Infosecurity ISACA North America Expo and Conference 2019 

2019 Preview Video


2019 Preview Video >>

 

KEYNOTE SPEAKERS

Opening Keynote Speaker

Theresa PaytonTheresa Payton
Former White House CIO & Cybersecurity Authority
More >>

 

 

Closing Keynote Speaker

Jamie BartlettJamie Bartlett
British Author and Journalist
More >>

 

 

Conference Report

Review highlights from last year’s CSX Conferences.

Download 2018 Report >>

 

Infosecurity ISACA North America Expo and Conference 2019

Register Now!

 

 

Infosecurity ISACA North America Expo and Conference will debut in New York City’s Javits Convention Center 20-21 November 2019. The event will leverage ISACA’s Cybersecurity Nexus (CSX) community and solutions with Infosecurity Group, Reed Exhibition’s immersive event series staged worldwide for the infosecurity industry.

Download Event Brochure

ISACA will bring experience developed since the 2015 launch of its CSX Conferences, expert workshop series, certification preparation sessions, and latest developments related to the CSX Training Platform, all to the new event programming. Infosecurity, which entered the North American conference arena in 2017, will build on its strengths in industry expositions, media, immersive learning and leadership networks.

Who Should Attend?

Across workshops, conference programs and exhibition, the first-time 2019 event is expected to draw more than 2,000 attendees and more than 120 exhibitors.

With more than 50 sessions spanning 5 tracks, Infosecurity ISACA North America offers the best-in-class educational content ISACA members and certification holders depend on, plus unprecedented access to leaders in the security industry.

Expand your network, deepen your knowledge, and sharpen your skills at Infosecurity ISACA North America Expo and Conference.

What's in it For You?

  • Earn up to 37 CPEs.
  • Experience customized learning — Attend the sessions that matter the most to you and your enterprise.
  • Interact face-to-face — Gain insights and share ideas with colleagues from around the world.
  • Update your knowledge — Acquire the latest skills while earning valuable CPE credits.
  • Gain techniques, tools, and strategies — Learn today’s leading practices for successful outcomes.

What's in it For Your Organization?

  • Exceptional value for your training dollars — Session secrets can be shared with colleagues.
  • Access to industry experts — Learn about proven solutions that foster positive outcomes and can be adapted to your organization.
  • Interact with leading vendors — Hands-on introductions to products and services that decrease workload and expenses to increase your ROI.
Countdown to
Infosecurity ISACA North America Expo and Conference 2019
11/20/2019

37

CPEHOURS

Earn up to 37 CPE hours by attending this conference.

 

Conference Venue

Jacob K. Javits Convention Center
655 W 34th St
New York, NY 10001

 

Volunteers

Interested in a registration discount? Learn how to volunteer >>


Follow @ISACANews and join the conversation.
Like ISACA on Facebook to stay informed.
Follow @ISACANews on Instagram to see behind the scenes photos of the conference.
Follow ISACA’s Company page on LinkedIn for updates.


  Thank You to Our 2019 Premium Sponsors!

Adobe

A-LIGN

CEQUENCE

CODE42

CyberClarity

Cyber Observer

Expanse

Keeper

Keeper

Lockpath

MetaCompliance

Neverfail

OneTrust

OneTrust

Qualys, Inc

Quest

Resecurity

SecurityScorecard

ShiftLeft

S3 Security

TALA

TEVORA

Vanguard

VENAFI

2019 CONFERENCE PROGRAM

As the program is developed, we will continue to add information to this page – check back frequently for updates!

Tracks

Workshops

All workshops will take place at the Wyndham New Yorker
481 8th Avenue, New York, NY 10001

2-day Pre-Conference Workshops
Monday, 18 November & Tuesday, 19 November | 9:00AM – 5:00PM

1-day Pre-Conference Workshops
Tuesday, 19 November | 9:00AM – 5:00PM

1-day Post-Conference Workshops
Friday, 22 November | 9:00AM – 5:00PM

NEW IDEAS

Do you have a topic that you think should be offered at this conference? We want to know! Tell us about it by submitting your idea on Twitter!

