North America ISRM 2014 

KEYNOTE SPEAKERS

Curtis Levinson

Curtis Levinson
US Cyber Defense Advisor to NATO

Alec Ross

Alec Ross
Author and Senior Advisor to then Secretary of State Hillary Clinton

The 2014 North America ISRM Conference has concluded.

ISACA wishes to thank all who took part for making this conference such an overwhelming success. We look forward to seeing you next year at:

CSX North America 2015 Conference

19–21 October 2015 | Washington, DC, USA

Registration opening soon, please continue to check back as announcements are forthcoming!

As this conference has been a huge success in the past, please consider reserving your place early for next year’s event—and save with our Super Early Bird Discount!

To learn more about CSX North America 2015, contact conference@isaca.org or call +1.847.660.5622

 

VIDEO

ISRM video

 

Thank you to our 2014 sponsors!


Dell

Modulo

Vanguard Integrity Professionals

KPMG

Maclear

Boldon James

ERP Maestro

ID Experts

Intelisecure

MetricStream

Symantec

Watchful Software

Program Information


  Download the 2014 North America ISRM brochure

View program sessions and workshops below.


Immerse yourself in 2.5 days of:

Educational sessions — workshops, keynotes, case studies and panel discussions
Networking events — spotlight educational sessions, attendee receptions, workshops and more


Pre-Conference 1-Day Workshops

Monday, 17 November; 9:00AM - 5:00PM

Tuesday, 18 November; 9:00AM - 5:00PM


Pre-Conference 2-Day Workshops

Monday, 17 November; 9:00AM - 5:00PM
Tuesday, 18 November; 9:00AM - 5:00PM

*Please Note: Limited space is available in Workshop WS2, WS3 and WS7. Please contact conference@isaca.org for more information.

 


Keynote 2: Cybersecurity Credentials Collaborative (C3) Super Session

Cyberthreats are growing. The cybersecurity field is rapidly evolving. Demand for more cybersecurity professionals and demands on current cybersecurity and information security professionals have never been greater. Join leaders of the industry’s top information security and privacy certification organizations as they discuss how to develop a more prepared workforce. Learn what skills your enterprise needs, which skills will keep you in demand, and the best ways to obtain or hone them at this news-making general session.

Panelists

Terry ErdleTerry Erdle
Executive Vice President
CompTIA

 

 

Michael H. GoldnerMichael H. Goldner, J.D.
EC-Council | University Dean
CISSP, CISM, C|CISO, C|EH, C|HFI, MCSE/Security

 

Jeff FriskJeff Frisk
Director
GIAC Certification Program

 

Ron HaleRon Hale, PhD, CISM
Chief Knowledge Officer
ISACA

 

 

Hord TiptonHord Tipton, CISSP-ISSEP, CAP, CISA
Director
(ISC)2

 

 

Ira WinklerIra Winkler
President
ISSA

 


Moderator

Eddie SchwartzEddie Schwartz, CISA, CISM
Chair, Cybersecurity Taskforce
ISACA

 

 

 

Opening Remarks and Keynote: Digital Doomsday—What Happens to Facebook if the World Ends


Curtis K. S. LevinsonCurtis K. S. Levinson
US Cyber Defense Advisor to NATO

Few thought leaders and experts in the fields of information security, risk management and cybersecurity are as trusted for their expertise and opinions on the fast-changing field of cybersecurity as opening keynote speaker, Curtis Levinson.

 

 

 

His resume includes:

  • Advisor to two sitting US Presidents, two Joint Chiefs of Staff Chairmen and the US Chief Justice on cybersecurity and enterprise technology
  • Current US Cyber Defense Advisor to NATO
  • Over 25 years of focused experience in cybersecurity and information assurance

Mr. Levinson’s keynote address: “Digital Doomsday—What Happens to Facebook if the World Ends” touches on the potential impacts of the coordinated approach to cyber defense adopted by allies to the North Atlantic Treaty Organization (NATO). Gain his uniquely privileged insights on how these enhanced cyber defense capabilities could better protect partner countries, international organizations and your enterprise against the growing daily threat of cyberattacks from around the world.

 


Closing Keynote: Lessons from the Cyber Battlefield


Alec RossAlec Ross
Author and Senior Advisor to then Secretary of State Hillary Clinton

Alec Ross is an author and former Senior Advisor to Hillary Clinton when she was America’s top diplomat. In that role, Ross advanced the State Department’s interests on issues including Internet freedom, cybersecurity, disaster response, and the use of network technologies in conflict zones.

