CSX 2017 North America 


CSX 2017 North America Preview Watch Now



CSX 2017 North America Opening Keynote Address
Matt Olsen!



CSX 2017 North America Closing Keynote Address
Dr. Mary Aiken!



CSX 2017 North America Tuesday Morning Keynote
Hector Monsegur!



Hurry! Time is running out to register for the cyber conference with over 90% satisfaction!


Attend the Cyber Security Event Designed for You

CSX 2017 North America enables you to:

  • Build your own custom conference with over 70 sessions.
  • Stay on top of the latest cyber security trends, further your cyber career, and make new connections with professionals around the world.
  • Embrace fresh insights, better understand your enemy and discover solutions that will help you safeguard the future of your organization.
  • Go from prevention and protection to possibilities that will add to your personal value and enterprise’s competitive advantage.

Be part of this one-of-a-kind experience:

“Great opportunity to network…will attend again!”
“Relevant info with practical examples”
“Great value…top notch keynotes!”


Countdown to
CSX 2017 North America



Earn up to 32 CPE hours by attending this conference.


Marriott Wardman Park Hotel

Stay in the Heart of the
Conference Action at the
Marriott Wardman Park Hotel

See the Event Destination tab for more information.

 Marriott Wardman Park Hotel

Follow @ISACANews and join the CSX 2017 North America conversation by using the hashtag #CSXNA.
Like ISACA on Facebook to stay informed.
Follow @ISACANews on Instagram to see behind the scenes photos of the conference.
Follow ISACA’s Company page on LinkedIn for updates.

  Thank You to Our 2017 Premium Sponsors!



Grant Thornton



2017 Program Information

Join us for high-impact sessions uniquely built around a multitude of cyber tracks. CSX sessions provide unique opportunities to learn from top experts in the field. Each track is offered in 2 levels of complexity: Essential and Advanced. At CSX 2017 North America you will find an unparalleled degree of customization for your conference education experience.

What is CSX North America?

The CSX North America Conference is one of ISACA’s primary annual events focused on cyber security, current cyber threats, and security. The event centers on cyber security leaders providing attendees with sessions focused on cyber security training, tools, and tactics.


Mark Thomas Workshop Video

2-Day Workshops; Pre-Conference (14 CPE)

Saturday, 30 September | 9:00AM – 5:00PM
Sunday, 1 October | 9:00AM – 5:00PM

1-Day Workshop; Pre-Conference (7 CPE)

Sunday, 1 October | 9:00AM – 5:00PM

As the program is developed, we will continue to add information to this page – check back frequently for updates!

  CSX 2016 North America Program

  CSX 2016 North America Conference Report

Just announced! CSX 2017 North America closing keynote Dr. Mary Aiken!

2017 Closing Keynote Address

The Cyberpsychology of Cybercrime

Dr. Mary Aiken
CyberPsychologist, Author, Speaker

This talk will provide an introduction to the discipline of cyberpsychology focusing on the impact of technology on human behavior. Specifically will cover aspects of forensic cyberpsychology such as human factors in cybersecurity, the psychology of hacking, cyber behavioral profiling and technology solutions to technology facilitated problem behavior.

Dr. Mary Aiken is an expert in cyber behavioral analysis and is involved in many cutting-edge research areas including organized cybercrime, virtual behavioral profiling, human trafficking & technology, cyberchondria, cyberstalking, cyberbullying, cyber ethics, child welfare in cyberspace, and cyber security.

Mary is the Academic Advisor (Psychology) to the European Cyber Crime Centre (EC3) at Europol, Fellow at the Network Science Research Center (NSRC), she is a lecturer in Criminology, Research Fellow at the School of Law Middlesex University, holds a Fellowship in Information Technology, and is a Distinguished Professor of the Practice of Cyber Analytics.

She has worked at an international board level in industry specializing in consumer behavioral profiling, innovation and future thinking. She is a visionary speaker regarding the impact of technology on human behavior and has published and spoken internationally on the subject. A published, peer-reviewed author, Mary has been featured by CBS.com [the CBS show CSI: Cyber is inspired by her work], The New York Post, Newsweek, NPR, Inside Edition, Scientific American, Variety, The Atlantic, The Washington Post, The New York Times, The Sunday Times, The Hollywood Reporter, Time Magazine, Quartz and the Big Think.



