This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
Contact Us   |   Print Page   |   Sign In   |   Join Now
May CISO Forum Dallas 2013

Theme: Incident Response - Threats and Malware Everywhere…
Now’s the Time to ACT!

Date: May 9-10, 2013
Location: Dallas, TX

Overview: Threats and malware are everywhere; now is the time to act! Security incidents are on the rise, both in volume and sophistication. Today’s CISO must develop complex incident response capabilities to address the anticipated threats as well as unforeseen "surprises.” This CISO forum exists to help today’s security leaders improve threat intelligence, develop or enhance incident response teams, and improve incident reaction to expedite recovery. In addition, the forum provides insight into new initiatives and best practices for sharing threat information. Don’t miss this opportunity to network, ask questions, and exchange ideas with your CISO colleagues and our presenters. With threats and malware everywhere these days, it truly is time to act now!

Register today to join us for this peer-only event.
Click here for guest registration and criteria. First time qualified guests may attend at no charge.

  • Event Registration
  • Agenda
  • Venue
  • Rooming Reservations
  • Transportation Options
  • Questions

  • Event Registration

    CISO Executive Members click here to register to attend this ISSA CISO Executive Forum. Rooming reservations can be made at the host hotel, as described below.

    CISO Guests click here for Membership Criteria and Guest Registration Details.


    Thursday – May 9, 2013

    5:00 p.m. - 8:30 p.m. Opening Keynote Dinner

    Gunter Ollmann - Chief Technology Officer, IOActive, Inc.

    Breach Detection in 2013

    "Compelling events” kick start and drive incident response. The sooner an organization can spot such an event, the quicker it can recover and the less harm the infiltrator can cause. The trick to optimizing an incident response plan lies in early detection and rapid classification.

    Today’s advanced malware and outsourced delivery services – with money-back guarantees and performance SLA’s – ensure that layers of protection and defense-in-depth will be evaded and defeated. Yet there are a number of network based approaches which have been developed over the last three years capable detect breaches as they occur - independent of the injection vector - and can help differentiate between insider threats, industrial espionage, cyber-crime, and state-sponsored attacks.

    In this keynote address we’ll discuss what role big data analytics, machine learning and automated attribution systems play in incident response going forward.

    Click here to download presentation slides.

    Friday - May 10, 2013
    8:00 a.m. - 9:00 a.m.

    Registration and Breakfast

    9:00 a.m. - 9:15 a.m.

    Opening Comments and Welcome Address

    9:15 a.m.- 10:15 a.m.

    Carlos Carrillo - Manager, Mandiant

    Critical Skills in Incident Response

    Mandiant has assisted many organizations around the world that were victims of advanced, targeted attacks. Experience has shown that organizations can detect and halt advanced attacks if they understand the threat and prepare in advance.

    As with other types of criminal investigations, the successful resolution of the event is dependent on the availability of evidence and the analytical skills of the investigators. In incident response, the investigative team must understand digital evidence collection, forensic analysis and how formulate a course of action to effectively bring the event to closure. Gaps in investigative skills will delay the response and provide the attacker an opportunity to steal data and further embed themselves in the network. This presentation is based on Mandiant’s extensive experience in investigating and remediating advanced attacks, and outlines key skills a response team requires to quickly respond to and stop advanced attacks.

    10:15 a.m. - 10:45 a.m.

    Networking Break-Sponsor Pavilion

    10:45 a.m. - 11:45 a.m.

    Industry Expert Panel - Incident Response
    Moderator: John Dickson - Principal, Denim Group, Ltd.

    Jay C. Grant - Director, Professional Services, North & South America, AccessData
    John Jacott - Director, Security Solutions, Coverity
    Ty Weis - Client Technical Specialist, IBM
    Robert Hansen - Director of Product Marketing, WhiteHat Security

    11:45 a.m. - 1:00 p.m.

    Networking Lunch

    1:00 p.m. - 2:00 p.m.

    Russ Nolen - Director of Malware Research, Attack Research, LLC

    Real Recovery Operations

    2:00 p.m. - 2:30 p.m.

    Networking Break-Sponsor Pavilion

    2:30 p.m. - 3:30 p.m.

    Christopher Bronk - Lecturer, Rice University; Fellow, James A. Baker III Institute for Public Policy

    The Geopolitics of Cyber

    "There’s no cyberwar without a real war,” argues cryptographer Bruce Schneier. Yet some sort of cyberconflict with China is afoot. After the U.S. Air Force asked, I considered what a cyberwar, with some real shooting, might look like between the United States and China. In it, I thought cyber-arms would blind, cripple and confuse, but missiles, bombs and torpedoes would do the killing. That will likely change. A nationalist with a revolver sparked World War I. Similarly polarized parties could make mayhem through cyberspace, possibly starting a war. I can’t say what chain of events will lead to war, but I do see many of the biggest potential targets in energy.

    3:30 p.m. - 3:50 p.m.

    Networking Break-Sponsor Pavilion

    3:50 p.m. - 4:00 p.m.

    Sponsor Prize Drawing

    4:00 p.m. - 5:30 p.m.

    Open Discussion

    5:30 p.m. - 7:00 p.m.

    Closing Reception

    *Please note: all times and speakers are subject to change.


    Intercontinental Dallas Hotel
    15201 Dallas Parkway
    Dallas, TX, 75001

    Rooming Reservations

    Intercontinental Dallas Hotel

    The conference rate is $139.00 (+ tax) per night. To secure a room please contact the Intercontinental Dallas Hotel by booking online (click on "View Rooms and Rates") or by calling Reservations at 1-877-317-5786 and asking for the ISSA CISO Forum rate. Reservations must be made by April 17, 2013 or before the group rooms are sold out, so do not delay.

    Please note: Prevailing rates may apply after these dates or when the group rooms are sold out, whichever occurs first. Early departure fees may apply should you check out prior to the confirmed check out date.

    Transportation Options

    Transportation options can be found by clicking here.


    Please contact Kris Tanaka at ISSA International Headquarters
    1 866 349 5818 ext. 105
    Direct: 1 503 214 2294


    This event is generously supported by:




    Community Search
    Sign In


    ISSA Thought Leadership Series: The Asset Management Resurgence

    2/22/2020 » 2/23/2020
    February 2020 ISSA Cyber Executive Forum San Francisco, CA

    Copyright © 2016, Information Systems Security Association, All Rights Reserved
    Privacy PolicyCopyright Information