Cyber threats affect every enterprise in every industry—no one is too big or too small. Threats don’t take holidays and they are becoming more intrusive and potentially more devastating every day. To help you stay ahead of the most critical issues and find effective solutions, ISACA’s Cybersecurity Nexus (CSX) is hosting the acclaimed CSX 2016 North America Conference.


CSX 2016 brings together thought leaders, experts and professionals at all levels of cyber security as well as the next generation of cyber defenders. Here you can find new connections, innovations and resources to build your cyber security profile and help defend your enterprise from the ever growing cyber security threat.

Make new connections and liven up your experience at CSX by participating in the following activities.

Each activity is designed to enhance your cyber experience while you have fun!

CSX Cyber Challenge Competition

Test your skills or learn new ones by bringing your personal laptop to participate in a unique hands-on, timed, Network Security Competition while attending CSX!


The Cyberchallenge is a network assessment and network defense competition combined into a single event. Individuals will be able to compete for control of common resources and the critical services on those resources. You will be able to accumulate points for controlling and operating critical services such as SMTP, DNS, HTTP, HTTPS, SSH, and so on.


Geared to all levels of competitors, a morning and afternoon session will be available for 50 CSX attendees to participate using your personal laptop. Don’t miss this great opportunity to learn important hands-on skills by competing – all while earning CPE! Be sure to reserve a spot during online registration!


InteliSecure is the first and only Managed Security Service Provider (MSSP) to challenge the status quo in cybersecurity by delivering a hybrid application of expert human intelligence with a proven Critical Asset Protection Program™ methodology. These innovative Managed services are supported by Consulting, Technical, Incident Response and Security Assessment services that prevent data loss, protect privacy and safeguard critical assets.

Modulo offers GRC management solutions. Flexible and powerful software architecture allows companies to manage technology risk, compliance, and policy requirements while managing assets and ensuring business continuity.


Modulo’s software solutions greatly simplify GRC by automating processes enterprise-wide and reducing complexity and cost. Organizations in a broad range of sectors - especially those heavily reliant on extensive technology systems, large vendor networks, and electronic transactions - report a high return on investment from Modulo’s content-rich platform.

Vanguard Integrity Professionals provides enterprise security software and services that solve complex security and regulatory compliance challenges for financial, insurance, healthcare, education, transportation and government agencies around the world. Vanguard provides automated solutions for Audit and Compliance, Operational Security, and Intrusion Management.  The world’s largest Financial, Insurance, Government Agencies and Retailers entrust their security to Vanguard Integrity Professionals.  Vanguard is committed to protecting and securing the Cloud, zOS Security Server and Enterprise environments.  Vanguard provides 24/7/365 live customer support from the United States of America.

Cybersecurity, Trends

and Threats

Cybersecurity Ideas,

Innovations and Insights

At Protecting and Defending Against Cyberthreats and Attacks










7:00A-5:00P Workshop Registration

Condesa Registration Desk-2nd level
7:00A-8:30A Workshop Breakfast

9:00A-5:00P Workshop 1- CSX Fundamentals
Dr. Chase Cunningham

Workshop 2 - Lab Bonanza
Theresa Verity

Workshop 3 - Dev 0
Jason Yorty

Workshop 4 - Python for Security
Phillip Stoner

Workshop 5 - COBIT 5® for NIST
Mark Thomas, CGEIT, CRISC

Workshop 6 –Pentesting
Mathew Morrow

10:30A-11:00A Workshop Refreshment Break

12:30P-1:30P Workshop Refreshment Break

3:00P-3:30P Workshop Refreshment Break






7:00A-12:00P Workshop Registration

Condesa Registration Desk-2nd level
8:00A-9:00A Workshop Breakfast

9:00A-5:00P Workshop 1- CSX Fundamentals
Dr. Chase Cunningham

Workshop 2 - Lab Bonanza
Theresa Verity

Workshop 3 - Dev 0
Jason Yorty

Workshop 4 - Python for Security
Phillip Stoner

Workshop 5 - COBIT 5® for NIST
Mark Thomas, CGEIT, CRISC

Workshop 6 –Pentesting
Mathew Morrow

10:30A-11:00A Workshop Refreshment Break

12:30P-1:30P Workshop Lunch

1:00P-7:00P Exhibitor Setup

3:00P-7:00P CSX Conference Registration

Belmont Registration Desk-4th Level
3:00P-3:30P Workshop Refreshment Break

5:00P-7:00P Welcome Reception

Belmont Commons-4th Level






Conference Registration and Information

Belmont Registration Desk-4th Level
7:00A-8:30A Continental Breakfast



Exhibit Hall and ISACA Bookstore



CISO Forum (by invitation only)



Opening General Session – What They’re Saying About Cybersecurity
Brian Krebs



Session D1 - 3rd Party Risk Management



Refreshment Break



Session 111 - Art of Performing Risk Assessments
Session 112 - A Capability Maturity Model-Sustainable DLP
Session 113 - Network Forensics with Wireshark (Part 1)
Session 114 - The ABCs of Incident Response Management
Session 115 - Fighting Blindfolded–Malware Containment and Mitigation with Incomplete Knowledge (Part 1)
Session 116 - Explore Session Coming soon
Session 117 - Hacking IoT



