CSX North America Presentations and Descriptions 


As the program is developed, we will continue to add information to this page – check back frequently for updates!

Track 1—Cybersecurity Leadership & Development

The Cybersecurity Leadership & Development track will equip attendees with both theoretical and real-world knowledge from industry leaders and security professionals regarding management best practices and effective career development techniques in the field of Security. Attendees will also learn leadership strategies on how to be more successful in the workplace.


Track 2—Emerging Security Tools & Techniques

This track will provide attendees with concise information on emerging blockchain technology, cognitive technology, and emerging technology and the risks, implications and constraints associated with the adoption of these tools and various best practices to increase security related to them. More and more companies are turning to various emerging tools and techniques to save time and money. This track will equip the attendees with the strategies and common use cases for ensuring data remains secure.


Track 3—Security Risk & Compliance

There are security risks associated with the web and other information technologies. Enterprises are exposed to them due to misconfiguration of systems resulting in vulnerabilities which increase their risk factor. This track will focus on computing security concepts including access control and management, governance, and risk-management strategies and best practices including the requirements to compliance with multiple security-related regulations.


Track 4—Cyber Threat Intelligence & Technologies

This track will focus on the threats associated with operating on the web. Threats and attacks are increasing rapidly. Enterprises erroneously believe their network infrastructures are safe. This track will also focus on methods used to attack corporate networks and how to prevent them.


Track 5—Security Governance

This track will provide attendees with tools and techniques to effective security program to risk and comply with security regulations. It will cover components of the NIST Cybersecurity Framework and the European Privacy regulations. It will also cover concepts and processes that will help an enterprise create and maintain an effective and sustainable security program.


Return to Event Page >>


WS1—Cybersecurity Fundamentals

Saturday, 13 October – Sunday, 14 October

John Tannahill, CISM, CGEIT, CRISC, CSXP
Management Consultant
J.Tannahill & Associates

Why become a cybersecurity professional? The protection of information is a critical function for all enterprises. Cybersecurity is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of Information Technologies (IT). The CSX Fundamentals workshop is designed for this purpose, as well as to provide insight into the importance of cybersecurity, and the integral role of cybersecurity professionals. This workshop will also prepare learners for the CSX Fundamentals Exam.


Saturday, 13 October – Sunday, 14 October

2017 Top-Rated SpeakerMark Thomas, CGEIT, CRISC

The course is designed for individuals who have a basic understanding of both COBIT 5 and security concepts, and who are involved in improving the cybersecurity program for their enterprises. This course is focused on the Cybersecurity Framework (CSF), its goals, the implementation steps, and the ability to apply this information. In addition to learning the core concepts and implementation essentials, this class is full of practical examples, tricks, tips and advice.

WS3—Hands-on Technical Cybersecurity Training

Saturday, 13 October – Sunday, 14 October

2017 Top-Rated SpeakerKeatron Evans
Managing Partner and Cyber Security Lead
KM Cyber Security LLC.

Have you downloaded Kali or other security tools and suites but never quite figured out how to do really useful things with it? Were you once technical and now want to get your technical chops back? Are you new to technical cybersecurity? Does it seem like magic when you see forensics, hacks, or penetration testing done? Never hacked a box, performed packet forensics, or memory forensics? Never actually seen an attack happen in real time? Then come take this training. We will spend one day walking you through completing a successful penetration of a server, then spend day 2 doing incident response and forensics on the server and network you spent day one exploiting. The only pre-requisite skill needed is basic familiarity with the Windows operating system. You will learn the Linux techniques you need during the training. You will leave with the tools and techniques to continue learning and more importantly demonstrate to others what the attacks look like, and how to investigate them.

WS4—CSX-P Lab Bonanza

Saturday, 13 October – Sunday, 14 October

2017 Top-Rated SpeakerFrank Downs
Director and SME, Cyber Security Practice



Dustin Brewer
Manager, Cybersecurity Technical Content

The CSX Practitioner Lab Bonanza offers attendees the opportunity to experience all of the labs presented in the one week Bootcamp in two intensive, action-packed days!

ISACA staff instructors and program developers will guide you through these technically advanced, hands-on labs where you will be dissecting typical problem spots, and learning through detailed insight to ensure your comprehension and application upon return to the office so you are better equipped to overcome threats and create competitive advantages for your career and your organization.

By attending this workshop you will find that by being immersed into the CSX-P process you will be able to develop a more robust background to meet current a future cybersecurity challenges and be better prepared to sit for the rigorous demands of the CSX-P certification program.