1-Day CISO Forum

Monday, 2 October 2017 | 10:00AM - 5:00PM

Request for invitation necessary. Click here to proceed.





2017 Keynote Speakers

Introducing CSX 2017 North America keynote speaker Matt Olsen!

Matt Olsen2017 Opening Keynote Address

The Challenge of Security in an Age of Evolving Threats

Matt Olsen
Co-Founder and President, IronNet Cybersecurity and former Director of the National Counterterrorism Center

Matt Olsen is a co-founder of IronNet Cybersecurity, a technology firm based in Washington, D.C., where he leads business development and strategy. He has served as leading government official on a range of national security, intelligence, and law enforcement issues.

Most recently, Mr. Olsen served for three years as the Director of the National Counterterrorism Center. Created by Congress in response to the attacks of September 11, NCTC is responsible for the integration and analysis of terrorism information and strategic operational planning of counterterrorism activities. Prior to joining NCTC, Mr. Olsen was the General Counsel for the National Security Agency, serving as NSA’s chief legal officer and focusing on surveillance law and cyber operations.

Mr. Olsen worked at the Department of Justice in a number of leadership positions. He served as an Associate Deputy Attorney General, responsible for national security and criminal cases. He also was Special Counselor to the Attorney General and Executive Director of the Guantanamo Review Task Force, where he led the review of individuals detained at Guantanamo. Mr. Olsen served as acting Assistant Attorney General for National Security and helped establish the National Security Division.

From 1994 to 2006, Mr. Olsen was a federal prosecutor in the U.S. Attorney’s Office for the District of Columbia, prosecuting terrorists, violent gang members, and white-collar criminals. Mr. Olsen served as Special Counsel to the Director of the FBI from 2004 to 2005. He began his public service career as a trial attorney in the Civil Rights Division of the Department of Justice.

In addition to his work at IronNet Cybersecurity, Mr. Olsen is a lecturer on law at Harvard Law School, a national security analyst for ABC News, and an adjunct senior fellow at the Center for a New American Security. He also is affiliated with the Berkman Klein Center at Harvard, where he helps lead a project on cybersecurity.

Mr. Olsen graduated from Harvard Law School and the University of Virginia and clerked in the U.S. District Court for the District of Columbia.

2017 Tuesday Morning Keynote Address

My Transition From A Hacker To FBI Asset To The Corporate World

Hector Monsegur
Controversial Hacker, Former de Facto head of Anonymous, Co-founder of LulzSec

This autobiographical lecture explores my transition from the NY projects to being the most sought after hacker and my experience with the FBI and the corporate world. I talk about the realities of cybersecurity and where I see it going and discuss my process, the aftermath and how corporations can learn from my story.

Hector X. Monsegur’s story is complicated.

Growing up in the projects on the Lower East Side of New York in a family trapped in a world of poverty and drugs, his mother left him when he was a child. This led to a closer relationship with the rest of his family and the eventual adoption of his two young nieces when he was only 25 yrs. old.

Trying to find a better life for himself and his nieces, Monsegur found that his computer skills could empower him far above these socioeconomic barriers and his 9th grade education – but also led him into the dark world of hacking.

Known by his online alias “Sabu”, Hector became one of the most effective operatives and a brash voice behind the Anonymous/LulzSec (combining “laughing at your security”) hacker collective.

Hector was instrumental in steering cyber-attacks on targets including Visa, MasterCard, PayPal, Sony and the U.S. Senate. In 2011 he infiltrated the Tunisian government's Web site in support of protesters at the height of the Arab Spring and ruled the “hacktivist” scene by breaching other targets almost daily – from Nintendo, to Rupert Murdock’s News Corp, other Middle Eastern governments and the very security firms supposedly protecting against hackers like him. Later that year, after hacking into an FBI affiliate he was apprehended and became an important government informant.

Hector cooperated with the FBI, providing intelligence on vulnerabilities to prevent future hacks as Anonymous rampaged through hundreds of other targets.

