- This event has passed.
Cyber Security Threat and Oversight of Information System Security
November 2, 2017 @ 7:30 am - 4:30 pm EDTGWDC Members: $95, Other ISACA Members: $120, Non-Members: $140
In today’s world, the harsh truth is your organization either has been or will be a victim of a cyberattack. Treating it as a compliance issue will create internal resistance and likely will not change the behavior of most employees. It’s time to change up the game, make it a daily performance indicator and get better results to protect your agency!
This conference is designed to address a range of topics, each of which is vital to securing the agency. These topics include enterprise roles, security metrics, risk management, standards and regulations, physical security, and business continuity. Each piece of the puzzle must be in place for the enterprise to achieve its security goals; adversaries will invariably find and exploit weak links. Additionally, the Department of Defense (DoD) is itself a massive enterprise, and security practitioners should understand the context and importance of their activities within the overall DoD enterprise. To this end, the course will emphasize the practical implications of cybersecurity management to DoD roles and missions through the application and study of timely examples.
Who Should Attend
(8:30 AM - 9:20 AM)
(9:30 - 10:20)
(10:30 - 11:20)
(11:30 - 12:20 PM)
(1:20 PM - 2:10)
(2:20 - 3:10)
(3:20 - 4:10 PM)
MEET THE PRESENTERS
President at Elfsec
MS Computer Science, CISM
Noel A. Nazario is President of Elfsec LLC, an advisory services firm focused on the management of cyber security risk to support business growth and mission success. Noel brings 30 years of experience in technology, management, risk mitigation, and stakeholder engagement. He is passionate about tackling new challenges and applying new perspectives to help organizations maximize productivity and achieve mission success. Noel started his security career as an Electronics Engineer for the National Institute of Standards and Technology (NIST) Computer Security Division where he did pioneer work in Security Labels, Data Categorization, Assurance Levels, and Public Key Infrastructure. He later moved on to positions at KPMG, Ernst & Young, and Grant Thornton where he held Senior Associate, Manager, Senior Manager, and Director positions serving clients in all branches of the U.S. Federal Government and various industries. Noel earned a Master’s degree in Computer Science from the Johns Hopkins University, a Bachelor’s degree in Computer Engineering from the University of Puerto Rico, and holds a Certified Information Security Manager (CISM) designation. He has been an active member of ISACA since 2002 and is currently GWDC Associate Director for Executive Seminars.
Cyber Security Principal, NTT
CISA, CISSP, CISM, CRISC, MCSE
Sushila Nair is a cybersecurity principal at NTT. NTT is one of the world’s largest technology services companies, ranked 65 in the Fortune 500 and is one of the most valuable brands in the world. Sushila owned and managed a consultancy organization for many years, designing and architecting solutions that delivered security solutions to large financial organizations, the legal sector and Manufacturing. Sushila has over twenty year's experience in computing infrastructure, business and security and has worked in a number of diverse areas — risk analysis, threat modelling, credit card fraud, mobile security and real time security monitoring. Sushila worked with the insurance industry in Europe and America on methods of underwriting e-risk insurance based on ISO27001. She volunteers with several non-profit organizations, notably serving as the Marketing Director of the ISACA Greater Washington DC Chapter. She has published numerous articles in the computing press, and has spoken at CACS, SEGURINFO, BrightTALK, FinSec and many other global technical events on diverse subjects ranging from mobile security to threat modelling. Sushila is a qualified lead auditor in BS 17799, CISA, CISSP, CISM, CRISC, MCSE
SME Cyber Security
VJ has over 15 years of experience as a security leader and management consultant. His efforts have led to streamlined processes, adoption of security standards, efficiency increases and millions of dollar in cost savings using the cloud for small to large organizations. He has pioneered several approaches which have been well received in the Public Sector, NGO, and Security communities. Some of his highlights include pioneering SMS based election monitoring, creating coalitions for sharing threat intelligence, and innovative approaches to qualitative risk assessments. VJ has conducted several security audits and risk assessments for scopes ranging from small security projects to business operations for large organizations. VJ speaks regularly on security matters and his efforts have been profiled in several technology articles. VJ recently oversaw cyber security for the US Presidential and VP Debates.