*Please note, while this course is intended to help provide insights into the rigors of the CSX P Exam, students will still need to prepare for the exam independently following the conclusion of this workshop. Students will have access to these labs for 6 months following this workshop to help facilitate this ongoing exam preparation.

*Please note: To fully participate in this workshop, all attendees are required to bring a laptop with an Internet accessible browser.

WS5—CSX Packet Analysis Course

Sunday, 14 October

Kevin Keh
Cybersecurity Platform Engineer, Junior



Matt Weber
Cybersecurity Associate

Leverage packets to characterize networks, devices, and people!

The Cybersecurity Nexus (CSX) Packet Analysis Course (CPAC) provides students an understanding of packet and protocol analysis. Students will work with real network traffic captures in real environments and will analyze different communication types and their components. Upon completion, students will be able to passively analyze packet captures and create network topologies and device characterizations – valuable traits in the cybersecurity field.

*Please note: To fully participate in this workshop, all attendees are required to bring a laptop with an Internet accessible browser.

WS6—Develop An Effective Security Roadmap + Program

Sunday, 14 October

Todd Fitzgerald
Managing Director
CISO Spotlight, LLC

For the technical or managerial individual desiring to lead an information security program, providing the steps and information necessary. The session will build a program from the Board of Directors interaction through training the end user.

The session will provide guidance for the technical individual desiring to become a CISO in the future. Coverage includes building an information security program from the security strategy development through implementation of technical security controls and the process challenges. The session will cover interactions with the C-suite, policy development, reporting structures, managerial/operational/technical control selection, security awareness, challenges, frameworks, privacy regulations, law and ethical considerations, security incidents, and interacting with senior and middle management to move the security program forward. This program fills the gap in taking a technical individual and providing insight into what leadership of the security program entails. The individual may be planning a CISO career path in the near term or future, and this will provide the skills necessary.


Return to Event Page >>



Opening Keynote Speaker

Cybersecurity in the Age of Connectivity: A Practical Guide to Protecting What’s Most Important

Laura GalanteLaura Galante
Former Director Of Global Intelligence at FireEye, Ted Speaker

Laura Galante analyzes how states use cyberspace, or more precisely, our information space. She describes a domain where militaries, intelligence services, criminal groups, and individuals actively pursue their interests—with far fewer restraints than in the physical world.

Formerly the Director of Global Intelligence at cybersecurity company FireEye, her teams investigated network activity, profiled advanced cyber threats, and portrayed the political, military, and financial implications of cyber operations. A founding member of Mandiant Intelligence, her work has included leading strategic analysis, developing intelligence capabilities and offerings, and directing intelligence publications including: APT28: A Window into Russia’s State Cyber Espionage; Red Line Drawn: China Recalculates its Use of Cyber Espionage; and Hacking the Street? FIN4 Likely Playing the Market among others.

In November 2016 she spoke at the UN Security Council’s Arria Formula meeting on cybersecurity and international peace and security. She frequently appears on and provides commentary to: CNN, Bloomberg, NPR, BBC, Fox News, The New York Times, The Financial Times, The Wall Street Journal, Reuters, the Associated Press, and other global and industry media.

Prior to her work at FireEye and Mandiant, Laura led the first team analyzing cyber capability development and military doctrine at the U.S. Department of Defense. She supported the 2010 U.S.-Russia bilateral information security talks. Laura holds a J.D. from the Catholic University of America, and a B.A. in Foreign Affairs and Italian from the University of Virginia.

Stories about hacking, fake news, leaked emails, and rigged elections—linked to reports of Russian-sponsored interference—have made alarming, bewildering headlines. But one thing’s for certain—they’re not going away. In the age of social media, information warfare is set to have major consequences for industry, geopolitics, and democracy itself.

To Laura Galante, this is the world we live in—whether we’re ready to accept it or not. And for CEOs of Fortune 500s, as well as leaders in the public sphere, she’s here to remind us that it’s not a matter of if, but when your organization needs to respond. In this talk, this cyberspace expert helps us understand the evolving history of how states have navigated (and manipulated) the digital sphere. How did Chinese military hackers steal a decade’s worth of R&D from global corporations? How did a frequently dismissed state—North Korea—cause the first major US response to a cyber-attack? How did hackers with Wall Street-fluency breach media and healthcare companies so they could play the market? How were pro-Assad hackers able to lure Syrian rebel forces to give up battle plans and supply routes at a critical time in the Syrian war? And how did Russia go from elusive boogey man to actively influencing domestic political dialogues?

