Fourth Quarter Educational Events to Stay on Track

Among the top venues for Q4 2019 is the CISO Forum 2019 presented by Intel and opening on September 24^th at the Ritz-Carleton in Half Moon Bay, CA. Events take place on the 25^th and the 26^th and close with the 2019 SecurityWeek Golf Classic. For more information on this invitation only event, see, https://www.cisoforum.com/.

Since 2002, SecurityWeek has held a CyberSecurity Conference focused on Industrial Control Systems (ICS) — the ICS Cyber Security Conference. It is the largest and longest running of its kind and attracts leadership among operations and control engineers, IT, government, vendors and academics. Over the years, the focus of the conference has shifted from merely raising awareness of the many threats to the security of infrastructure to sharing security event histories and discussing solutions and protection strategies as organizations begin to experience differing forms of attack. The conference series now includes two editions, the flagship event each October in the U.S., and a Singapore/APAC event that takes place each April.

As this was the original cybersecurity conference for the industrial control systems sector, the events cater to the needs and interests of leaders in the energy, utility, chemical, transportation, manufacturing and other industrial and critical infrastructure organizations as they face growing risks and even experience attacks to plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs) and other field control system devices.

As indicated by its website, the number of attendees is capped and there is ample time during breaks and social events to get to know and exchange ideas with the other participants.

This year's event in the U.S. will be held October 21-24, 2019 at the Intercontinental Buckhead in Atlanta, GA. For more information contact https://www.icscybersecurityconference.com/about-ics/.

DerbyCon is an event sponsored outside of the corporate arena per se. This year will be the ninth year running as DerbyCon 9.0 at a new location at the Marriott Louisville. Training is set for September 4-5 and the conference runs September 6-8.

The idea of DerbyCon started in a pizza shop in Louisville where several veterans of security conferences wanted to hold an event where everyone was welcome. DerbyCon has and continues to be a conference put together and run by people exposed to many conferences in the security industry. They liked the central location of Louisville and wanted to create an atmosphere for everyone to meet with industry associates to share their research and tackle new challenges.

DerbyCon's theme in 2018 was Evolution, reflecting the fact that the information security space started from something simple and has become more and more complex each day. This is the theme that brought me to review these events in the first place. How we handle the complexities and tackle situations is all a part of how we grow as an industry, and DerbyCon is meant to be a place where novices as well as industry leaders in INFOSEC has something to offer and become more familiar with the landscape.

Follow the construction of the DerbyCon 9.0 event at https://www.derbycon.com/.

The Open Web Application Security Project, or OWASP, offers worldwide events with a common theme. This year Global AppSec – DC is coming September 9-13, 2019 to the Washington Marriott Wardman Park Hotel in the nation's capital. Formerly known as Global AppSec US, this week-long event is the largest gathering for the open security community in North America. Designed for private and public sector INFOSEC professionals, OWASP is a three-day training event and two-day conference that provides resources for building a more secure Internet to developers, defenders and advocates by giving them access to leading application security technologies. This promises to be a unique event that will build on OWASP knowledge and experience.

GSX, or Global Security Exchange, will take place in Chicago, IL this year from September 8-12. It is hosted by the Chicago Chapter of ASIS International, the world's largest association for security management professionals. GSX 2019 provides a full conference program of over 300+ security courses and pre-conference certification review courses for professionals at every level.

The GSX website stresses its efforts to enhance the experience of those who attend with a wide array of educational programs and valuable networking opportunities with like-minded industry professionals. An interactive trade show floor allows exploration of both current and future security landscapes, the ability to exchange key ideas and best practices, expand global connections, and see new innovations firsthand.

An added attraction to the Chicago GSX will be the keynote by General John F. Kelly. General Kelly, a four-star General, U.S. Secretary of Homeland Security, and White House Chief of Staff, has continued to protect the United States both abroad and at home. His unique ability to provide first-hand insight into the evolving global geopolitical landscape is invaluable when putting U.S. security priorities in historical context and rendering a future perspective. Gen. Kelly will share his insights on the trends, risks, and potential rewards amid the hot spots around the globe, and the role the U.S. plays (and should play), in bearing responsibility for securing our nation and taking on security worldwide.

