Virtual Conference: The Next Security Frontier: Automation, Things and Intelligent Machines 


Education Sessions  |  Agenda  |  FAQs  |  Technical Requirements   |  27 June 2017

Earn up to 5 free CPE without the cost of travel!


Attend this free virtual conference and learn to match emerging threats with the most promising new areas of security, such as AI and DevSecOps. 


The Next Security Frontier:
Automation, Things and Intelligent Machines


Threats and Promises: We're as aware as ever of how vulnerable our computing intrastructure can be, with the rise in awareness of nation-state covert operations and the surge malware-based crime such as ransomware, but how do we match emerging threats with the most promising new areas of security, such as AI and DevSecOps?

In this virtual conference, we'll examine the natural affinity of security analytics for machine learning and other types of artificial intelligence, as well as look at process disciplines emerging from DevOps and how they can be applied to increase security. Given the increase in access to data that members of an organization can have, we turn special focus on mitigating insider threats.

Finally, one of the major emerging technology areas where security is a huge concern is the Internet of Things—almost nothing is settled and no one yet knows what best practices will be developed, but it's not too early to consider the risks.

Plan to attend on 27 June 2017 from 8:15AM to 5:00PM EDT to:

  • Connect with thousands of your peers from across the globe
  • Earn 5 FREE CPE hours without the cost of travel
  • Ask questions directly to industry experts and speakers
  • Enhance your professional knowledge

Register today to reserve your seat at this free online event!

  Education Sessions

Session 1: Getting Ahead of the IoT Security Curve

Presenter: Kevin Beaver, Founder and Principal Information Security Consultant of Principle Logic, LLC

Everybody is quick to point out the lack of security that's plagued early IoT products and deployments, but what do you do if you want to take advantage of IoT _and_ still get the security right? Here's a list of elements you'll need to cover, from embedded system security on devices, proper configuration of wireless connectivity, and management of vulnerabilities within cloud back ends.

Kevin Beaver is an information security consultant, expert witness, and professional speaker with Atlanta-based Principle Logic, LLC. With more than 27 years of experience in the industry, Kevin specializes in performing independent security assessments revolving around information risk management. He has authored/co-authored 12 books on information security including Hacking For Dummies (currently in its 5th edition) and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, he’s the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. Kevin can be reached at and you can follow him on Twitter, watch him on YouTube, and connect to him on LinkedIn.

Session 2: Putting the “Sec” Into DevSecOps

Presenter: Johna Till Johnson, President and Senior Founding Partner, Nemertes Research Research

DevOps is emerging as one of the most powerful tools enabling Digital Transformation; in fact, fully 75% of the most successful companies are deploying DevOps today (as compared with just 29% of companies overall). And software operations teams have been focusing on automating their processes for years. As agile development has pushed them to cope with continuous updates to their software deployments, those processes have been increasingly focused on process and automation. But what about security? What are the risks and opportunities that DevOps offers the security community, and what can security professionals bring to the continuous development process? Find out from this session how security professionals can ensure their organizations are implementing DevSecOps properly-and making sure that the code they develop is as secure as it is agile.

Johna Till Johnson is the CEO and founder of Nemertes Research, a 12-year old research-advisory firm specializing in the business impact of emerging technologies. Johnson spearheads Nemertes’ security and risk management practice, where she works with Fortune 200 financial services, manufacturing, utility, and other leading organizations to craft robust, scalable and flexible information security architectures and effectively manage the information security component of an organization’s risk portfolio. Johnson’s career in information security began more than 25 years ago when, as a young engineer, she developed security products for Mosler Security Systems. Since then, she has spent a large part of her career focusing on security architecture, testing, and operations and governance.

Session 3: Cyber Security: Insider Threat Detection, Prevention

Presenter: Jeffrey Ritter, Founder, Ritter Academy

Employees still represent a big threat to information security, as well as the first line of a company's cybersecurity defense. Learn the strategies to mitigate insider threats, including identity access management processes, privileged identity management and best practices to train employees about their role in information security.

Jeffrey Ritter is one of the nation's experts in the converging complexity of information governance, security, the use of digital information as evidence, and the emergence of cloud-based services. He advises companies and governments on successful 21st-century strategies for managing digital information with legal and business value. He is currently developing and teaching courses on information governance at Johns Hopkins University's Whiting School of Engineering and Georgetown University Law.

Session 4: Using AI, Machine Learning to Improve Security Analytics

Presenter: Dave Shackleford, Owner and Principal Consultant of Voodoo Security

IT companies are realizing the business benefits of artificial intelligence and machine learning, but can these technologies also improve data security? Learn how AI, machine learning and systematization of detection and reaction to incidents can improve security analytics and help protect company data. .