Session Movement Break



Session 121 - Breach Your Own Castle: Suit Up and Play Offense for Better Security
Session 122 - DevSecOps and the Future of Enterprise Security
Session 123 - Network Forensics with Wireshark (Part 2)
Session 124 - First 12 Hours Post-Breach
Session 125 - Fighting Blindfolded – Malware Containment and Mitigation with Incomplete Knowledge (Part 2)
Session 126 - Explore
Session 127 - Implementing IT Risk Program with NIST CSF



Exhibits, Bookstore and Lunch Buffet
Lunch & Learn (RSVP required)



General Session Keynote: From CSI: to CSX
Anthony Zuiker



Movement Break



Session 131 - Everything has an IP address... HELP!
Session 132 - Containerization Security: What security pros need to know
Session 133 - Enhancing your Security Operations with Active Defense
Session 134 - Handling Breaches in 2016 - Lessons Learned
Session 135 - Don’t Panic! – Incident Response and Recovery
Session 136 - Explore
Session 137 - Handling Human Aspects of a Data Breach



Refreshment Break



Session 141 - A Scorecard for Cyber Resilience
Session 142 - Measuring Security: How Do I Know What a Valid Metric Looks Like?
Session 143 - Building a World Class Threat Intel Program
Session 144 - Privacy in the IoT Era
Session 145 - Recovering & Learning From a Data Incident
Session 146 - Explore
Session 147 - Bringing Order to Data Security Chaos


Expo Hall Networking Reception


“Hidden” Privileged Access - The Need for Security & Compliance for SSH User Keys
Spotlight Education Session 2
Spotlight Education Session 3



Spotlight Education Session 4
Spotlight Education Session 5
Spotlight Education Session 6






7:00A-5:00P Conference Registration

Belmont Registration Desk-4th Level
7:30A-8:30A Continental Breakfast

7:30A-4:00P Exhibit Hall and ISACA Bookstore


General Session Keynote Presentation – Achieving Better Efficiency in Security
Brett Kelsey

9:30A-10:00A Refreshment Break

10:00A-12:00P CSX Cyberchallenge – morning session

10:00A-11:00A Session 211 - Securing IoT
Session 212 - PKI to Secure the Cloud
Session 213 - Web Shell Detection and Mitigation
Session 214 - Incident Response Hands-on Lab (Part 1)
Session 215 - Cyber Security “People Architecture”: The Difference Between Success and Failure
Session 216 - Explore
Session 217 - Conducting a Phishing Awareness Program

11:00A-11:15A Session Movement Break

11:15A-12:15P Session 221 - CISO Success Strategies
Session 222 - Encryption. Encryption. Encryption! Reducing Risk. Increasing Compliance!
Session 223 - Curing Detection Deficit Disorder
Session 224 - Incident Response Hands-on Lab (Part 2)
Session 225 - Get the FUD Out of Cybersecurity!
Session 227 - Measuring and Reporting IT Security Risk

12:15P-1:30P Bookstore, Exhibits and Buffet Lunch
Lunch & Learn (RSVP required)

1:30P-2:30P General Session Keynote Presentation: Mind the Gap: Analyzing Cyber Security Controls that Few Organizations are Implementing, and Why
Ms. Justine Bone

2:30P-5:00P CSX Cyberchallenge – Afternoon Session

2:30P-2:45P Movement Break

2:45P-3:45P Session 231 - How to Gain Board & Executive Support for Your Cyber Program
Session 232 - Cloud Security in a De-Centralized World
Session 233 - Putting Intelligence back into Threat Intel (Part 1)
Session 234 - Malware’s Threat to Critical Infrastructure
Session 235 - Data Exploitation and the Cloud: When Cloud Computing Providers Serve As A Modern Day Chopshop For Enterprise Data Exploitation (Part 1)
Session 236 - Explore
Session 237 - Applying CSF to end Security Whack-a-mole

3:45P-4:15P Refreshment Break and Close of Expo Hall

4:15P-5:15P Session 241 - Cybersecurity in Industrial Control Systems
Session 242 - Biometric Authentication and how it can be used to Combat Crime
Session 243 - Putting Intelligence back into Threat Intel (Part 2)
Session 244 - Practical First Response to CyberSecurity I
Session 245 - Data Exploitation and the Cloud: When Cloud Computing Providers Serve As A Modern Day Chopshop For Enterprise Data Exploitation (Part 2)
Session 246 - Explore
Session 247 - Beyond the Ones and Zeros

5:30P-6:00P Spotlight Educational Session 7
Spotlight Educational Session 8
Spotlight Educational Session 9

6:15P-7:30P Connecting Women Leaders in Technology Networking Event Reception






7:00A-5:00P Conference Registration and Information

Belmont Registration Desk-4th Level
7:00A-8:30A Continental Breakfast and ISACA Bookstore