Take a look at the event website at https://www.gsx.org/general/we-are-excited-to-welcome-you-to-chicago/.

SectorSecure brings Canada's premier name in IT Security to its conference in Toronto on October 7-10. They offer five two-day training sessions and two one-day summit offered by industry representatives and conference sponsors.

SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defenses, so the conference provides a serious opportunity for IT security professionals, managers and executives to connect with and learn from their mentors and peers.

SecTor's keynote speaker on October 9 will be Radia Perlman, a Fellow at Dell EMC whose innovations in routing protocol design made network routing more robust and more scalable. Her other security-related contributions include assured time-based expiration of data from a cloud, and improved usability and security of authentication.

An author of one and co-author of another textbook, Perlman has been recognized with industry honors, including induction into the National Academy of Engineering, the Inventor Hall of Fame, and the Internet Hall of Fame. She has a Ph.D. in Computer Science from MIT and holds over 100 patents.

If you have an opportunity to make it to Toronto on October 9^th this year, check out SecTor's event at https://sector.ca/conference.

Hacker Halted is the EC-Council's Annual Information Security Conference. The EC-Council itself is the leading cybersecurity credentialing body and the creator of the globally renowned Certified Ethical Hacker credential. Their Hacker Halted conference focuses on ethical hacking topics, with four days of technical training courses leading up to the conference.

The full event takes place this year in Atlanta at the Renaissance Atlantic Waverly where the Annual Information Security Conference is set for October 10-11. Registration is available for the Conference Pass only or for several levels of Ethical Hacking courses. See, https://www.hackerhalted.com/

The Information Security Forum will host its ISF's 30th Annual World Congress in Dublin this year, an industry leader in global information security conferences.

This flagship global event offers attendees an opportunity to discuss and find solutions to current security challenges and gain practical advice from peers and leading industry experts from around the world.

Professionals can join over 1,000 global senior executives and business leaders for 3-days of keynote presentations, workshops and networking sessions where you can share knowledge, best practice and thought leadership in a confidential peer-group environment. To get more information and register, see, https://www.securityforum.org/events/world-congress/isfs-30th-annual-world-congress/

SecureWorld presents events in multiple venues during Q4 2019 from St. Louis on September 18 to Seattle on November 13-14. Check details for each city at SecureWorld, which offers plenty of resources, particularly in live and on-demand courses providing the latest thinking and doing for CISOs. For more information, visit https://www.secureworldexpo.com/.

On November 4-6, IT leaders from law firms and service providers around the globe will gather in La Jolla, CA to talk about the latest in technology trends for the business and practice of law at LegalWeek's Strategic Technology Forum at the Estancia LaJolla Hotel & Spa. There you will be met by well-respected leaders in the use of technology in law firms whose innovations and industry insights, understanding of new trends, and experience in how to integrate new technologies into the life of the law firm where client support and client service can lead to successful resolution of conflict or transactional objectives. (La Jolla is also a nice place to vacation if you're usually east of the Mississippi.) For more information, see, https://www.event.law.com/legalweek-strategic-tech-usa/venue.

Overall, it promises to be an interesting and educational mix of events for Q4 for security professionals. There are training and CPE credit opportunities at virtually all the events mentioned above. To summarize:

Sept. 4-8:         DerbyCon, Louisville — Focused security courses

Sept. 8-12:       GSX (Global Securities Exchange), Chicago — ASIS training tracks daily

Sept. 9-13:       OWASP, DC — 2 days of training

Oct. 7-10:        Sector Secure Canada, Toronto — 2 days of training

Oct. 10-11:      Hacker Halted, Atlanta — Multiple Certification Opportunities

Oct. 26-29:      International Security Forum, Dublin — CISSP/ISACA (CPE)

Nov. 4-6:         Strategic Technology Forum, La Jolla, CA — 3 days of courses on driving revenue and technology platforms

Everything that takes place within this space will make a difference within the regulatory environment and therefore to practitioners or observers of cybersecurity law. I hope readers of this newsletter will take advantage of what is available. Things change very rapidly, as we all know.

*****

Nina Cunningham, Ph.D., is a member of the Board of Editors of this newsletter, an affiliate of Altman Weil, Inc., and president and CEO of Quidlibet Research Inc., a global strategic planning and cost management firm founded in 1983.