By allowing the government to log his actions as he engaged in hacking activities with his former peers. The FBI reports Hector has helped them prevent more than 300 cyber-attacks in systems controlled by the military and NASA.” - Charlie Rose

Monsegur has now exchanged his hacker “black-hat” for a “white-hat” and now uses his skills to penetrate networks of major retailers, credit card companies and dozens of other companies to find vulnerabilities.

“I’m not ex-LulzSec, I’m not ex-FBI, I’m a security researcher,” says Monsegur. “Sabu was a character. That man doesn’t exist anymore. The person now in front of you is all about legit business, taking care of his family and paying bills.”

Hector will speak Tuesday morning about the importance of understanding your enemy to overcome threats and create competitive advantages for yourself and your organization.


Saturday, 30 September 2017


7:00AM – 5:00PM

Workshop Registration Open

Convention Registration

7:30AM – 9:00AM

Workshop Continental Breakfast

Marriott Foyer Common - Mezzanine

9:00AM – 5:00PM

WS1-Cybersecurity Fundamentals - Session A (Day 1)
WS2-COBIT 5 for NIST (Day 1)
WS3-Know thy Enemy (Day 1)
WS4-CSX Practitioner Lab Bonanza (Day 1)
WS5-Cybersecurity Fundamentals - Session B (Day 1)


Sunday, 1 October 2017


8:00AM– 5:00PM

Workshop Registration Open

Convention Registration

8:00AM – 9:00AM

Workshop Continental Breakfast

Marriott Foyer Common - Mezzanine

9:00AM – 5:00PM

WS1-Cybersecurity Fundamentals - Session A (Day 2)
WS2-COBIT 5 for NIST (Day 2)
WS3-Know thy Enemy (Day 2)
WS4-CSX Practitioner Lab Bonanza (Day 2)
WS5-Cybersecurity Fundamentals - Session B (Day 2)
WS6-IoT + DDoS = Disruptive (Business + Cyber) Risk! (Day 1)


4:00PM – 7:00PM

Conference Registration

Convention Registration

5:30PM – 6:30PM

Welcome Reception

Marriott Foyer Common - Mezzanine

Monday, 2 October 2017


7:00AM – 8:30AM

Continental Breakfast

Exhibit Hall A & B, Lower Level

7:00AM – 5:00PM

Conference Registration Open

Convention Registration Desk

8:30AM – 9:30AM

Opening Keynote – Matt Olsen: The Challenge of Security in an Age of Evolving Threats

Marriott Ballroom

9:30AM – 10:00AM

Refreshment Break

Exhibit Hall A & B, Lower Level

10:00AM – 11:00AM

111–Art of Performing Risk Assessments
112–Internet of Things (IoT): Privacy, Security and Regulation
113–Cloud Security - Detecting Digital Danger
114–Cyber Hunt Operations of Cyber Criminals
115–Insuring Your Cyber Assets
116–Executive Panel: Improving Security Governance for Better Business Outcomes
117–Purposeful Ignorance is No Excuse for Plausible Deniability! Think About It!


11:00AM – 11:15AM

Movement Break


11:15AM – 12:15PM

121–A 180 View of the Cybersecurity Kill Chain
122–Encryption: Policy to Practice
123–Understanding Covert Channels of Communication
124–Practice What You Breach
125–Analyst View: Cybersecurity Jobs Workforce Review
126–Cloud Migration 2.0: Securing IaaS
127–Cyber Across the Organization: How to Fight it Together


12:15PM – 1:30PM

Exhibits and Lunch

Exhibit Hall A & B, Lower Level

1:30PM – 2:30PM

131–Classified or Just Classy - Kicking Ass(ets) with Data Classification
132–Cyber Crime & Terrorism
133–Insider Risk: Automated or Manual Data?
134–eDiscovery, Computer Forensics and Data Collection
135–Practical Risk Management Using COBIT 5 - Part 1
136–Identifying Insider Threats
137–Managing IT Risk in a Threat Filled World: Let’s Get Practical


2:30PM – 2:45PM

Movement Break


2:45PM – 3:45PM

141–Threat-Centric Vulnerability Management
142–Data Loss Prevention Program
143–Taking Risk Measurement Seriously
144–Diagnosing Incidents: Incident or Breach
145–Practical Risk Management Using COBIT 5 - Part 2
146–Packet Hour of Power - Become a Packet Hunter!
147–Bridging the Gap: Measuring and Communicating Risk across the Enterprise


