Cybersecurity and Risk Conference
September 20 @ 8:00 am - 4:30 pm EDTGWDC Members: $105, Other ISACA Members: $135, Non-Members: $150
This one-day information packed conference will bring together the sharpest minds in cybersecurity across industries and will enable participants to interact with top security leaders and risk management pioneers to learn about the latest technologies and strategies for managing cyber risk. The event consists of interactive talks, panel discussions, and a live Capture the Flag demonstration.
An impressive array of thought leaders will discuss IT security, data protection, privacy and issues related to:
• Blockchain technology
• Personal security awareness
• Dark web
• Access & authentication
• Online vs physical security
• Security center operation (Security Operations Center (SOC)
• Fraud detection & Forensic Analysis
• Supervisory Control and Data Acquisition (SCADA)
• Offensive and Defensive cyber security
• Pen-testing Strategies & Ethical Hacking
• Digital transformation cyber security
The event is designed to be an educational forum for information assurance, auditing and cyber/information security professionals across industries and multi-disciplinary roles to gain and share insight into the continual changing landscape of cyber risk in the government and private sector.
Blockchain Technology and Concepts of Decentralized Identity
ICS Security and the IIoT
While the security of traditional Information Technology (IT) environments focuses on data confidentiality and privacy and relegates system integrity and availability to second and third place, Operational Technology (OT) environments must focus on system integrity, availability and resiliency. OT includes Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems and generally refers to the technology that enables industrial and utility operations like manufacturing systems, transportation controls, power generation, water supply and management, etc. The recently released, National Institute of Standards and Technology (NIST) Special Publication (SP) 800-82 Revision 2, Guide to Industrial Control Systems (ICS) Security, is an excellent tool for addressing OT security concerns. SP 800-82 guides practitioners on the application of SP 800-53 Revision 5 controls to ICS environments. This presentation will address OT, SP 800-82, and considerations regarding the introduction of the Industrial Internet of things (IIoT) to ICS environments.
GDPR sSDLC (Secure Software Development Life-cycle) Implications
GDPR requires privacy by design. How can organizations adapt their sSDLC and work with DevOPs to ensure security is considered throughout the development life?
WHO SHOULD ATTEND
The Agenda is currently being finalized.
MEET THE PRESENTERS
Managing Partner and Principal Consultant
Security Architects Partners
An internationally-recognized expert in security, privacy, cloud computing and identity management Dan
Blum develops Security Architects Partners’ business partnerships, creates content and leads consulting
engagements. Formerly, he was a Golden Quill award-winning VP and Distinguished Analyst at Gartner
and one of the founding partners of Burton Group. As a Principal Consultant at Security Architects
Partners, he has led or contributed to consulting projects such as:
- Enterprise DLP strategy, architecture, and roadmap for a midwestern US manufacturer
- Enterprise Information Security Architecture (EISA) for a leading financial securities company
- Blockchain identity workshop and strategy planning for a financial services company
- IAM recommendations and deep dive Enterprise Authorization architecture for a non-governmental organization (NGO)
During his tenure at Gartner, Mr. Blum held VP positions as a Distinguished Analyst and Agenda Manager with the Security and Risk Management Strategies analyst team. He led the effort to enhance and improve the Security Reference Architecture acquired from Burton Group. He managed successive cloud security track programs at the Gartner Catalyst conferences and spoke at Gartner Security Summit and other events. He also served as the Cloud Security Research lead at Gartner for Technical Professionals.
A Founding Member of the Kantara Initiative’s IDPro group and honored as a “Privacy by Design Ambassador”, Mr. Blum has also authored two books, written for numerous publications, and participated in standards groups such as ISACA, CSA, OASISO, Open ID Foundation and others.
Spartan Security Consulting, LLC,
Mr. White has worked for the U.S. Government in a broad range of roles and missions within the Intelligence and Defense Communities for over 30 years. He directed and managed imagery and signals collection operations on sensitive U.S. government platforms and led a variety of intelligence analysis units focused on delivering national security products to operators and policymakers. He also served as a Deputy Senior Operations Officer and Identity Intelligence Analyst at the National Counterterrorism Center (NCTC) and as a biometrics technology consultant in the Intelligence Community. He is the contributing author to "Beware the Predator: The American's Guide to Personal Security." Mr. White is the CEO, Spartan Security Consulting, LLC, which specializes in identity intelligence, management and services and was founded in 2014 in Herndon, Virginia.
Technical Operations Officer
As a career Technical Operations Officer, Mr. Warren Holston has worked throughout the Intelligence Community, Department of Defense, and defense industry for more than 30 years. He has served as a U.S. Navy Explosive Ordnance Disposal Diver, a collection officer and senior manager in the Central Intelligence Agency, and a Subject Matter Expert for the Department of Defense U.S. Special Operations Command. Mr. Holston has managed and conducted counterterrorism, covert action, and technical collection operations worldwide and is recognized as having contributed significantly to the national security of the United States of America. He was awarded the CIA’s Intelligence Commendation Medal for “conceiving of, and implementing, a clandestine sensor operation against a high priority denied area intelligence target” and the Distinguished Career Intelligence Medal for “superior performance in the conduct of clandestine operations in the CIA.”