Chief Technology Officer, PCI Security Standards Council
Troy Leach is chief technology officer for the PCI Security Standards Council. Leach partners with council representatives, participating organizations, and industry leaders to develop comprehensive standards and strategies to secure payment card data and its supporting infrastructure. He is a subject matter expert on payment security and has testified on several occasions before various U.S. House and Senate Congressional committees. Leach also provides guidance and security expertise to a multitude of U.S. and international government entities and law enforcement agencies.
Executive Director ,EY Government & Public Sector Practice
Mike Marshall is an Executive Director within the EY Government & Public Sector practice and serves as the GPS Cybersecurity lead. He has 31 years of experience supporting the Government and private sector in Cybersecurity and IT Infrastructure lifecycle services.
His cybersecurity experience includes Predictive Threat Analytics, Malware Analysis, Insider Threat, Computer Network Defense, Continuous Monitoring, Cloud Security, Mobile Security, Critical Infrastructure Protection, Risk Assessment, Audit Preparation, Certification and Accreditation, Software Assurance, Mission Assurance, and Incident Response. Mike’s IT Infrastructure lifecycle service experience includes Architecture, Design, Engineering, Testing, Deployment, and Operations in networking, telecommunications, and data center environments. Mike was also a part of the U.S. Air Force where he holds the retired rank of Lieutenant Colonel.
Chief Security Strategist, SurfWatch Labs Inc.
Adam is currently the Chief Security Strategist for SurfWatch Labs Inc. Prior to joining SurfWatch Labs, Adam was the Chief Information Security Officer (CISO) for one of the largest public transportation systems in the United States. Prior to his role as a CISO, Adam served as the Director of Information Assurance and Command IA Program Manager for the Naval Air Warfare Center, Naval Air Systems Command one of the Navy's premier engineering and acquisition commands.
Before focusing specifically on the Cyber Security discipline, Adam has served in positions supporting Network Engineering & Operations, Enterprise Architecture & Configuration Management, Emergency Power and Systems Engineering for organizations such as White House Communications, Army Pentagon, Joint Interoperability Test Command (JITC) and the Intelligence Community.
Stephen Moore, ICIT Contributor and Chief Security Strategist, Exabeam”.
Steve Moore is the VP and chief security strategist at Exabeam. His main focus is driving solutions for threat detection & response -- and advising customers in breach management and program development. Prior, Moore spent more than 7 years at Anthem, in a variety of cyber security practitioner and leadership roles. Most recently, he served as Staff VP of Cyber Security Analytics, playing a leading role in the response and remediation of the 2015 data breach. Additionally, Moore led the creation and improvement of several other programs including: Threat Intelligence, Threat Hunting, Adversary Simulation, Incident Response, and Content Creation. Prior to joining Anthem, Moore served in a variety of roles at Sallie Mae within the Information Security, Program Management, and Web Infrastructure organizations. Moore was also a co-author for the SANS Institute.
Moore spends much of his time advising industry leading organizations, mentoring, and helping those in need. He is passionate about creating relevant and representative security organizations.
Moore holds a MS in Information Assurance & Network Security from Capitol Technology University in Laurel, MD and a BS in Business from the Indiana University Kelley School of Business with a concentration in Computer Information Systems.
|All Students: None.
ISACA Members from Other Chapters: You will need to bring your ISACA Membership Card to the event to verify your ISACA Membership.
Conference presentations are posted to the Presentations Library when permission is received from the presenter and their organization. In some cases, permission is not received.
Earn up to 7 Continuing Professional Education (CPE) credits in the area of Specialized Knowledge. The ISACA® GWDC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: http://www.learningmarket.org.
CPE Distribution and Evaluation Survey
CPE's will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day to receive full CPE credit.
- Prerequisites and Advance Preparation: None
- Program Knowledge Level: None
- Delivery Method: Instructor led sessions