Cyber threats affect every enterprise in every industry—no one is too big or too small. Threats don’t take holidays and they are becoming more intrusive and potentially more devastating every day. To help you stay ahead of the most critical issues and  find effective solutions, ISACA’s Cybersecurity Nexus (CSX) is hosting the acclaimed CSX 2016 North America Conference.


CSX 2016 brings together thought leaders, experts and professionals at all levels of cyber security as well as the next generation of cyber defenders. Here you can  find new connections, innovations and resources to build your cyber security profile and help defend your enterprise from the ever growing cyber security threat.


cybersecurity, trends

and threats

cybersecurity ideas,

innovations and insights

at protecting and defending against cyberthreats and attacks





TIME                                 FUNCTION                                            LOCATIONS

7:00A-5:00P                      Workshop Registration                          Condesa Registration Desk – 2nd level


7:00A-8:30A                      Workshop Breakfast


9:00A-5:00P                      Workshop 1- CSX Fundamentals

                                          Dr. Chase Cunningham


9:00A-5:00P                      Workshop 2 - Lab Bonanza

                                          Theresa Verity


9:00A-5:00P                      Workshop 3 - Dev 0

                                                        Jason Yorty


9:00A-5:00P                      Workshop 4 - Python for Security

                                          Phillip Stoner


9:00A-5:00P                      Workshop 5 - COBIT 5 ® for NIST

                                          Mark Thomas, CGEIT, CRISC


9:00A-5:00P                      Workshop 6 –Pentesting

                                          Mathew Morrow


10:30A-11:00A                   Workshop Refreshment Break


12:30P-1:30P                    Workshop Refreshment Break


3:00P-3:30P                      Workshop Refreshment Break



TIME                                 FUNCTION                                            LOCATIONS

8:00A-12:00P                    Workshop Registration                          Condesa Registration Desk – 2nd level


8:00A-9:00A                      Workshop Breakfast


9:00A-5:00P                      Workshop 1- CSX Fundamentals

                                             Dr. Chase Cunningham


9:00A-5:00P                      Workshop 2 - Lab Bonanza

                                             Theresa Verity


9:00A-5:00P                      Workshop 3 - Dev 0

                                                           Jason Yorty


9:00A-5:00P                      Workshop 4 - Python for Security

                                             Phillip Stoner


9:00A-5:00P                      Workshop 5 - COBIT 5® for NIST

                                             Mark Thomas, CGEIT, CRISC


9:00A-5:00P                      Workshop 6 –Pentesting

                                             Mathew Morrow


10:30A-11:00A                  Workshop Refreshment Break


12:30P-1:30P                    Workshop Lunch


1:00P-7:00P                      Exhibitor Setup


3:00P-7:00P                      CSX Conference Registration


3:00P-3:30P                      Workshop Refreshment Break


5:00P-7:00P                      Welcome Reception



TIME                                 FUNCTION                                                                              LOCATIONS

7:00A-5:00P                       Registration


7:00A-8:30P                       Continental Breakfast


7:00A-7:00P                       Exhibit Hall and ISACA Bookstore


7:30A-4:00P                       CISO Forum (by invitation only)


8:15A-9:30A                       Opening General Session – What They’re Saying About Cybersecurity

                                              Brian Krebs


9:30A-10:00A                     Refreshment Break


10:00A-11:00A                   Session 111 - Art of Performing Risk Assessments

                                           Session 112 - A Capability Maturity Model-Sustainable DLP

                                           Session 113 - Network Forensics with Wireshark (Part 1)

                                           Session 114 - The ABCs of Incident Response Management

                                           Session 115 - Fighting Blindfolded – Malware Containment and Mitigation
                                                                      with Incomplete Knowledge (Part 1)

                                           Session 116 - Explore

                                           Session 117 - Hacking IoT


11:00A-11:15A                    Movement Break


11:15A-12:15P                   Session 121 - Breach Your Own Castle: Suit Up and Play Offense for Better Security

                                           Session 122 - DevSecOps and the Future of Enterprise Security

                                           Session 123 - Network Forensics with Wireshark (Part 2)

                                           Session 124 - First 12 Hours Post-Breach

                                           Session 125 - Fighting Blindfolded – Malware Containment and Mitigation
                                                                      with Incomplete Knowledge (Part 2)

                                           Session 126 - Explore

                                           Session 127 - Implementing IT Risk Program with NIST CSF


12:15P-1:30P                    Exhibits and Lunch Buffet


1:30P-2:30P                      General Session Keynote: From CSI: to CSX

                                             Andrew Zuiker


2:30P-2:45P                      Movement Break


2:45P-3:45P                       Session 131 - Everything has an IP address... HELP!