3:45PM – 4:15PM

Refreshment Break

Exhibit Hall A & B, Lower Level

4:15PM – 5:15PM

151–Best Practices for Proactive IT Governance
152–Sex, Lies and Mobile Devices
153–Optimize Defenses Against Invisible Threats
154–IR Decisions - Make them all Beforehand!
155–Teaching SMBs to Think Like an Attacker
156–From IT Audit to Cybersecurity Audit: Bridging The Gap
157–EU Privacy Update: All About the New Disruptive Regulation, The GDPR


5:30PM – 6:00PM

Spotlight Education Sessions 1-3
SES2–Scaling Control Services Across a Multi-Cloud Enterprise
SES3–It is all about the DATA!!


6:15PM – 6:45PM

Spotlight Education Sessions 4-6
SES4–Top Tips for Database Audit and Assessment


5:15PM – 7:15PM

Networking Reception in the Innovation Exchange



Washington after Dark


Tuesday, 3 October 2017


7:30AM – 8:30AM

Continental Breakfast

Exhibit Hall A & B, Lower Level

7:30AM – 5:15PM

Conference Registration Open

Convention Registration Desk

8:30AM – 9:30AM

Tuesday Morning Keynote – Hector Monsegur: My Transition From A Hacker To FBI Asset To The Corporate World


9:30AM – 10:00AM

Refreshment Break

Exhibit Hall A & B, Lower Level

10:00AM – 11:00AM

211–Building Security in the Startup Culture
212–Trends in Cyber-Law 2017
213–Anatomy of a Phish: Why and How Spam Works
214–SHA-1—Foreshadows Future Struggle
215–Cyber Warfare & the New Threats to Security
216–Responding to a Targeted Phishing Attack, Part 1
217–Leveraging Container Technology to Better Achieve Compliance


10:00AM – 12:15PM

SE1–CSX Cyber Challenge: Master’s Class | View Brochure Exhibit Hall A - Lower Level

11:00AM – 11:15AM

Movement Break


11:15AM – 12:15PM

221–Understanding the Risks of Smart Cities
222–Under the Unfluence - Dark Side of Hacking
223–Managing the Space-Time Continuum of Cyberdefense
224–3 Common Misconceptions in Incident Response
225–Legal Issues with Third Party Risk
226–Responding to a Targeted Phishing Attack, Part 2
227–Applied Cognitive Security in the Security Operation Center (SOC) to Keep Pace With a Persistent Threat Landscape


12:15PM – 1:30PM

Exhibits and Lunch

Exhibit Hall A & B, Lower Level

1:30PM – 2:30PM

231–Where Cybersecurity Strategy (Risk Management) and Practical Deployment Meet
232–Blockchain: Transforming Cybersecurity
233–Understanding Your Adversary
234–Finding Ms Right: Cyber Drivers Wanted!
235–Business Driven Security (BDS)
236–IoT: Get Ahead of the Curve
237–Employee Awareness: Principles of an Effective Security Awareness Program


1:45PM – 5:15PM

SE2–CSX Cyber Challenge Competition | View Brochure Exhibit Hall A - Lower Level

2:30PM – 2:45PM

Movement Break


2:45PM – 3:45PM

241–Company Risk Management w/IT Supply Chain
242–Digital Certificates—Next Black Market
243–Practical Physical Security Detection
244–DFIR for the IoT Filled Cloud
245–Scaling and Accelerating the Supply of “Workforce Ready” Entry Level Cyber/Risk Professionals to Effectively Respond and Recover from Incidents
246–Understanding the Critical Security Controls - Practical Defenses Against Advanced Attacks
247–How Machine Learning Can Enhance the Data Classification User Experience


3:45PM – 4:15PM

Refreshment Break

Exhibit Hall A & B, Lower Level

4:15PM – 5:15PM

251–Cybersecurity: Getting the Business Engaged
252–Top 7 Security Solutions for PCI DSS
253–P0wned M4ch1n3 - Recovery Tips for SMBs
254–DFIR for the IoT Filled Cloud
255–Beyond Technology: 2017, The Year Of The Human Factor
256–McAfee SIEM Use Cases
257–Hiring: Find the Needle in the Haystack