 

 

In his not-to-be-missed closing keynote address—Lessons from the Cyber Battlefield—you can gain his unique perspectives on:

  • How the weaponization of code has turned the Internet into a battlefield
  • How to identify and respond to cyberthreats that have the potential to cost businesses billions of dollars
  • The best strategies to keep your enterprise out of the gun-sights of hackers and other cyber predators

 

Conference Dates and Times

Pre-Conference Workshop Registration

Monday, 17 November; 7:30AM - 12:00PM
Tuesday, 18 November; 7:30AM - 12:00PM

Conference Registration

Tuesday, 18 November; 3:00PM - 7:00PM
Wednesday, 19 November; 7:00AM - 5:00PM
Thursday, 20 November; 7:30AM - 5:00PM
Friday, 21 November; 8:00AM - 12:00PM

 

Pre-Conference Workshops

Monday, 17 November; 9:00AM - 5:00PM
Tuesday, 18 November; 9:00AM - 5:00PM

Conference

Wednesday, 19 November; 8:30AM - 5:00PM
Thursday, 20 November; 8:30AM - 5:00PM
Friday, 21 November; 8:30AM - 12:15PM


Monday, 17 November 2014

Time 2014 North America ISRM Pre-Conference Workshops

9:00AM - 5:00PM

WS1—Cybersecurity Fundamentals Workshop - Section A* Day 1
WS2—Forensics in Action Day 1
WS3—Incident Response for Cyber-Based Events
WS5—Effective Information Security Programs Are Not Born! Day 1
WS6—Cybersecurity Fundamentals Workshop - Section B Day 1


Tuesday, 18 November 2014

Time 2014 North America ISRM Pre-Conference Workshops

9:00AM - 5:00PM

WS1—Cybersecurity Fundamentals Workshop - Section A* Day 2
WS2—Forensics in Action Day 2
WS4—Measuring What Matters
WS5—Effective Information Security Programs Are Not Born! Day 2
WS6—Cybersecurity Fundamentals Workshop - Section B Day 2

 


Wednesday, 19 November 2014

Time 2014 North America ISRM Sessions

8:30AM - 9:45AM

Opening Remarks and Keynote: Digital Doomsday—What Happens to Facebook if the World Ends

9:45AM - 10:15AM

Break

10:15AM - 11:45AM

111—Security Metrics: A Model for Success Intermediate
112—IBM System z (mainframes): Auditing the Overlooked Critical Systems
113—EMV – Will it prevent the next Epic Card Breach? Intermediate
114—Cyber Plagues: An Approach to New Threats Advanced
115—NIST/NICE CSF DHS

11:45AM - 1:00PM

Lunch

1:00PM–2:00PM

121—What QSAs, ISAs and Auditors Need to Know about Secure Shell Intermediate
122—Architecture for Secure Cloud Computing Intermediate
123—Shadow IT - The Hidden Risk All Levels
124—Intelligence Driven Security Whiteboards All Levels
125—Using Big Data to Assess the Threat

2:00PM–2:15PM

Break

2:15PM–3:15PM

131—Leading Digital Responsibility Across your Organization
132—Recent Developments in Global Privacy Laws
133—Why Risk Analysis is FUD without a BIA Intermediate to Advanced
134—Geographic Perspective on Cyber-Security All Levels
135—APIs - The Next Hacker Target? All Levels

3:15PM–3:45PM

Break

3:45PM–5:00PM

141—My Incident Trumps your Policy All Levels
142—A Guide to Securing Your SAP ECC System All Levels
143—Critical Communications Skills All Levels
144—Cybersecurity Service Level Agreements All Levels
145—Threat Library - A SOC Revolution Intermediate

5:15PM–5:45PM

Spotlight Education Session 1: Tackling Security Gaps with GRC
Spotlight Education Session 2: Best Practices for SAP Access Control Risk Management
Spotlight Education Session 3: From Silos to Seamless: Creating a Comprehensive Security Program

6:00PM–6:30PM

Spotlight Education Session 1: Data Protection for Data Everywhere: Utilizing Intelligent-Aware Security Controls
Spotlight Education Session 2: Securing Your Data Through its Journey with Data Classification
Spotlight Education Session 3: Simplifying the Complexities of Incident Response