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the author of the Sybex book Virtualization Security: Protecting Virtualized Environments, as well as the coauthor of Hands-On Information Security from Course Technology. Dave coauthored the first published course on virtualization security for the SANS Institute, and authored the upcoming course on public cloud security from SANS, as well. Dave currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.

  Agenda and Sessions

Date:  27 June 2017 Virtual Conference
Title:  The Next Security Frontier: Automation, Things, and Intelligent Machines
Show hours:  8:15AM to 5:00PM EDT (All Times EDT / UTC-4)

Further Insight: Participants may submit questions during the live Q&A sessions that follow each presentation.

Virtual Conference Agenda

8:15AM Doors Open
8:45 Session 1: Getting Ahead of the IoT Security Curve (Kevin Beaver)
9:45 Dedicated networking time in the Exhibit Hall
10:00 Technology Spotlight Session
10:45 Dedicated networking time in the Exhibit Hall
11:00 Session 2: DevSecOps (Johna Till Johnson)
12:00PM Dedicated networking time in the Exhibit Hall
12:15 Technology Spotlight Session
1:00 Dedicated networking time in the Exhibit Hall
1:30 Session 3: Cyber Security: Insider Threat Detection, Prevention (Jeffrey Ritter)
2:30 Dedicated networking time in the Exhibit Hall
2:45 Technology Spotlight Session
3:30 Dedicated networking time in the Exhibit Hall
3:45 Session 4:  Using AI, Machine Learning to Improve Security Analytics (Dave Shackleford)
4:45 Dedicated networking time in the Exhibit Hall & Prize Giveaway
5:00 Doors Close

  FAQs and Tips for an Enriching, Educational Virtual Experience

Describe the virtual conference experience.
You (and several hundred of your peers) will enter a vibrant interface to experience expert informational sessions, peer interaction and the sharing of technology solution insights. Attend sessions with security and compliance experts, visit vendor booths for product information and speak with representatives to answer your questions, download background information on enterprise risk management best practices, and interact with your peers.

How will I be reminded of the seminar?
We don't want you to miss this live interactive broadcast. We will send you email reminders with a link to the environment the day before and the morning of the event, and an Outlook calendar invitation to block out the time on your schedule.

What will I get from this virtual seminar?
Walk away with proven techniques from top experts on managing enterprise risk for improved results. This is a great venue to network with hundreds of peers and leading information systems experts, as well as ISACA staff.

  Technical Requirements

Click Here to Run System Check

For Technical Support, please email [email protected]

Computer / Tech Requirements 2016:

User Troubleshooting Guide:

Displaying Secure Content All Browsers:

Displaying Secure Content Internet Explorer 8, 9 and 10

Most companies have firewalls, proxy servers, intrusion detection and prevention and/or web filtering devices in place as a mechanism to maintain a level of security and reliability of their network infrastructure. In some instances, these mechanisms may require adjustment by your company's IT Infrastructure team to ensure a quality user experience for the rich media and interactive features of the INXPO platform.

The link below includes hostnames, IP addresses, and TCP ports used by the INXPO platform as well as the corresponding application functions they provide. If you are having issues with the interactive and/or rich media features of INXPO, this information can be used by a network administrator to help resolve them. This page is updated when necessary so please bookmark it for future references:

Attention Internet Explorer 10 Users: A browser setting change is required before accessing your CPE Certificate. Click here to read more.



Why Attend?

Gain exposure to new thoughts and ideas to discover, implement and deliver results. The Virtual Conference provides a convenient and open forum where you can:

  • Participate in educational sessions presented by knowledgeable speakers and industry experts
  • Earn up to 5 CPE hours with no travel cost
  • Connect with peers around the world
  • Explore the exhibit hall in between sessions, and interact with sponsors, speakers, experts and peers
  • A resource center, complete with additional information and materials such as white papers, ISACA Journal articles and speaker materials, will also be available.

The Virtual Conference Environment

  • Exhibit Hall—Stop by vendor booths to learn more about products and services important to you and your organization.
  • Resource Center—Browse content by subject in this digital library. Select content for immediate viewing or save it for future reference.
  • Auditorium—Make yourself comfortable in a virtual auditorium where speakers and presentations take place.
  • Networking Lounge—Connect with attendees from across the globe. Start a discussion, meet new people or capture the latest information from your peers in this live, dynamic environment.
  • CPE Information—Complete the Post-Event survey and learn how you can earn your CPE Certificate.