Ira Winkler, CISSP, is President of Secure Mentem and author of Advanced Persistent Security. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. Most recently, CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader.
Ira is also author of the riveting, entertaining, and educational books, Advanced Persistent Security, Spies Among Us and Zen and the Art of Information Security. He is also a columnist for ComputerWorld, and writes for several other industry publications.
Mr. Winkler began his career at the National Security Agency, where he served as an Intelligence and Computer Systems Analyst. He moved onto support other US and overseas government military and intelligence agencies. After leaving government service, he went on to serve as President of the Internet Security Advisors Group, Chief Security Strategist at HP Consulting, and Director of Technology of the National Computer Security Association. He was also on the Graduate and Undergraduate faculties of the Johns Hopkins University and the University of Maryland. Mr. Winkler was recently elected the International President of the Information Systems Security Association, which is a 10,000+ member professional association.
Federal Cybersecurity Senior Director
Noel A. Nazario is focused on growing Annuk's presence within the U.S. Federal market. Noel brings a wealth of technical and leadership experience to all his clients by leveraging a unique background in network and systems engineering, cybersecurity, enterprise architecture, executive management, entrepreneurship, IT audit, business development, and training development. Currently, Noel supports the Washington Metropolitan Area Transit Authority (WMATA) as IT Architecture Review Board (ARB) Lead. In this role, he steers WMATA towards a coherent IT Enterprise Architecture that is closely aligned with organization-wide goals and supports the integration of best-in-class practices and new technologies.
Previously, Noel founded Elfsec LLC, a cybersecurity consulting firm; held executive leadership roles at Grant Thornton LLP and Ernst & Young LLP; and worked for KPMG LLP in consulting, audit, and manager roles. He started his professional career as an Electronics Engineer at the National Institute of Standards and Technology (NIST). At NIST, he developed proofs of concept for secure communications protocols; Public Key Infrastructure (PKI) specifications, policies, practices, and interoperability demonstrations; Federal and IEEE standards for security labels for data transfer; security architectures; and data categorization. Noel holds a Master of Science degree in Computer Science from The Johns Hopkins University and a Bachelor of Science degree in Computer Engineering from the University of Puerto Rico, School of Engineering.
Since 2004, Noel has served ISACA GWDC in leadership roles that included CISA Training Director, Academic Relations Director, and Associate Director for Executive Seminars. Currently, he holds a Certified Information Security Manager (CISM) designation [although he previously held CISA, CRISC, and CISSP designations, as well]. He is a member of several industry groups and is a frequent conference host and speaker for ISACA GWDC and other organizations.
Tyrone E. Wilson
Founder and President
Cover6 Solutions, LLC
Tyrone E. Wilson is an Information Security professional with 22 years of experience in information technology and systems configuration, including information systems and network security. Wilson also has extensive knowledge in computer network defense, vulnerability assessments, cyber threat analysis, and incident response. As a former cybersecurity analyst for the United States Army, Wilson developed security structures to ensure American intelligence systems were protected from foreign threats. Wilson is the Founder and President of Cover6 Solutions, LLC; which teaches companies and professionals aspects of information security, penetration testing, and IPv6.
Principal Security Consultant
The Crypsis Group
Pradeep K. Ponnuswamy is a cybersecurity expert who has more than 15 years of diverse experience across consulting and security functions for Fortune 100 and 1000 companies. Pradeep brings to his clients a deep technical knowledge/proficiency with experience in ISO, data privacy, HIPAA, CSF, and IT Enterprise Risk Assessments and is a GDPR subject matter expert. Pradeep is a graduate of University of Maryland at College Park.
Speaker - TBD
Title - TBD
Organizatiion - TBD
BIO - TBD
All Students: Please bring your Student ID.
ISACA Members from Other Chapters: You will need to bring your ISACA Membership Card to the event to verify your ISACA Membership.
Presentations: Conference presentations will be included in the registrants' final event-related email message containing the CPE certificate and evaluation survey when permission is received from the presenter and their organization. In some cases, permission is not received.
Requests for Assistance: If you require assistance for an audio, visual, or other disability, please contact the Programs Director to discuss your needs, as soon as possible. We need as much advance notice as possible to determine whether requests can be accommodated. Thank You.
Earn up to 7 Continuing Professional Education (CPE) credits in the area of Specialized Knowledge. The ISACA® GWDC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: http://www.learningmarket.org.
CPE Distribution and Evaluation Survey
CPE's will be distributed via e-mail along with the event evaluation survey up to seven (7) business days after the completion of the event. Attendees must be present the full day to receive full CPE credit.
- Prerequisites and Advance Preparation: N/A
- Program Knowledge Level: N/A
- Delivery Method: In Person