                                           Session 132 - Containerization Security: What security pros need to know

                                           Session 133 - Updated content coming soon!

                                           Session 134 - Handling Breaches in 2016 - Lessons Learned

                                           Session 135 - Don’t Panic! – Incident Response and Recovery

                                           Session 136 - Explore

                                           Session 137 - Handling Human Aspects of a Data Breach


3:45P-4:15P                       Refreshment Break


4:15P-5:15P                       Session 141 - A Scorecard for Cyber Resilience

                                           Session 142 - Measuring Security: How Do I Know What a Valid Metric Looks Like?

                                           Session 143 - Building a World Class Threat Intel Program

                                           Session 144 - Privacy in the IoT Era

                                           Session 145 - Recovering & Learning From a Data Incident

                                           Session 146 - Explore

                                           Session 147 - Bringing Order to Data Security Chaos


5:15P-7:15P                       Expo Hall Networking Reception


5:30P-6:00P                       Spotlight Education Session  1

                                           Spotlight Education Session  2

                                           Spotlight Education Session  3


6:15P-6:45P                       Spotlight Education Session  4

                                           Spotlight Education Session  5

                                           Spotlight Education Session  6


TIME                                 FUNCTION                                                                                LOCATIONS

7:00A-5:00P                       Conference Registration and Information


7:30A-8:30A                       Continental Breakfast


7:30A-4:00P                       Exhibit Hall and ISACA Bookstore


8:30A-9:30A                       General Session Keynote Presentation – Louder than Words

                                                             Brett Kelsey


9:30A-10:00A                     Refreshment Break


10:00A-12:00P                  CSX Cyberchallenge – morning session


10:00A-11:00A                   Session 211 - Securing IoT

                                           Session 212 - PKI to Secure the Cloud

                                           Session 213 - Web Shell Detection and Mitigation

                                           Session 214 - Incident Response Hands-on Lab (Part 1)

                                           Session 215 - The Data Breach Lifecycle

                                           Session 216 - Explore

                                           Session 217 - Conducting a Phishing Awareness Program


11:00A-11:15A                   Movement Break


11:15A-12:15P                   Session 221 - CISO Success Strategies

                                           Session 222 - Encryption. Encryption. Encryption!

                                                                  Reducing Risk. Increasing Compliance!

                                            Session 223 - Curing Detection Deficit Disorder

                                            Session 224 - Incident Response Hands-on Lab (Part 2)

                                            Session 225 - Title TBD

                                            Session 227 - Measuring and Reporting IT Security Risk


12:15P-1:30P                     Exhibits and Lunch Buffet

                                           Lunch & Learn (by prior RSVP)


1:30P-2:30P                      General Session Keynote Presentation: What We’re Saying

                                             Ms. Justine Bone


2:30P-5:00P                      CSX Cyberchallenge – Afternoon Session


2:30P-2:45P                      Movement Break


2:45P-3:45P                       Session 231 - How to Gain Board & Executive Support for Your Cyber Program

                                           Session 232 - Cloud Security in a De-Centralized World

                                           Session 233 - Putting Intelligence back into Threat Intel (Part 1)

                                           Session 234 - Malware’s Threat to Critical Infrastructure

                                           Session 235 - Data Exploitation and the Cloud: When Cloud Computing Providers

                                                           Serve As A Modern Day Chopshop For Enterprise Data Exploitation (Part 1)

                                           Session 236 - Explore

                                           Session 237 - Applying CSF to end Security Whack-a-mole


3:45P-4:15P                       Refreshment Break and Close of Expo Hall


4:15P-5:15P                       Session 241 - Cybersecurity in Industrial Control Systems

                                           Session 242 - Biometric Authentication and how it can be used to Combat Crime

                                           Session 243 - Putting Intelligence back into Threat Intel (Part 2)

                                           Session 244 - Practical First Response to CyberSecurity I

                                           Session 245 - Data Exploitation and the Cloud: When Cloud Computing Providers

                                             Serve As A Modern Day Chopshop For Enterprise Data Exploitation (Part 2)

                                           Session 246 - Explore

                                           Session 247 - Beyond the Ones and Zeros


5:30P-6:00P                       Spotlight Educational Session 7

                                           Spotlight Educational Session 8

                                           Spotlight Educational Session 9


6:15P-7:30P                       Connecting Women Leaders in Technology Networking Event


TIME                                 FUNCTION                                                                  LOCATIONS

7:00A-5:00P                       CSX Conference Registration and Information


7:00A-8:30A                       Continental Breakfast and ISACA Bookstore


8:30A-9:30A                       Session 311 - Useful Risk Assessments

                                           Session 312 - Will Biometrics Kill the Password?