5:00PM–7:00PM

Expo Hall Networking Reception


Thursday, 20 November 2014

Time 2014 North America ISRM Sessions

8:30AM - 9:45AM

Keynote: The Cybersecurity Credentials Coalition (C3) Super Session

9:45AM - 10:15AM

Break

10:15AM - 11:45AM

211—The Healthcare Reasonable Security Act Intermediate
212—New Tech for Transparency with Privacy Advanced
213—Head in the Clouds: Controls & ERP SaaS All Levels
214—Is your Vulnerability Management Program Vulnerable?
215—Securing the Software Defined Infrastructure and How it May Help Evolve Security Going Forward

11:45AM - 1:00PM

Lunch

1:00PM–2:00PM

221—How to Create a Strong Security Culture
222—Cloud Computing Risk Mitigation Via Contract Negotiation & Vendor Management
223—Risk Threshold Framework Intermediate
224—The Rise of Citizen Hacker Armies; Forensics vs. Citizen Hackers Beginner
225—A Risk-Driven Cyber Security Approach

2:00PM–2:15PM

Break

2:15PM–3:15PM

231—HIPAA Security Risk Assessment All Levels
232—2014 Top Security/Privacy Bloopers All Levels
233—How Do You Protect Your Organization from Cyberthreats?
234—Mission Impossible? Small Biz Security All Levels
235—How Hacks Really Happen All Levels

3:15PM–3:45PM

Break

3:45PM–5:00PM

241—Use the PCI Standard to Prevent a Breach All Levels
242—Security, Privacy and HIPAA for mHealth All Levels
243—Continuous Vulnerability Management
244—What is the CSX/CAE/CWW Connection? All Levels
245—Fusion of Fraud Management, Identity and Access Management Fuels Better Customer Experience

5:15PM–5:45PM

Spotlight Education Session 1: Are You Accepting Risk Based Upon Your Current Audits?
Spotlight Education Session 2: GRC Beyond Excel
Spotlight Education Session 3: The New Perimeter – Keeping Data Safe in a Cloud/BYOD World


Friday, 21 November 2014

Time 2014 North America ISRM Sessions

8:30AM - 9:30AM

311—Do We Know What We Don't Know?
312—Risky Business: Doubling Down on Privacy and Security
313—Climb New Heights: Bringing Vendor Diligence To a New Level All Levels
314—Hackers, Attack Anatomy, Security Trends All Levels
315—Employee Privacy vs Org Security

9:30AM - 9:45AM

Break

9:45AM - 10:45AM

321—Reducing Risk through Improved Sampling All Levels
322—The Corporate IDM and its Challenges Intermediate
323—IT Risk Governance and Management Intermediate
324—Confessions of a Software Salesman! All Levels
325—Cybersecurity - Engaging with the Board Advanced

10:45AM - 11:00AM

Break

11:00AM–12:15PM

Closing Keynote: Lessons from the Cyber Battlefield

 

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a three-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 32 CPE credits; 18 by attending North America ISRM and an additional 7 CPE credits for attending each day of optional workshops. ISACA conferences are Group Live and do not require any advanced preparation.

ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site:  www.learningmarket.org.

NA ISRM 2013Conference Registration Fees


Online Registration Closed

Online registration is now closed. However, conference registrations will be taken at the registration counter at the North America ISRM Conference in Las Vegas. See you there!


REGULAR REGISTRATION
Register and pay BY Thursday, 6 November 2014*
Member US $1,595 Non-member US $1,795

ONSITE REGISTRATION
Register and pay after Thursday, 6 November 2014
Member US $1,795 Non-member US $1,995

One-day Workshop
Member: US $550 Non-Member: US $750

Two-day Workshop
Member: US $750 Non-Member: US $950
   

Cancellation Deadline:

21 October 2014


*If registration fees are not paid in full by 12 noon CDT (UTC-6) on Thursday 6 November 2014, the attendee will receive the regular conference rate of $1,795 member/$1,959 non-member. Regular pricing can be used in conjunction with group discounts, described below.

Group Discounts

ISACA offers discounts to organizations sending 4 or more employees to a single conference. Please contact the ISACA Conference department for more details at +1.847.660.5622 or conference@isaca.org.
All fees are quoted in US dollars. The entire registration fee must be received by ISACA before your registration will be considered paid in full.