 

 

Opening Keynote Speaker

Theresa PaytonTheresa Payton
Former White House CIO & Cybersecurity Authority
More >>

 

 

 

Closing Keynote Speaker

Jamie BartlettJamie Bartlett
British Author and Journalist
More >>

 

 

CONFERENCE SCHEDULE AT-A-GLANCE

Monday, 18 November

Time  

9:00AM – 5:00PM

Workshops will take place at The New Yorker Hotel
WS1–Accelerated CSX Cybersecurity Practitioner Certification Workshop SOLD OUT!
WS2–The Truth About AI, Machine Learning and Cyber Security Revisited


Tuesday, 19 November

Time  

9:00AM – 5:00PM

Workshops will take place at The New Yorker Hotel
WS1–Accelerated CSX Cybersecurity Practitioner Certification Workshop SOLD OUT!
WS2–The Truth About AI, Machine Learning and Cyber Security Revisited
WS3–Auditing Microsoft 365 and Azure Cloud Security SOLD OUT!


Wednesday, 20 November

Time  

7:30AM – 6:00PM

Registration Open

8:00AM – 8:30AM

Keynote Coffee

8:30AM – 9:30AM

Opening Keynote – Theresa Payton

9:00AM – 7:00PM

Expo Hall Open

9:30AM – 10:00AM

Refreshments Expo Floor

9:30AM – 10:15AM

Geek Street 1—Practical Approach to Application Security Assessment

10:00AM – 10:50AM

111—Dark Web Review - a Deep Dive into a Dark World
112—Code Signing: A Security Control That Isn’t Secured
113—Hacking to Teach Cyber Awareness in an Organization
114—How Global Expansion Affects Cybersecurity Risk
115—Take a Ride on the Dark Side - Data on the Dark Web
116—Quantifying Unknown Cyber Risks

10:25AM – 11:10AM

Geek Street 2—Planning Complex Cyber Audits. The Case Of Galileo Ground Segment (1,500 MEuros)

10:50AM – 11:00AM

Session Movement Break

11:00AM – 11:50AM

121—Using Cloud Access Security Brokers to Stop SaaS Data Leaks
122—Automating Secure Development: Practical DevSecOps in a Scaled Agile Framework (SAFe) Culture
123—Cyber Leadership in an Ecosystem Context
124—Illuminating the CISO’s ICS Blind Spot
125—Analyst View: Cybersecurity and Big Data Pay, Jobs, Skills/Certifications Review and Forecast
126—Improve Security, Privacy and Compliance with Continuous Oversight

11:20AM – 12:05AM

Geek Street 3—Systemic Flaws in the Internet of Things

11:50AM – 1:20PM

Networking Lunch

12:15PM – 1:00PM

Geek Street 4—With Friends Like These, Who Needs Enemies?

1:10PM – 1:55PM

Geek Street 5—Using Chaos Engineering for Resilient Cloud Infrastructure Security

1:20PM – 2:10PM

131—Assessing Integrated Risk Intelligently
132—Cyber Terrorism - Real Threats Exist
133—Bat Cave to Board Room, Selling Technology Solutions to Upper Management
134—Security Key Point Indicators or "How to Measure Security from the Governance Perspective"
135—Leveraging Behavioral Analytics to Strengthen Internal Controls
136—Trust but Verify: Building a Third-Party Cyber Risk Program

2:05PM – 2:50PM

Geek Street 6—Meet the Bots - Our New Security Auditors

2:10PM – 2:20PM

Session Movement Break

2:20PM – 3:10PM

141—Exposing The Dark Overlord – Using OSINT to Identify a Group of Modern-Day Cyber Terrorists
142—Cyber-attacks on Industrial Technology and SCADA Systems
143—Implementing a Cybersecurity Skills Competencies Framework
144—Making Cents of Maturity: Building Resistive Strength
145—Effective Key Steps into Digital Forensics and Incident Response (DFIR)
146—Turn Corp Compliance Policies into Testable Requirement for the Mainframe

3:00PM – 3:45AM

Geek Street 7—Secure Composition: How Tooling Can Improve Security

3:10PM – 3:40PM

Refreshment Break

3:40PM – 4:30PM

151—The New Security Frontier: AI, Threat Hunting, Behavioral Anomalies, and Automated Response
152—Don't Lose Your Crypto: Scams, Hacks, and Pitfalls of Blockchain Assets
153—Can You Hear Me Now? Improving Conversations between Security and ‘the Business’
154—Next Gen Risk Assessment - Can it Save My Bacon Both with Regulators and in Litigation?
155—Hacker-Powered Data: The Most Common Security Weaknesses and How to Avoid Them