5:30PM – 6:00PM

Spotlight Education Sessions 7-9
SES7–Securing Office 365: Your 2017 Action Plan
SES8–Beyond Scoring: A Humanistic Approach to Vendor Risk Management
SES9–Securely Super-Power Your Organization’s Digital Transformation

Exhibit Hall A & B, Lower Level

6:00PM – 8:30PM

SheLeadsTech™:  The Benefits of a Diverse Workforce


Wednesday, 4 October 2017


7:30AM – 8:30AM

Continental Breakfast

Exhibit Hall A & B, Lower Level

8:00AM – 1:00PM

Conference Registration Open

Convention Registration Desk

8:30AM – 9:30AM

311–Developing Next-Gen Cyber Professionals
312–Sprinting to Cybersecurity in 30 Days
313–Extending COBIT 5 - Continuous Enforcement
314–Attack, Investigate, Learn - Part 1
315–Ransomware Recovery - Part 1
316–Prioritize Vulnerabilities in the Cloud


9:30AM – 9:45AM

Movement Break


9:45AM – 10:45AM

321–Red Team Assessment - How to Get Started
322–The Human Exploitation Kill Chain
323–Vulnerability Management is NOT Dead (Despite Our Best Efforts to Kill It)
324–Attack, Investigate, Learn - Part 2
325–Ransomware Recovery - Part 2
326–Biometric Authentication - Combat Crime


10:45AM – 11:00AM

Movement Break


11:00AM – 12:15PM

Closing Keynote – Dr. Mary Aiken: The Cyberpsychology of Cybercrime

Marriott Ballroom


Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a three-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 32 CPE credits; 18 by attending CSX 2017 North America, 14 for the pre-conference 2 day workshops or 7 for the pre-conference one day workshops. ISACA conferences are Group Live and do not require any advanced preparation.

ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site:  www.learningmarket.org.

Please note that the session scanners at the Conference do not track CPE credit hours. You will still need to allocate your CPE hours in “My ISACA” following the conference. Certificates of Attendance will be accessible via your MyISACA account. To view your certificate, log into your account and navigate to the “myDOWNLOADS & CERTIFICATES” tab. There you will find a “MY CPE CERTIFICATES” section where all of your ISACA event CPE Certificates will live.

Your Certificate of Attendance details the maximum number of CPE hours you could have earned by attending this event. CPE policies for each ISACA certification, as well as details on how to report your CPE hours, are available here on ISACA’s website. Reporting can also be done by submitting information on the annual renewal invoice.

Conference Registration Fees

Register and pay before 11:59 PM CT (midnight) on Monday, 25 September 2017
Member US $1,750 Non-member US $1,950

Register and pay after Monday, 25 September 2017
Member US $1,950 Non-member US $2,150

Cybersecurity Fundamentals Workshop - BOTH SESSIONS ARE SOLD OUT
Member: US $850 Non-Member: US $1,050

One-Day Workshops
Member: US $650 Non-Member: US $850

Two-Day Workshops
Member: US $1,150 Non-Member: US $1,350
One-Day Conference Pass* Member/Non-Member: US $395

Cancellation Deadline:

1 September 2017




*Multiple days may not be selected. Attendees will be refunded their 2nd selection if multiple dates are ordered. One-day passes are available for new registrants only. Select your preferred day under the Workshops section of the registration page. Please do not select any conference sessions before you check out. You will be able to select your sessions on the mobile app once you complete your checkout. Selecting anything besides a workshop during registration will automatically add the full CSX 2017 North America Conference to your shopping cart.

Registration and Payment Policy

Registration submissions for this conference and any additional workshops are not processed, and a seat is not confirmed or reserved, until full payment is received. All submissions not paid in full will be placed on a waitlist and priority will be given to paid registrants in a payment first-come, first-serve basis. Space is limited, so it is highly recommended that payment is provided at the time of submission to guarantee a seat within the conference and all related events.