                                           Session 313 - Hacker Culture Shock

                                           Session 314 - Why it happened, and what should have been done

                                           Session 315 - Planning for an Insider Incident

                                           Session 316 - Explore

                                           Session 317 - SAP Cybersecurity in the Digital World


9:30A-9:45A                       Movement Break


9:45A-10:45A                     Session 321 - Security for the Millennial Age

                                           Session 322 - Modeling the Adversary to Engineer Security

                                           Session 323 - Bug Bounties

                                           Session 324 - Guerrilla Warfare Tactics to Secure (Cell Structure Security)

                                           Session 325 - Title TBD

                                           Session 326 - Explore

                                           Session 327 - Learning from Failure


10:45A-11:00A                    Movement Break


11:00A-12:00P                    Closing General Session Keynote

                                             Pablos Holman







The Cosmopolitan is a unique luxury resort & casino unlike anything else in Las Vegas. This original destination features residential-styled living spaces with private terraces, a one-of-a-kind restaurant collection and vibrant nightlife. Combine it all with hand-selected boutiques, an unrivaled Pool District, a 100,000 square-foot casino and the serenity of Sahra Spa & Hammam to redefine your Las Vegas experience.


Hotel Cut-off Date: Friday 23 September, 2016


Make new connections and liven up your experience at CSX by participating in the following activities outside the conference. Each activity is designed to enhance your cyber experience while you have fun!

Tuesday 18 October,


Test your skills or learn new ones.


Bring your laptop and participate in a timed, Network Security Competition while attending CSX!


The Cyberchallenge is a network assessment and network defense competition combined into a single event. Teams and individuals will be able to compete for control of common resources and the critical services on those resources. You will be able to accumulate points for controlling and operating critical services such as SMTP, DNS, HTTP, HTTPS, SSH, and so on.


Geared to all levels of competitors, a morning and afternoon session will be available for 50 CSX attendees to participate using your personal laptop.   Don’t miss this great opportunity to learn important hands-on skills by competing – all while earning CPE!

More information coming soon.


Tuesday 18 October


Through facilitated peer-to-peer networking, amazing things can happen – including having careers leap forward!  All are welcome to join in on the fun and make new connections to help move your career forward at this fun, interactive Connecting Women networking event.

More information coming soon.



Platinum Sponsors

InteliSecure is the first and only Managed Security Service Provider (MSSP) to challenge the status quo in cybersecurity by delivering a hybrid application of expert human intelligence with a proven Critical Asset Protection Program™ methodology. These innovative Managed services are supported by Consulting, Technical, Incident Response and Security Assessment services that prevent data loss, protect privacy and safeguard critical assets.

Modulo offers GRC management solutions. Flexible and powerful software architecture allows companies to manage technology risk, compliance, and policy requirements while managing assets and ensuring business continuity.


Modulo’s software solutions greatly simplify GRC by automating processes enterprise-wide and reducing complexity and cost. Organizations in a broad range of sectors - especially those heavily reliant on extensive technology systems, large vendor networks, and electronic transactions - report a high return on investment from Modulo’s content-rich platform.

Vanguard Integrity Professionals provides enterprise security software and services that solve complex security and regulatory compliance challenges for financial, insurance, healthcare, education, transportation and government agencies around the world. Vanguard provides automated solutions for Audit and Compliance, Operational Security, and Intrusion Management.  The world’s largest Financial, Insurance, Government Agencies and Retailers entrust their security to Vanguard Integrity Professionals.  Vanguard is committed to protecting and securing the Cloud, zOS Security Server and Enterprise environments.  Vanguard provides 24/7/365 live customer support from the United States of America.

Silver Sponsors
Bronze Sponsors


Supporting Sponsors








Are we excited yet?



There is a limited number of rooms available at ISACA’s Group Room Rate of $234/night, inclusive of resort fee. Reservations will be taken on a first come-first served basis. All reservations made after the cut-off deadline or after the room block fills are subject to space and rate availability.


To guarantee hotel reservations, a credit card is required at the time of booking. A deposit equal to one night's room & tax will be charged. 72 hour cancellation notice is required prior to your arrival date to receive a refund of your deposit. A valid credit card authorized to pay for your room and tax, plus $50 a night deposit for incidentals must be presented upon check-in.


Standard Group Room Rate for ISACA: $209.00 + $25.00 resort fee + 12% local tax (subject to change) = $262.08/night, single/double occupancy*


Group rates will be offered 3 days prior to and 3 days following the conference, based on availability.


A per night resort fee of $25.00 provides guests with:

High speed Internet access (in-room and public areas)

Access to the 24 hour Fitness Center

Unlimited local, toll free and domestic long distance telephone calls (all 50 states)