ISACA Greater Washington, D.C. Chapter
Serving ISACA GWDC Members since 1974
Upcoming Chapter Events
Below are upcoming chapter conferences, seminars, review courses, and other events. Prior chapter events can also be viewed.
For information on our event policies, see https://isaca-gwdc.org/event-policies/.
Navigating the Future: A CISO’s Perspective on 2024 Security and Risk Priorities
The ISACA Greater Washington D.C. Chapter (GWDC) invites you to our Annual Security and Risk Insights Conference—a must-attend event for cybersecurity professionals and business leaders. This year’s seminar offers a comprehensive review of the most critical cybersecurity and risk trends from 2024 and provides actionable insights on where to focus your budget and training efforts for 2025. Whether you’re a CISO, IT manager, or business executive, this conference equips you with the knowledge you need to prepare for the year ahead.
Why Attend?
Registration closes on December 4, 2024 @ 2pm.
Agenda
08:30 AM – 09:30 AM
Your Budget is a Horse’s A$$
Presenter: Ira Winkler (CYE Security)
Explore the historical influence of horse-drawn carts on railcar dimensions and how it relates to rigid cybersecurity budgeting. Join this session to learn how to apply machine learning and other mathematical concepts to justify budget allocation, optimize risk, and design effective cybersecurity programs for limited resources.
09:30 AM – 10:30 AM
Teaching Information Warfare: Current and Future Adversarial Philosophy and Strategy by Greg Carpenter
Presenter: Greg Carpenter (KnowledgeBridge)
This presentation provides a concise overview of the philosophy and teaching strategies employed in academic and government institutions to educate adversaries on information warfare techniques and procedures. The information has been collected from various sources, including the Russian Ministry of Defense and the Peoples Liberation Army National Defense University. Most information has been collected from sources which are not publicly available. Participants will have a better understanding of what our adversaries’ strategic goals are and how to best identify and defend against them.
10:30 AM – 11:30 AM
GenAI & Security – Championing the use of GenAI within the Security Program
Presenter: Gary Hayslip (SoftBank Investment Advisers)
As GenAI use becomes the norm, what approach should CISOs take to effectively deploy these technologies and build resilient security programs?
11:30 AM – 12:30 AM
The Growing Threat of Supply Chain Attacks
Presenter: Erika Carrara (The Greenbrier Companies)
Success: No longer accepting the unacceptable risks we inherit from our 3rd parties. Implementing stricter vendor risk management practices and improved software supply chain security, reducing vulnerabilities introduced through third-party software. Challenging assumptions embedded in long accepted best practices.
Challenge: Sophisticated supply chain attacks, like SolarWinds and the CrowdStrike debacle, exposed the fragility of software supply chains and the potential for widespread damage. These incidents underscored the challenge of securing complex systems, where a single compromised component can infiltrate numerous others. The CrowdStrike incident prompted a reevaluation of allowing blanketed automated security updates, revealing potential vulnerabilities introduced through this practice. These events highlight the need for a multi-layered security approach, including rigorous vendor risk management, continuous monitoring, and robust incident response plans.
View Erika’s Speaker Showcase for this Conference on the GWDC YouTube channel
Presenters
Ira Winkler
Field CISO @ CYE Security
CISSP
Ira Winkler, CISSP is the Field CISO for CYE Security, former Chief Security Architect at Walmart, and author of You Can Stop Stupid, Security Awareness for Dummies, and Advanced Persistent Security. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader. He was named 2021 Top Cybersecurity Leader by Security Magazine, and most recently 2022 Cybersecurity Champion of the Year by the Cybersecurity Association of Maryland.
Ira is also author of the riveting, entertaining, and educational books, Advanced Persistent Security, Spies Among Us and Zen and the Art of Information Security. He also writes for a variety of online sites, including RSA Conference, DarkReading and ComputerWorld, and for several other industry publications.
Mr. Winkler has been a keynote speaker at almost every major information security related event, on 6 continents, and has keynoted events in many diverse industries. He is frequently ranked among, if not the, top speakers at the events.
Mr. Winkler began his career at the National Security Agency, where he served as an Intelligence and Computer Systems Analyst. He moved onto support other US and overseas government military and intelligence agencies. After leaving government service, he went on to serve as President of the Internet Security Advisors Group, Chief Security Strategist at HP Consulting, and Director of Technology of the National Computer Security Association. He was also on the Graduate and Undergraduate faculties of the Johns Hopkins University and the University of Maryland. Mr. Winkler was previously elected the International President of the Information Systems Security Association, which is a 10,000+ member professional association.