Registration rate is determined based on the date payment is received by ISACA HQ and current membership status. Please plan accordingly, as it may take 10 or more business days for a wire transfer or mailed check to reach ISACA. Should we receive payment after a registration rate deadline, your account will be adjusted to reflect the current due amount. Entrance to the conference and all related events is contingent upon full payment.

Discounts for the Conference are available, detailed below. In order to verify eligibility for any of these discounts, please contact https://support.isaca.org or +1.847.660.5670. Note that discounts cannot be credited to you after the transaction has been completed. All discounts are applied to the main conference registration fee, and cannot be applied to workshop registrations.

Group Discounts

ISACA offers discounts to organizations sending 4 or more employees to a single conference. Group registrations must be processed in a single registration transaction. Please contact the ISACA Conference department for more details at +1.847.660.5670 or https://support.isaca.org; cannot be combined with any other registration discount offerings.

Government Discounts

ISACA offers a $350 conference registration discount to government employees. Please contact the ISACA Conference department for more details at +1.847.660.5670 or https://support.isaca.org; cannot be combined with any other registration discount offerings.

Academic and Student Discounts

ISACA offers a $350 discount to academic institution employees and students. Please note that you must be an ISACA Student member in order to receive the student discount; additional membership and qualification details can be found here. For additional registration details and eligibility verification, please contact ISACA’s Conference Department at +1.847.660.5670 or https://support.isaca.org; cannot be combined with any other registration discount offerings.

Cancellation Policy

All cancellations must be received by the published deadline to receive a refund of registration fees. A cancellation charge of US $100 will be subtracted from conference refunds, and US $50 per workshop from workshop refunds. No refunds can be given after the date specified. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees.

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, conference fees must be received by the published deadline. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact the ISACA conference department.
Phone: +1.847.660.5670
Fax: +1.847.253.1443
E-mail: https://support.isaca.org


Payment Methods

  1. Pay online at www.isaca.org/invoices
  2. Mail your payment to:
    1055 Paysphere Circle
    Chicago, IL 60674 USA
  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America
    135 S. LaSalle St.
    Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    * Please include attendees name on the Advice of Transfer.


ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.

Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the web site at www.isaca.org/membership or contact the membership department at membership@isaca.org.

NOTE: This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.

Permission to be Photographed

By attending this event, the registrant grants permission to be photographed and videotaped during the event. The resultant photographs and videos may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site, in social media and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs and videos will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs or videos now or in the future.


Business casual is appropriate for this and all ISACA conference events.

Conference Venue Information

Marriott Wardman Park Hotel

2660 Woodley Road NW
Washington, DC 20008
Phone: +1.202.328.2000


For nearly 100 years, The Wardman Park Hotel has been the Washington, D.C. hotel of choice for Presidents, Dignitaries and other VIP’s – but none more important than you and your important participation at CSX 2017!

This landmark hotel is conveniently steps away from Washington, D.C.’s Metro’s Red line’s Woodley Park stop in the city’s vibrant Woodley Park neighborhood.

Marriott Wardman Park Hotel


ISACA’s Guest Room Rate at the Marriott Wardman Park has expired.  Please contact the hotel directly at +1.202.328.2000 to make your reservations.

All guest room reservations are guaranteed by deposit of one night's guest room charges. Cancellations with full refund will be allowed up until 72 hours prior to arrival date.

Self-parking available for $45 USD/day or $50 USD for valet.

Why make your reservation in the official housing block?

For the best possible experience, ISACA strongly encourages conference delegates to stay at the host hotel. It is the most convenient location for attendees to be able to participate in all conference activities at a negotiated price.

Please note: ISACA will never contact you with guest room promotions offering a better deal. With the advent of discount aggregators or housing “pirates,” if you experience a problem with a “pirate” reservation, ISACA cannot assist you. However, please know that ISACA staff will work with you to resolve issues that may arise if you make your reservation through the ISACA-provided housing registration link.

Every reservation made for those attending CSX 2017 North America helps ISACA fulfill its commitment to the hotel, in turn allowing ISACA to continue to keep the cost of both conference fees and membership dues as low as possible.

Conference Destination Information

Monuments and memorials, eclectic neighborhoods, true local flavor – DC is your “home away from home."