Beyond outlining historical junctures, Galante also speaks larger ideas around the new digital zeitgeist: how information can be weaponized, and public opinion can be swayed with a carefully planted idea. She stresses the need for a greater cyber-fluency: how it’s up to us, and not rarified tech experts, to gain a working knowledge of the field. And she reminds us it’s not just systems, but minds that are under attack. In the age of information, critical thinking has never been more crucial—and with Galante, we can renew our commitment to honoring, and questioning, the truth.

Tuesday Keynote Speaker

Cybercrime’s Industrial Evolution

Kevin PoulsenKevin Poulsen
Award-winning journalist and a contributing editor at WIRED magazine and The Daily Beast

A one-time hacker, Poulsen was prosecuted in 1991 for using his illicit access to telephone company systems to cheat at radio station phone-in contests. He began writing in 1997, and later served as editor of SecurityFocus before joining Wired in 2005. In 2006 Poulsen conducted a computer-assisted investigation into the presence of sex offenders on social networking sites, which spawned federal legislation. In 2010, Poulsen broke the news that an Army intelligence analyst named Bradley (now Chelsea) Manning had been quietly arrested for leaking hundreds of thousands of classified documents to WikiLeaks. More recently, Poulsen worked with the late Aaron Swartz to design and develop SecureDrop, an open-source software platform for secure communication between journalists and sources, now used at over a dozen news organizations including the Washington Post and the Associated Press. He is the author of Kingpin: How One Hacker Took Over the Billion Dollar Cyber Crime Underground.

In the last five years Russian hackers have stolen billions from banks in the US and elsewhere, using everything from sophisticated malware to complex social engineer schemes. North Korean hackers grabbed $81 million from a Bangladesh Bank and another $5 million from a BitCoin exchange in Seoul. Nation states have weaponized hacking to steal secrets, sabotage equipment and influence national elections.

It wasn’t always like this. Decades ago a hacker was more likely to be an overly curious teenager or a broke college student than an international criminal mastermind with an eight-figure bank account. Kevin Poulsen, an ex-hacker turned award-winning journalist, will take you through the stunning revolution that transformed hacking from a computer geek’s pastime into a vast underground industry entangled with organized crime and national intelligence services around the world.

Closing Keynote Speaker

NextTech: The Future of Technology, Security, and Threats

P.W. SingerP.W. Singer, PH.D.
Strategist and Senior Fellow at the New America Foundation

Peter Warren Singer is Strategist and Senior Fellow at the New America Foundation, the author of multiple award-winning books, and a contributing editor at Popular Science. He has been named by the Smithsonian Institution-National Portrait Gallery as one of the 100 "leading innovators in the nation," by Defense News as one of the 100 most influential people in defense issues, by Onalytica social media data analysis as one of the ten most influential voices in the world on cybersecurity and 25th most influential in the field of robotics, and by Foreign Policy to their Top 100 Global Thinkers List, of the people whose ideas most influenced the world that year.

Described in The Wall Street Journal as "the premier futurist in the national security environment," Dr. Singer is considered one of the world's leading experts on changes in 21st century warfare, with more books on the military professional reading lists than any other author, living or dead. He has consulted for the US Military, Defense Intelligence Agency, and FBI, as well as advised a range of entertainment programs, including for Warner Brothers, Dreamworks, Universal, HBO, Discovery, History Channel, and the video game series Call of Duty, the best-selling entertainment project in history. He served as coordinator of the Obama-08 campaign's defense policy task force and was named by the President to the US Military's Transformation Advisory Group. He has provided commentary on security issues for nearly every major TV and radio outlet, including ABC, Al Jazeera, BBC, CBS, CNN, FOX, NPR, and the NBC Today Show. In addition to his work on conflict issues, Singer served as a member of the State Department's Advisory Committee on International Communications and Information Policy and as an advisor to IDS. In the entertainment sector, he has received awards/support from the Tribeca Film Institute, Sloan Filmmakers Fund, Film Independent, and FAST Track at the L.A. Film Festival.

Robots, Artificial Intelligence, Cyberwar, 3D printing, bio-enhancements, and a new geopolitical competition; the 21st century is being shaped by a range of exciting, and scary, new trends and technologies. A best-selling author described by the Wall Street Journal as "one of Washington's pre-eminent futurists," and a consultant for groups that range from the CIA and the Chairman of the Joint Chiefs to Hollywood and the Call of Duty video game series, Singer uses an exciting speaking style to explore for an audience the key trends emerging today that will shape the world of technology and security tomorrow.


Return to Event Page >>