3:55PM – 4:40PM

Geek Street 8—How Artificial Intelligence Used For Fraud Investigation Can Prevent Insider threats

4:30PM – 7:00PM

Cyber Soiree

4:50PM – 5:20PM

SS1—The Rising Tide of Privacy: Finding the Commonalities
SS2—Five Key Trends in Application Security
SS3—Back to Basics: The Fundamentals of Cyber Hygiene

5:30PM – 6:30PM

SS4—Addressing IT Security in an Evolving IT Industry

5:30PM – 6:00PM

SS6—Optimize ITGC Testing by Automating User Access and Segregation of Duties Assessments


Thursday, 21 November

Time  

7:30AM – 4:00PM

Registration Open

8:00AM – 8:30AM

Keynote Coffee

8:30AM – 8:40AM

Session Movement Break

9:00AM – 5:00PM

Expo Hall Open

8:40AM – 9:30AM

211—End-To-End Injection Safety at Scale
212—How Weakness in DNS and Email Superpowers BEC Attacks
213—Auditing with SOC-CMM: Cyber Security Detection and Incident Response
214—Risk Informed Privacy Management: The NIST Privacy Framework
215—Information Governance - the Foundation for Information Security

9:30AM – 10:00AM

Refreshments Expo Floor

9:30AM – 10:15AM

Geek Street 9—IoT Hacking for Beer

10:00AM – 10:50AM

221—Death by Automation - Accelerating Your SOC Using Open Source Tools
222—Using Passive DNS to Strengthen Incident Investigation and Response
223—Dynamic Information Security in a Static Organizational Culture
224—How to Train Your Robot: Security Governance for RPA Solutions
225—How to Use Your CAAT to Prevent Ghosting with One Snap
226—A New Strategy for Effective Cyber Security Awareness Campaigns

10:25AM – 11:10AM

Geek Street 10—Threat Perspective from a Reformed Red Teamer

10:50AM – 11:00AM

Session Movement Break

11:00AM – 11:50AM

231—Continuous Fuzzing: The Trending Security Technique Among Silicon Valley’s Tech Behemoths
232—Multidimensional Attack Path Analysis: Eliminating Network Blind Spots
233—From Zero Awareness to Accelerating and Scaling A Diverse Nextgen Into Cyber and Risk Professionals
234—Crypto-Agility: Responding Quickly to Cyber Security Events
235—Statistical Analysis of Network Exposure
236—Fighting Crime with Compliance: SOC for Cybersecurity

11:20AM – 12:05PM

Geek Street 11—An Attack on an API Server: What Happened, and What Were the Malicious Actors Looking For

11:50AM – 1:20PM

Networking Lunch

12:15PM – 1:00PM

Geek Street 12—Securing an IoT Endpoint from Creation to Cloud

1:10PM – 1:55PM

Geek Street 13—Cyber Hunt

1:20PM – 2:10PM

241—Authorization Using Attributes
242—5G Security: New Vulnerabilities, New Solutions
243—A New Employer-Driven Model of Cyber Workforce Development For Dell
244—Using NIST Frameworks with COBIT 2019
245—From Heist to Hostage Situation: The Rise of the Modern Bank Robbery

2:05PM – 2:50PM

Geek Street 14—Cyber Hunt

2:10PM – 2:20PM

Session Movement Break

2:20PM – 3:10PM

251—DNS - A Phishing Chokepoint
252—Offensive Threat Models Against the Supply Chain
253—The ROI of Information Security Teams
254—Security Risks Your Auditors Care About in a Cloud Native & DevOps World
255—Artificial Intelligence Is the Next Turn on Data Analytics. Are You Ready?

3:00PM – 3:45PM

Geek Street 15—CMMI® Institute: Building Resilience Through a Risk-Based ‘Cybermaturity’ Approach

3:10PM – 3:40PM

Refreshment Break

3:40PM – 4:30PM

261—Modernize Your Incident Response Program for the Cloud
262—Using the Distributed Vulnerability Assessment to Improve the Security Level
263—How to Articulate the Value of Information Security to Senior Management?
264—Enterprise IT Governance and DevSecOps: A Grounded Theory Literature Review
265—Creative Visualization with Data Analytics

