on managing enterprise risk for improved results. This is a great venue to network with hundreds of peers and leading information systems experts, as well as ISACA staff.

  Technical Requirements

Click Here to Run System Check

For Technical Support, please email

Computer / Tech Requirements 2016:

User Troubleshooting Guide:

Displaying Secure Content All Browsers:

Displaying Secure Content Internet Explorer 8, 9 and 10

Most companies have firewalls, proxy servers, intrusion detection and prevention and/or web filtering devices in place as a mechanism to maintain a level of security and reliability of their network infrastructure. In some instances, these mechanisms may require adjustment by your company's IT Infrastructure team to ensure a quality user experience for the rich media and interactive features of the INXPO platform.

The link below includes hostnames, IP addresses, and TCP ports used by the INXPO platform as well as the corresponding application functions they provide. If you are having issues with the interactive and/or rich media features of INXPO, this information can be used by a network administrator to help resolve them. This page is updated when necessary so please bookmark it for future references:

Attention Internet Explorer 10 Users: A browser setting change is required before accessing your CPE Certificate. Click here to read more.



Why Attend?

Gain exposure to new thoughts and ideas to discover, implement and deliver results. The Virtual Conference provides a convenient and open forum where you can:

  • Participate in educational sessions presented by knowledgeable speakers and industry experts
  • Earn up to 5 CPE hours with no travel cost
  • Connect with peers around the world
  • Explore the exhibit hall in between sessions, and interact with sponsors, speakers, experts and peers
  • A resource center, complete with additional information and materials such as white papers, ISACA Journal articles and speaker materials, will also be available.

The Virtual Conference Environment

  • Exhibit Hall—Stop by vendor booths to learn more about products and services important to you and your organization.
  • Resource Center—Browse content by subject in this digital library. Select content for immediate viewing or save it for future reference.
  • Auditorium—Make yourself comfortable in a virtual auditorium where speakers and presentations take place.
  • Networking Lounge—Connect with attendees from across the globe. Start a discussion, meet new people or capture the latest information from your peers in this live, dynamic environment.
  • CPE Information—Complete the Post-Event survey and learn how you can earn your CPE Certificate.