8:30A-9:30A Session 311 - Useful Risk Assessments
Session 312 - Will Biometrics Kill the Password?
Session 313 - Hacker Culture Shock
Session 314 - Why it Happened, and What Should Have Been Done
Session 315 - Planning for an Insider Incident
Session 316 - Explore
Session 317 - SAP Cybersecurity in the Digital World


Movement Break

9:45A-10:45A Session 321 - Security for the Millennial Age
Session 322 - Modeling the Adversary to Engineer Security
Session 323 - Bug Bounties
Session 324 - Guerrilla Warfare Tactics to Secure (Cell Structure Security)
Session 325 - Plan, Do, Check, Act– How does your Cyber Security Incident Response Plan Measure up?
Session 326 - Explore
Session 327 - Learning from Failure

10:45A-11:00A Movement Break

11:00A-12:00P Closing General Session Keynote
Pablos Holman


Connecting Women Leaders in Technology

Amazing things can happen through facilitated peer-to-peer networking,– including having careers leap forward!  All are welcome to join in on the fun and make new connections to help move your career forward at this fun, interactive Connecting Women networking event.

More information coming soon.












Platinum Sponsors











Develop the organizational understanding to manage cybersecurity risk to systems, assets, data and capabilities. Learn how to focus and prioritize your organization’s efforts, consistent with its risk management strategy and business needs. The Identify track explains asset management, business environment, governance, risk assessment and risk management strategies.



Implement the appropriate safeguards to ensure delivery of critical infrastructure services. The Protect track teaches access control, awareness, and training data security, information protection, processes and procedures, maintenance and protective technology.



Discover cybersecurity events and potential events quickly and effectively. The Detect track focuses on anomalies and events, security, continuous monitoring and detection processes.



Accurately execute and assess the correct actions to manage a security event. The Respond track covers response planning, communications, analysis, mitigation and improvements.



Develop plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event. Initiate timely recovery to normal operations to reduce operational impact. The Recover track examines recovery planning, improvements and communications.


Track 6 | DEFEND:

Go from spectator to hands-on innovator in sessions and activities that range from witnessing the Global CyberLympics World Finals to getting in on the action of data protection and recovery.



Leverage thought leadership and proven experience on processes, technologies and techniques that are newly emerging as “Megatrends” and solutions for cybersecurity and information systems professionals around the world.



Conducted either as a one-day or two-day event, CSX workshops place special emphasis on key cybersecurity topics and offer more in-depth and hands-on experiences than the standard session. Similar to the cyber tracks, the workshops are designed around varying levels of expertise, so that both beginners and experts can focus on the materials most beneficial to their organization.

Tuesday, 18 October


Sunday, 16 October


Welcome Reception

Kick off the conference with a constructive and relaxing networking reception while picking up your Conference credentials. This will be your first opportunity to network and make new contacts, reconnect with colleagues, solution providers and CSX Staff.


Monday, 17 October


Welcome Reception

Enjoy another festive opportunity to meet solution providers in a relaxed atmosphere. Nosh on appetizers and unwind with colleagues in what could be the best happy hour you’ve attended in years.


Are we excited yet?






The Cosmopolitan is a unique luxury resort & casino unlike anything else in Las Vegas. This original destination features residential-styled living spaces with private terraces, a one-of-a-kind restaurant collection and vibrant nightlife. Combine it all with hand-selected boutiques, an unrivaled Pool District, a 100,000 square-foot casino and the serenity of Sahra Spa & Hammam to redefine your Las Vegas experience.


Hotel Cut-off Date: Friday, 23 September 2016


There is a limited number of rooms available at ISACA’s Group Room Rate of $234/night, inclusive of resort fee. Reservations will be taken on a first come-first served basis. All reservations made after the cut-off deadline or after the room block fills are subject to space and rate availability.


To guarantee hotel reservations, a credit card is required at the time of booking. A deposit equal to one night's room & tax will be charged. 72 hour cancellation notice is required prior to your arrival date to receive a refund of your deposit. A valid credit card authorized to pay for your room and tax, plus $50 a night deposit for incidentals must be presented upon check-in.


Standard Group Room Rate for ISACA: $209.00 + $25.00 resort fee + 12% local tax (subject to change) = $262.08/night, single/double occupancy*


Group rates will be offered 3 days prior to and 3 days following the conference, based on availability.


A per night resort fee of $25.00 provides guests with:

High speed Internet access (in-room and public areas)

Access to the 24 hour Fitness Center

Unlimited local, toll free and domestic long distance telephone calls (all 50 states)


Elevate your CSX 2016 North America Conference Experience to New Heights - Add an Enhance Learning Package

Add to your already invaluable cyber event and enhance your conference experience and your stay at The Cosmopolitan of Las Vegas conference venue to the next level.


  • Ground airport transfers to and from McCarran International Airport
  • VIP hotel check-in at the Cosmopolitan of Las Vegas
  • Two complimentary books signed by the keynote authors and VIP access to book signing
  • Reserved seating for keynote addresses
  • Reserved seating for your breakout sessions selected
  • VIP networking experience
  • Priority selection for Hands-on Labs
  • Priority selection for Lunch & Learns sessions


Select "Enhanced Learning Package"

during your registration process.