3:55PM – 4:40PM

Geek Street 16—Securing Blockchain Platforms: What You Need to Know

4:30PM – 4:45PM

Session Movement Break

4:45PM – 5:45PM

Closing Keynote – Jamie Bartlett

5:45PM – 7:00PM

Closing Networking Drinks

6:00PM – 6:30PM

Spotlight Educational Sessions


Friday, 22 November

Time  

9:00AM – 5:00PM

Workshops will take place at The New Yorker Hotel
WS4–Penetration Testing in a Cloud Environment

 

Conference Registration Fees

Passes Regular Ticket Price ISACA Member* Provides Access To

Full Conference Pass

$1,550

$1,400

Morning Keynote, ISACA Education tracks, Expo, Networking Lunch, Networking Party, Expo Floor and partner content**


Workshop Only
WS1
WS2
WS3
WS4

Varies by workshop
$1,399
$1,050
$850
$850

Varies by workshop
$1,299
$850
$650
$650

Workshop session only (+Expo both days)


Expo & Keynote

$299 pre-event / $349 at event

$249 pre-event / $299 at event

Expo, Opening & Closing Keynote, Networking Lunch, Networking Party, Expo floor & partner content**


Expo Only

$199 pre-event / $249 at event

$149 pre-event / $199 at event

Expo, Networking Lunch, Networking Party, Expo floor & partner content**


Day Pass

$50

$50

Expo floor & partner content**



Cancellation Deadline: Friday, 18 October 2019

*Member Disclaimer
Discounts for the Conference are available to ISACA members. Please enter your accreditation number during step one (1) of the registration process and the discount will be applied automatically at checkout. Note that discounts cannot be applied retroactively.

**Partner Content
Your pass grants access to the ISC East, Unmanned Security Expo and Infosecurity exhibit halls, as well as the Infosecurity ISACA North America Innovations Sessions and Geek Street Theater.

Registration and Payment Policy

Registration submissions for this conference and any additional workshops are not processed, and a seat is not confirmed or reserved, until full payment is received. All submissions not paid in full will be placed on a waitlist and priority will be given to paid registrants in a payment first-come, first-serve basis. Space is limited, so it is highly recommended that payment is provided at the time of submission to guarantee a seat within the conference and all related events.

Payments must be remitted to Circdata Ltd.  For questions regarding payment please email infosec@circdata.com or by phone at +44 (0) 1635 588492.  Office hours are Monday – Friday 17:30 GMT. Circdata Ltd. is operated out of the United Kingdom, foreign transaction fees may apply when remitting payment.

Discounts for the Conference are available, detailed below. To verify eligibility for any of these discounts, please contact https://support.isaca.org or +1.847.660.5505. Note that discounts cannot be applied retroactively. All discounts are applied to the main conference registration fee, and cannot be applied to workshop registrations.

You must be 21 years of age or older to attend this event.

Group Discounts

ISACA offers discounts to organizations sending 4 or more employees to a single conference. Group registrations must be processed in a single registration transaction. Please contact the ISACA Conference department for more details at +1.847.660.5505 or https://support.isaca.org; cannot be combined with any other registration discount offerings.

Government Discounts

ISACA offers a $350 conference registration discount to government employees. Please contact the ISACA Conference department for more details and eligibility verification at +1.847.660.5505 or https://support.isaca.org; cannot be combined with any other registration discount offerings.

Academic and Student Discounts

ISACA offers a $350 discount to academic institution employees and students. Please note that you must be an ISACA Student member in order to receive the student discount; additional membership and qualification details can be found here. For additional registration details and eligibility verification, please contact ISACA’s Conference Department at +1.847.660.5505 or https://support.isaca.org; cannot be combined with any other registration discount offerings.

Cancellation Policy

All cancellations must be received by the published deadline to receive a refund of registration fees. A cancellation charge of US $295 will be subtracted from conference refunds, and US $50 per workshop from workshop refunds. No refunds can be given after the cancellation deadline above.

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, conference fees must be received by the published deadline. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact the ISACA conference department.
Phone: +1.847.660.5505
Fax: +1.847.253.1443
E-mail: https://support.isaca.org

 

Disclaimer

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.


Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the web site at www.isaca.org/membership or contact the membership department at membership@isaca.org.

NOTE: This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.