Mr. Winkler has also written the book Corporate Espionage, which has been described as the bible of the Information Security field, and the bestselling Through the Eyes of the Enemy. Both books address the threats that companies face protecting their information. He has also written hundreds of professional and trade articles. He has been featured and frequently appears on TV on every continent. He has also been featured in magazines and newspapers including Forbes, USA Today, Wall Street Journal, San Francisco Chronicle, Washington Post, Planet Internet, and Business 2.0.
Greg Carpenter
Chief Security Officer @ KnowledgeBridge International
CISM, Lean Six-Sigma Black Belt, and ISO-9000 lead auditor
Dr. Gregory Carpenter serves as the Chief Security Officer at KnowledgeBridge International, holds the title of Fellow of the Royal Society for the Arts in London, and was named the National Security Agency’s Operations Officer of the Year. He is on the Board of Directors for ATNA Systems, an advisor for RedSeer Security, a Senior Advisor for ARIC, Inc., and a Special Operations Medical Association member. Previously, Dr. Carpenter has served on the International Board of Advisors for the Mackenzie Institute and as an advisor for EC-Council University, Prior to his current role, Dr. Carpenter held various senior military and civilian positions, including Vice President for Cyber Operations, Chief of Security Testing, Chief Operations Officer, Counterintelligence Division Chief, Chief of Special Space Operations, and Functional Team Lead for Electronic Warfare.
Dr. Carpenter is a co-author of Reverse Deception: Organized Cyber Threat Counterexploitation, he is an international keynote speaker on adversarial psychology, techniques, and deception. He has worked projects with the UN, INTERPOL, and several domestic and international law enforcement and intelligence agencies.
He is a retired U.S. Army officer who served 27 years. He holds a Bachelor of Science, a Master of Science, and a Doctorate in Public Health. His professional qualifications include Certified Information Security Manager, Lean Six-Sigma Black Belt, and ISO-9000 lead auditor.
Gary Hayslip
Global CISO @ Softbank Investment Advisors
With over 20 years of IT, cybersecurity, and risk management experience, Gary Hayslip has established a reputation as a skilled communicator, author, board director, and keynote speaker. Currently, as Global CISO, he advises Softbank Investment Advisers (SBIA) executive leadership on protecting critical information resources and overseeing enterprise cybersecurity strategy. Hayslip co-authored the CISO Desk Reference Guide: A Practical Guide for CISOs, volumes 1 and 2, which enable CISOs to expand their business and leadership expertise. Hayslip’s previous executive roles include multiple CISO, CIO, Deputy Director of IT and Chief Privacy Officer for the US Navy (active duty), the US Navy (Civil Service), the City of San Diego, California, and Webroot Software.
Erika Carrara
VP, Chief Technology & Security Officer @ The Greenbrier Companies
Erika Carrara is a highly strategic and visible executive at Greenbrier Companies, serving as the Chief Technology & Security Officer. With a career focus on being a security-minded technologist, Erika is a business enabler who thrives on innovation and solving complex problems. Her deep understanding of both security and infrastructure, coupled with her alignment with the SRE methodology, allows her to create a more reliable, secure, and efficient IT environment.
Erika’s leadership philosophy centers on the power of thought, emphasizing that we become what we think about. She believes in continuous learning, serving others, and embracing individuality. Her foundational principles include defining one’s desires, setting clear goals, and viewing failure as a learning opportunity. As a leader, Erika is committed to empowering her team, fostering collaboration, and inspiring growth. She expects her team to embrace challenges, think critically, communicate openly, and strive for excellence.
Event Questions and Policies
Registration Questions
If you have any registration questions about this event, please contact the chapter using the Registration Contact Form.
If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.
Cancellation and Refund Policy
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.
If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.
Complaint Policy
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.
CPE Information
Earn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
Learning Objective
After attending this event, attendees will learn about current and future trends in the cybersecurity and risk governance space.
CPE-Related Details
ISACA® Greater Washington, D.C. Chapter
P.O. Box 13993
Arlington, VA 22219
Terms of Use ■ Privacy Policy ■ Cookie Policy
Chapter Information
ISACA GWDC