Here are few ways to help make your stay even more affordable, efficient and fun:


Getting Here

3 regional airports:


Prefer to ride the Rails?

Washington DC’s Metro/Washington Metropolitan Area Transit Authority is the best way to get around DC’s notorious traffic. Here’s one popular way:

Live in the region, or prefer an even more scenic route?

Go green and take a popular Amtrak train from New York, Boston, Philly or elsewhere to Washington's historic Union Station!

  • CSX 2017 attendees are pre-approved for a special 10% discount when using Convention Fare Code number X58E-968.
  • This is good for travel to and from Washington, DC between 26 September and 7 October.
  • To make your reservations, please call Amtrak directly at +1.800.872.7245 or contact your travel agent.




Thank you to our 2017 sponsors!



Cybercriminals are growing in number and sophistication, rendering traditional solutions powerless against today’s advanced threats. IBM Security, with close to 8,000 security professionals worldwide, helps more than 10,000 clients address their most critical needs: transforming their security programs; optimizing operations and response systems; and protecting critical information.

During the past decade, IBM has invested more than $2 billion on security research and development, resulting in 3,700+ security-related patents, and acquired 19 security companies to build out its portfolio. Today, IBM Security delivers next-generation security technology and services, including Watson for Cyber Security, a cloud-based version of IBM cognitive technology trained on the language of security.



RSA Business-Driven Security™ solutions help customers comprehensively and rapidly link security incidents with business context, enabling them to respond effectively and protect what matters most. Our award-winning solutions for threat detection and response, identity and access assurance, consumer fraud protection, and business risk management help RSA customers thrive in an uncertain, high-risk world.


SAI Global

At SAI Global, we make Intelligent Risk possible by helping organizations proactively manage risk to achieve business excellence, growth, sustainability and ultimately, create trust. Our integrated risk management solutions are a combination of world-class tech platforms, services and advisory capabilities that operate across the entire lifecycle allowing businesses to focus on opportunities presented by uncertainty. Together, these tools and knowledge enable customers to develop a holistic, integrated view of risk. In Australia, we are also a leading provider of settlement related services; company, personal and property information. SAI Global Pty Limited’s head office is located in Sydney, Australia. We employ more than 2,000 people across 28 countries and 51 locations across Europe, the Middle East, Africa, the Americas, Asia and the Pacific.


Vanguard Integrity Professionals

Vanguard Integrity Professionals provides enterprise security software and services that solve complex security and regulatory compliance challenges for financial, insurance, healthcare, education, transportation and government agencies around the world. Vanguard provides Cybersecurity Solutions Securing any Enterprise. The world’s largest Financial, Insurance, Government Agencies and Retailers entrust their security to Vanguard Integrity Professionals. Vanguard is committed to protecting and securing the Cloud, zOS Security Server and Enterprise environments. Vanguard provides 24/7/365 live customer support from the United States of America.




Make it an Experience. Only Adobe gives everyone — from emerging artists to global brands — everything they need to design and deliver exceptional digital experiences. It doesn’t matter if you’re a designer, a marketer, a publisher, or a master storyteller. We empower anyone with an idea with the tools and the insight to transform reality. We help create experiences that make a difference and truly matter.



Deloitte Risk and Financial Advisory helps organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries.



OneTrust is a global leader in enterprise privacy management software used by more than 1,500 organisations to comply with data privacy regulations across jurisdictions, including the EU GDPR. Powered by deep privacy research, our comprehensive and integrated platform includes readiness assessments, privacy impact assessments (PIA/DPIA), data mapping automation, website scanning and cookie compliance, subject rights and consent management, incident reporting, and vendor risk management. OneTrust is co-headquartered in London, UK and Atlanta, GA with a global team of privacy and technology experts. OneTrust is backed by the founders of Manhattan Associates (NASDAQ: MANH) and AirWatch ($1.54B acq by VMware).



TITUS solutions enable organizations to discover, classify, protect and confidently share information, and meet regulatory compliance requirements by identifying and securing unstructured data. TITUS products enhance data loss prevention by classifying and protecting sensitive information in emails, documents and other file types – on the desktop, on mobile devices, and in the Cloud.