Consent Language for Photos, Audio and Video Recordings Taken at Events or for Marketing Purposes

I agree irrevocably and free of charge that ISACA or any third party who is acting on ISACA’s behalf may create images, videos and/or sound recordings of me (“works”) at the event for marketing purposes. For these purposes, the granting of rights in the works also includes the rights to adapt, reproduce, distribute, perform, making available to the public, broadcast, retransmit or sublicense the works to ISACA’s affiliates. The granting of rights in the works also includes all current and future media, goes beyond the repetition of an event and is not restricted to time or territory. View ISACA’s Privacy Notice >>


Dress

Business casual is appropriate for this and all ISACA conference events.

Conference Venue

Jacob K. Javits Convention Center
655 W 34th St
New York, NY 10001

Hotel Information

Please use the link below to view all hotel options available for the Infosecurity ISACA North America Expo and Conference.

Click Here to View Hotels & Make Reservations!

There will be shuttle service available from select hotels to the Javits Center. Please click here for full schedule of transportation.

Route 1 | Marriott Marquis, Doubletree Times Square, Yotel
Route 2 | Wyndham New Yorker,  Crowne Plaza Midtown, Even, Springhill Times Square South, Element New York Times Square, Doubletree Times Square West, Homewood Suites Times Square South,  Embassy Suites Midtown, Courtyard Times Square

 

 

Thank you to our 2019 sponsors!

Infosecurity ISACA North America is an immersive event for the information security community where you will access to a high-level conference program with well-respected speakers, an expo floor with the latest tech & solutions and a host of networking opportunities.

  Platinum

Galvanize


Galvanize builds security, risk management, compliance, and audit software for some of the world’s largest organizations. We’re on a mission to unite and strengthen these different teams through the collective HighBond software platform. But we don’t just make technology—we provide tools that strengthen individuals so they can achieve great things and change the world in the process.

 

Vanguard

For more than 30 years, Vanguard has safeguarded the mission critical data and applications for the United States and other governments and the world’s largest financial, healthcare and retail organizations. Vanguard Integrity Professionals is the largest independent provider of enterprise security software addressing complex security and regulatory compliance challenges. Vanguard continuously drives innovation in security software and technology to stay ahead of evolving regulatory requirements and an ever-changing threatscape. Led by some of the most knowledgeable minds in the cybersecurity industry our security solutions lead the industry.

 

 

  Gold

Adobe


Making great experiences requires trust. Only Adobe gives everyone — from emerging artists to global brands — everything they need to design and deliver exceptional digital experiences. Learn how we help ensure they are trusted experiences at trust.adobe.com.

 

A-LIGN


A-LIGN is one of three solution providers that can offer a consolidated approach to information technology and information security audits. A-LIGN is a HITRUST CSF Assessor firm, Qualified Security Assessor Company, Accredited ISO 27001 Certification Body, Accredited FedRAMP 3PAO and licensed CPA firm. With the ability to work with small businesses to the largest of enterprises, A-LIGN leverages its industry expertise to guide organizations towards security, compliance and privacy services that will enhance their information security to prevent cyber threats, and reduce risk, turning their security into a competitive edge.

 

CyberClarity360


CyberClarity360™ is a sophisticated third-party cyber risk management solution that helps organizations efficiently assess and confidently track the cybersecurity and resilience of their third parties. CyberClarity360 quantifies cyber risk by leveraging a transparent scoring and analysis system designed to deliver compliance assessment against several regulatory frameworks, including NY DFS, GDPR, NIST CSF, and more, enabling informed risk-based decisions and unique insight into often overlooked risk areas not only at control level detail, but also portfolio-wide.

 

Expanse

Expanse discovers your unknown Internet assets and what’s talking to them. We continuously discover, track, and monitor the dynamic global Internet edge for the world’s largest organizations. Our platform discovers an organization’s global Internet edge and identifies its IP space, known and unknown assets, and their configurations. We enrich those asset views with global flow data to link a complete picture of edge attack vectors to the communications that indicate a data breach, misconfiguration, or policy violation. F500 organizations like Capital One, CVS, Allergan, and many more trust Expanse to define and secure their global network edge.

 

MetaCompliance


With over 12 years’ experience in the Governance Risk and Compliance (GRC) market, MetaCompliance provides an innovative solution for compliance and staff awareness automation. The MyCompliance suite was created to meet customer need for a single solution to manage their ISO27001, compliance and data protection requirements. With a focus on staff awareness and security risk management, customers are able to manage a diverse range of functionality that includes eLearning, simulated phishing alongside policy management, vendor management, risk management and regulatory reporting.