Government Discounts

ISACA offers a $200 conference registration discount to government employees. The discount applies to the main conference registration rates and can be used in conjunction with any early-bird registration discounts available. The government employee discount will be applied toward the main conference registration and is not applicable toward any pre- or post-conference workshops. Please contact the ISACA Conference department for more details at +1.847.660.5622 or conference@isaca.org.

Visa

Obtaining a VISA is solely the responsibility of the registrant. Please contact the local government of the host country for details. Once a paid registration is received, a letter of invitation will be provided by ISACA, on request.

Cancellation Policy

If your plans change and you won’t be able to attend the conference and/or workshop, contact us by phone, fax or e-mail to cancel your registration. All cancellations must be received by 21 October 2014 to receive a refund of registration fees. A cancellation charge of US $100 will be subtracted from conference refunds, and US $50 from workshop refunds. No refunds can be given after 21 October 2014. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees.

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, conference and/or workshop fees must be received by the published deadline. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. Conference materials are not guaranteed to those who register onsite or fail to submit payment prior to the event. For more information regarding administrative policies, please contact the ISACA conference department.
Phone: +1.847.660.5622
Fax: +1.847.253.1443
E-mail: conference@isaca.org

Disclaimer

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.


Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the web site at www.isaca.org/membership or contact the membership department at membership@isaca.org.

NOTE: This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.


Permission to be Photographed

By attending this event, the registrant grants permission to be photographed and videotaped during the event. The resultant photographs and videos may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site, in social media and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs and videos will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs or videos now or in the future.


Dress

Business casual is appropriate for this and all ISACA conference events.

The view of the Strip from Caesars Palace

Venue and Accommodations

Caesars Palace

3570 S. Las Vegas Boulevard
Las Vegas, NV 89109
866.227.5944

Web Site:  www.caesarspalace.com

Housing is extremely limited – Please call the hotel directly to check availability

Room Rates: $159-$229 per night
Hotel Check-In/Check-Out: 4pm/11am
Parking: Free parking is available on site; no reservation is needed.
Resort Fee: Does not apply to conference attendees.

 

Discounted Travel

ISACA has arranged for discounted travel for up to ten percent on travel to and from ISACA events held in North America on United Airlines. For North America ISRM this offer is valid for travel booked during the event dates of Friday, 14 November– Monday, 24 November, 2014. Reservations can be made online at www.united.com or by emailing groupmeetings@united.com. While booking, enter ZRM8297964 in the offer code box when searching for flights, or ask your
travel agent to use Agreement Code: 297964 and Z Code: ZRM8 when searching for flights to take advantage of these discounts.

American Airlines is offering a special meeting discount, which can be booked on-line at www.aa.com/group for American Airlines/American Eagle Airlines flights only. Enter the Promo code 88N4BJ in the Promotion Code box or call the American Airlines Meeting Services Desk at 1-800-433-1790. The discount is valid Friday, 14 November– Monday, 24 November, 2014.

Itineraries involving any oneworld or codeshare partner airlines must be booked through our Meeting Services Department at 1-800-433-1790 if calling from the US and Canada. Please note a $25.00 fee will apply for each ticket booked over the phone. International attendees should call their local American Airlines reservations number.

Thank You to Our 2014 Sponsors!

  Gold

Dell


 

Dell Security enables organizations of all sizes to take advantage of the unprecedented opportunities created by today’s hyper-connected world, while mitigating risk. With Dell Security, you can protect your whole organization, not just parts of it, achieve across-the-board compliance and enable users to be productive anytime, anywhere — driving growth and innovation. Dell listens to customers and delivers worldwide innovative technology, business solutions and services they trust and value. For more information, visit Dell.com/Security and follow @DellSecurity on Twitter.

Modulo


 

Modulo is the leading global provider of information & technology GRC solutions, offering flexible and affordable methods for managing risk, compliance, and business continuity across the enterprise and extended enterprise of vendors. 1,000+ customers leverage Modulo to automate workflow; report compliance against regulations, standards, policies; prioritize risk through analytics and business metrics; secure cloud environments; remediate vulnerabilities; and more.

  View Presentation: Effective Risk Management — A Customer Case Featuring Cadence
  View Presentation: Is your Vulnerability Management Program Vulnerable?