Bitglass, the total data protection company, is a global CASB and agentless mobile security company based in Silicon Valley. The company's solutions enable real-time end-to-end data protection, from the cloud to the device.


Grant Thornton

Grant Thornton helps executives and managers at all levels maximize their performance and efficiency in the face of ever tightening budgets and increased demand for services. We give clients creative, cost-effective solutions that enhance their acquisition, financial, human capital, information technology, and performance management. Grant Thornton services focus in four major areas: Information Technology; Decision Analytics; Financial Management and Services; and Performance Transformation.


SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions which monitor, control, and automate trusted access to critical data. Our technology secures the infrastructure of the modern digital world and runs in over 90 percent of all data centers. Customers worldwide trust our other solutions to manage and monitor access, while greatly reducing costs, time, and compliance risks. We have offices in North America, Europe and Asia and through a network of certified partners.



Trustwave helps businesses fight cybercrime, protect data and reduce security risks. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs.




EventTracker’s advanced security solutions protect enterprises and small businesses from data breaches and insider fraud, and streamline regulatory compliance. The company’s EventTracker platform comprises SIEM, vulnerability scanning, intrusion detection, behavior analytics, a honeynet deception network and other defense in-depth capabilities within a single management platform. The company complements its state-of-the-art technology with 24x7 managed services from its global security operations center (SOC) to ensure its customers achieve desired outcomes—safer networks, better endpoint security, earlier detection of intrusion, and relevant and specific threat intelligence.



PhishMe® is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector – spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats.


Qualys, Inc.

Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions that help organizations streamline and consolidate their security and compliance solutions and build security into digital transformation. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously across global IT assets.


Telos Corporation

Telos Corporation empowers and protects the world’s most demanding enterprises with solutions and services for cyber security to defend your systems, networks, and information; secure mobility to enable you to work with confidence across and beyond the enterprise; and identity management to establish trust in personnel and protect against insider threats.



Terranova is a security awareness solutions provider, recognized as a leader by Gartner. Our comprehensive solution helps educate employees on security risks, measure employee-related vulnerabilities, fulfill compliance requirements, and monitor improvements over time. Our market leading complete solution is entirely customizable and available in 40 languages.



Venafi is the cybersecurity market leader in machine identity protection, securing all connections and communications between machines. Venafi generates the machine identity intelligence necessary to protect machine identity types, including: SSL/TLS, IoT, mobile, and SSH. With over 30 patents, Venafi delivers innovative solutions for the most demanding, security-conscious organizations.



  Supporting Sponsors


Lynx Technology Partners




Pragma Systems Corporation

SailPoint Technologies

SAINT Corporation



Innovation Stage

IN1-The Rise of Ransomware and Human Sensors | Sponsored by PhishMe
Monday, 2 October 2017 | 12:30PM – 12:50PM

IN2-Automating Technical Control Assessment | Sponsored by Qualys
Monday, 2 October 2017 | 1:00PM – 1:20PM

IN3-The NIST RMF ain’t just for Feds | Sponsored by Telos Corporation
Monday, 2 October 2017 | 3:50PM – 4:10PM

IN5-Industry Trends and Best Practices in Third Party Governance | Sponsored by RSA Security
Tuesday, 3 October 2017 | 9:35AM – 9:55AM

IN6-Preparing for Revised NIST Cybersecurity, Privacy, and Risk Management Standards | Sponsored by Grant Thornton
Tuesday, 3 October 2017 | 12:30PM – 12:50PM

IN7-Hunting Modern Malware – The Latest Techniques | Sponsored by EventTracker
Tuesday, 3 October 2017 | 1:00PM – 1:20PM


For Exhibitor and Sponsorship Opportunities

Please contact: 

Sean Stringer
Director of Sponsorship
Phone: +1.847.660.5729
Fax: +1.847.253.1443


If you are not already signed in, sign in below to register for this Conference.

If the login does not appear below or the form does not function as expected please use this form.





Contact ISACA's Training & Education Department:
Tel: +1.847.660.5670
Fax: +1.847.253.1443
Click here to submit a question.

Media Inquiries

Contact the ISACA Communications Department:
Tel: +1.847.660.5512 or

Please address Sponsorship questions to: sstringer@isaca.org