 

SecurityScorecard


SecurityScorecard helps enterprises gain operational command of their security posture and the security posture of their third-parties through continuous, non-intrusive monitoring. The company’s approach to security focuses on identifying vulnerabilities from an outside perspective, the same way a hacker would. SecurityScorecard’s proprietary SaaS platform offers an unmatched breadth and depth of critical data points including a broad range of risk categories such as Application Security, Malware, Patching Cadence, Network Security, Hacker Chatter, Social Engineering, and Leaked Information. For more information, please visit www.securityscorecard.com

 

  Silver


CEQUENCE


Cequence Security is a venture-backed cybersecurity software company. Its mission is to transform application security by consolidating multiple innovative security functions within an open, AI-powered software platform that protects customers web, mobile, and API-based applications – and supports today’s cloud-native, container-based application architectures. The company’s led by industry veterans that previously held leadership positions at Palo Alto Networks and Symantec. Customers include F500 organizations across multiple vertical markets, and the solution has earned multiple industry accolades.

 


Cyber Observer


Cyber Observer is a powerful, comprehensive and easy-to-use management solution that enables CISOs, Chief Compliance Officers and IT executives to effectively secure their organizations against cyber-threats. Cyber Observer uses a patented core engine and Critical Security Controls measurements to present a clear picture of enterprise-wide cybersecurity ecosystem status and preparedness at any given moment, alerting to breaches and threats as they arise and actions to be taken to secure critical infrastructures across the security environment.

 

Neverfail

Neverfail is the leading provider of continuous compliance and high availability solutions, trusted by 4,000 customers in over 60 countries. Neverfail automates evidence collection, control monitoring, and remediation management for organizations burdened by SOC 2, NIST, GDPR, and FedRamp requirements.

 

Quest


Your technology challenges never stop changing, so neither do we. Whether it’s data explosion, cloud expansion, security threats or something new, we’ll work with you to help you solve your toughest IT challenges. Since 1987, we’ve provided software solutions for the fast paced world of enterprise IT.

 

Resecurity


Resecurity is a cybersecurity company headquartered in Los Angeles, California. The company provides next-generation endpoint protection and intelligence-driven cybersecurity solutions to leading Fortune 500 corporations and governments worldwide.

 


S3 Security


Specialized Security Services, Inc. (S3) develops and maintains custom-tailored cyber security programs, so you can elevate security to where it belongs—top of mind and top down. We are a women-owned, global cyber security firm with headquarters in both Dallas, TX and Europe. For over two decades, our expert team has successfully assisted organizations with the implementation and oversight of their information security, privacy and regulatory compliance programs. S3 bridges the gap between your business goals, cyber security needs and compliance requirements to become your trusted and valued security partner for life.

 

  Bronze


CODE42


Code42 is the leader in data loss protection, visibility and recovery solutions. Native to the cloud, the Code42 Data Loss Protection solution rapidly detects insider threats, helps satisfy regulatory compliance requirements and speeds incident response — all without lengthy deployments, complex policy management or blocks on user productivity. For more information, visit code42.com.

 


Keeper


Passwords represent the greatest security risk to businesses today. With Keeper, your employees have on-demand access to encrypted passwords, websites and applications increasing their productivity while protected with best-in-class security.

 

Lockpath


Lockpath is an enterprise software company that helps organizations understand and manage their risk. The company’s line of integrated risk management solutions provides companies with the means to efficiently and effectively identify, manage, and monitor risks, for a more agile and resilient business. Lockpath serves a client base of global organizations ranging from small and midsize companies to Fortune 10 enterprises in more than 15 industries.

 

OneTrust


OneTrust is the #1 most widely used privacy, security and third-party risk technology platform trusted by 3,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world’s privacy and security laws. OneTrust’s three primary offerings include OneTrust Privacy, OneTrust PreferenceChoiceand OneTrust Vendorpedia. For more, visit OneTrust.com.

 


OneTrust


Building on Purdue's mission to provide greater access to affordable, high-quality education, Purdue University Global is a public, nonprofit institution that offers a world-class education online. Purdue Global delivers personalized online education tailored to the unique needs of adults who have work or life experience beyond the classroom.

 


Qualys, Inc


Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions that help organizations streamline and consolidate their security and compliance solutions and build security into digital transformation. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously across global IT assets. 