 

Vanguard Integrity Professionals


 

Vanguard Integrity Professionals, an IBM Business Partner, provides enterprise security software and services that solve complex security and regulatory compliance challenges and deliver a rapid return on investment. With automated solutions for Audit and Compliance, Operational Security and Intrusion Management, Vanguard enables government agencies and corporations around the world to ensure continuous monitoring of System z, safeguard cloud computing secure domains, and protect critical data and applications from cybersecurity threats.


 

  Silver

KPMG

 

KPMG LLP's IT Advisory professionals help clients assess, manage, and remediate IT-related risks. We help organizations develop the right approach— turning risk into opportunity—to drive sustainable business value. We accomplish this by helping organizations demonstrate effective IT compliance through governance and controls, data integrity, security and privacy, and supplier management.

Maclear

 

Maclear provides risk management software and services. We help customers evaluate their needs, adopt best practices and implement GRC automation using our proprietary SaaS software suite – Maclear eGRC Suite™. Maclear was founded in 2010 by GRC industry veterans to develop a unique SaaS GRC software product. In 2014 Maclear’s award-winning GRC offerings and loyal customer base enabled it to raise outside investor money for further business development.

  Bronze

Boldon James


 

For almost 30 years, Boldon James has been a leader in data classification and secure messaging solutions, helping organizations of all sizes manage sensitive information securely and in compliance with legislation and standards, in some of the most demanding messaging environments in the world.


 

ERP Maestro


 

As the only Cloud based Access Control Analytics solution available today that’s engineered with a rapid implementation toolset and actionable remediation reporting capabilities, our clients are provided with an accelerated means to identify access control risk issues. This is accomplished via a cost effective, high value Software as a Service that eliminates the need for capital intensive acquisitions.


 

ID Experts


 

At ID Experts, we provide innovative software and services that simplify the complexities of managing data incident response. Customers rely on our award-winning RADAR™ software to reduce breach risks and prove compliance. RADAR uses patented technology to ensure a consistent and defensible process for managing incident response. Our customers include some of the nation’s largest healthcare, insurance, financial, and government organizations.


 

Intelisecure


 

InteliSecure is a Managed Security Service Provider that focuses on Data Loss Prevention, protecting and preserving critical data assets and intellectual property values. InteliSecure is leading the security industry through its pioneering work in security humanistics, enabling better monitoring and analyzing of security breaches and positively impacting a business’ bottom-line.

MetricStream


 

MetricStream is a market leader in enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions. MetricStream solutions are used by leading global corporations in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to manage their risk management programs, quality management processes, regulatory and industry-mandated compliance and other corporate governance initiatives.

Symantec


 

Symantec was founded in 1982 by visionary computer scientists. The company has evolved to become one of the world’s largest software companies with more than 18,500 employees in more than 50 countries. We provide security, storage and systems management solutions to help our customers – from consumers and small businesses to the largest global organizations – secure and manage their information-driven world against more risks at more points, more completely and efficiently than any other company.

Watchful Software


 

The leak/loss of information is a primary concern for organizations today; hence job one has become securing the organization’s most valuable information. Watchful Software solutions dynamically classify, mark, and protect information of all types such that only users with express authorization can use that data, regardless of where it resides.


 

Supporting Sponsors

APMG-International American Public University Bit9 + Carbon Black IAPP PowerTech
RSA Relational Security Corp Rsam Saint Leo University Skybox Security TeamMate Audit Management Systems
terranova Training TraceSecurity Trusted Integration WhiteCanyon Software  

 

Sponsorship Opportunities

Please contact:

Sean Stringer
Director of Sponsorship
Phone: +1.847.660.5729
Fax: +1.847.253.1443
sstringer@isaca.org


 Exhibitor and Sponsorship Information

Get Social for Conference Updates

Twitter Follow @ISACANews hash tag #ISRM2014.
FacebookLike ISACAHQ.
LinkedInJoin ISACA.

Questions

Contact ISACA's Training & Education Department:
Tel: +1.847.660.5622
Fax: +1.847.253.1443
conference@isaca.org

Media Inquiries

Contact the ISACA Communications Department:
Tel: +1.847.660.5512 or
+1.847.660.5564
news@isaca.org

Please address Sponsorship questions to: sstringer@isaca.org