 

ShiftLeft


ShiftLeft combines next-generation static code analysis (to quickly and accurately identify vulnerabilities) with a micro agent (to protect the application and confirm reachability), in an automated workflow. ShiftLeft’s code analysis is typically 10-40X faster and 3X more accurate than traditional SAST vendors.

 


TALA


Tala Security protects modern websites and web applications from critical and growing threats, such as cross-site scripting (XSS), Magecart, website supply-chain attacks, clickjacking and others. Tala prevents attacks by automating the deployment and dynamic adjustment of standards-based security controls such as Content Security Policy (CSP), Subresource Integrity (SRI), HTTP Strict Transport Security (HSTS) and other web security standards.


Tenable, Inc.


Tenable, Inc., is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk.


Tevora


Tevora is a specialized management consultancy focused on cyber security, risk and compliance services. From our offices in California and New York, we service national and international companies, institutions and governments.

 


VENAFI


Venafi is the cybersecurity market leader of machine identity protection, securing machine-to-machine connections and communications by orchestrating cryptographic keys and digital certificates for SSL/TLS, code signing, mobile and SSH. Venafi provides global visibility of machine identities and associated risks for the extended enterprise—on premises, mobile, virtual, cloud and IoT.

 

 

  Supporting Sponsors

Akrup Arctic Wolf Networks

Axence

Binary Defense

Brandshield

Carson & SAINT

CMMI Institute

Cyber Defense Magazine

Cylidify

Darktrace

Dekra

Delve

EC-Council

GreatHorn

GreyCastle Security

hackerone

LOGICGATE

Normshield

Pen Test

perimeter81

Reflectiz

riskrecon

TruOps

TruOps

Whistic

 

2019 Innovation Sessions

IN1: How to Avoid a Data Breach, Sponsored by Keeper Security, Inc.
Wednesday, 20 November | 9:35AM – 9:55AM

IN2: Identities, Icebergs, and Headlines, Sponsored by Venafi, Inc.
Wednesday, 20 November | 12:10PM – 12:30PM

IN3: Employees are Taking Data when They Quit, Sponsored by Code42
Wednesday, 20 November | 12:40PM – 1:00PM

IN4: University and Education Partnerships, Sponsored by Purdue University Global
Wednesday, 20 November | 3:15PM – 3:35PM

IN5: How to Communicate Your Risk and Security Program Value to Executives, Sponsored by Lockpath, A NAVEX Global Company
Thursday, 21 November | 9:35AM – 9:55AM

IN6: Leveraging Provable Security: Achieve Security Assurance in the Cloud, Sponsored by Tevora
Thursday, 21 November | 12:10PM – 12:30PM

IN7: Overcoming Today’s Most Pressing Third-Party Risk Management Challenges, Sponsored by OneTrust LLC
Thursday, 21 November | 12:40PM – 1:00PM


2019 Technology Showcase Sessions

Tech3: Do You Know If Your IT Infrastructure Is Secure? Explore How to Answer This Question and Hear True Tales from the Cybersecurity Trenches, Sponsored by Arctic Wolf Networks
Wednesday, 20 November | 11:00AM – 11:20AM

Tech4: Magecart & Beyond. Massive Client-Side Website Vulnerability, Sponsored by Tala Security
Wednesday, 20 November | 11:25AM – 11:45AM

Tech5: Inserting Code Analysis into CI w/o Slowing Builds Down, Sponsored by ShiftLeft
Wednesday, 20 November | 1:25PM – 1:45PM

Tech6: The Road to Continuous IT Controls - Bringing a DevOps Discipline to the IT Audit Ecosystem, Sponsored by Neverfail
Wednesday, 20 November | 1:50PM – 2:10PM

Tech7: Cyber AI: Fighting Back with Autonomous Response, Sponsored by Darktrace
Wednesday, 20 November | 2:20PM – 2:40PM

Tech8: See Every Asset. Secure What Matters, Sponsored by Tenable
Wednesday, 20 November | 2:45PM – 3:05PM

 

For Sponsorship and Exhibitor Opportunities

Contact ISACA’s Sponsorship Department
Please address Sponsorship questions to: sponsorship@isaca.org

Questions

Contact ISACA's Learning Solutions Department:
Tel: +1.847.660.5670
Fax: +1.847.253.1443
Click here to submit a question.

Media Inquiries

Contact the ISACA Communications Department:
Tel: +1.847.660.5512 or
+1.847.660.5564
news@isaca.org

Please address Sponsorship questions to: sponsorship@isaca.org