Registration Fees
2 DAY (FULL CONFERENCE) REGISTRATION
| By March 7, 2018 | After March 7, 2018 | After May 7, 2018 | |
| ISSA or ISACA Member | $245 | $345 | $400 |
| Non-Member | $395 | $495 | $550 |
| Government Employee* | $325 | $425 | $475 |
| Full Time Student* | $125 | $125 | $125 |
*Two Day (Full Conference) Registration Fees include the following: Opening Keynote and Reception and two-full
days of Education to include additional Keynotes and an offering of over 60 workshops session to choose from,
geared to meet your individual needs. Also included: Two full breakfasts, two full lunches, breaks and reception.
1 DAY (WEDNESDAY OR THURSDAY) REGISTRATION
| By March 7, 2018 | After March 7, 2018 | After May 7, 2018 | |
| ISSA or ISACA Member | $175 | $275 | $300 |
| Non-Member | $275 | $375 | $400 |
| Government Employee* | $215 |
$315
|
$340 |
| Full Time Student* | $75 | $75 | $75 |
*One Day Registration Fees include the following: Keynote(s) on day of attendance and Reception on day of
attendance if applicable and an offering of multiple workshops session to choose from, geared to meet your
individual needs. Also included: Breakfast, Lunch and breaks.
PRECONFERENCE (TUESDAY, MAY 8) REGISTRATION
| 2018 Pre-Conference Fee** | |
| Full Day | $275 |
| Half Day | $189 |
| Both Half-Day Sessions | $275 |
**These are in addition to the regular conference registration fees above (you must register for the full conference to attend
a PreConference Workshop). Pre-conference day includes a continental breakfast, lunch and breaks.
Hotel Information
Should you require accommodations in downtown Denver, a limited block of rooms are being held at a special rate exclusively for RMISC.
Hyatt Place Denver/Downtown
440 14th Street
Denver, CO 80202 303-893-2900
The discounted rate is $179 plus tax. This rate will be available until the room block has filled or until April 16, 2018, whichever occurs first. Due to anticipated demand, it is suggested that you make your room reservations as soon as possible.
Or you may call the hotel directly at 303-893-2900 and reference the booking code: RMISC to confirm the special rate.
CPE Credits
Participation in the Tuesday PreConference sessions can earn you 3-8 CPE credits depending on the session selected. You can earn up to 8 CPE credits per day on Wednesday and Thursday, May 9 & 10.
DRAFT AGENDA (Subject to Change)
Tuesday Agenda
| Tuesday, May 8, 2018 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 8:00 AM - 12:00 PM | PC1. Atomic Red Team Framework Training Casey Smith and Tony Lambert 8:00 AM - 12:00 PM $189.00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 8:00 AM - 4:00 PM | PC2. Auditing Cybersecurity and Data Analytics in Audit Michael Kostanecki 8:00 AM - 4:00 PM $275.00 | PC3. Cryptocurrencies, Security and You Jared Nishikawa 8:00 AM - 4:00 PM $275.00 | PC4. Practical Dev(Sec)Ops DJ Schleen 8:00 AM - 4:00 PM $275.00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 1:00 PM - 4:00 PM | PC5. CISO Leadership Forum James Carder - LogRhythm, Julie Chickillo - Beeline; Robb Reck - Ping Identity and Alex Wood - Pulte Financial Services 1:00 PM - 4:00 PM $189.00 | PC6. Cloud Security Training Mohamed Malki 1:00 PM - 4:00 PM $189.00 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 4:00 PM - 7:00 PM | Welcome Reception and Job Fair in Exhibit Hall 4:00 PM - 7:00 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Wednesday Agenda
| Wednesday, May 9, 2018 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 7:00 AM - 8:00 AM | Breakfast in the Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 8:00 AM - 9:15 AM | Keynote Keynote Session with Lain Hensley | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 9:25 AM - 10:25 AM | App Sec A1. Token Binding: Foundation for a More Secure Web | Incident Response A2. There Now, That Wasn’t So Bad (How to Make Cyber Incidents Hurt Less) | Architecture/How-To A3. PIE - An Active Defense PowerShell Framework for Phishing Defense | Emerging Trends A4. Introducing the Colorado Threat Information Sharing (CTIS) Initiative | Security Stories A5. Doing More With Less -- By Doing…Less? | Audit, Risk & Compliance A6. Maturing Third-Party Risk Management | Vendor A7. Probability in Security | Leadership A9. Leadership at the Speed of Life | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 10:25 AM - 11:15 AM | Networking Break in Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 11:15 AM - 12:15 PM | App Sec B1. Measuring Software Security Programs using BSIMM | Security Management B2. Colorado CISO Panel | Architecture/How-To B3. Analyzing the Kill Chain: How to Load Your Gun When You Can’t Buy a Silver Bullet | Emerging Trends B4. Hunting for Cyber Threats Using Threat Modeling and Frameworks | Security Stories B5. Lessons Learned from the Legal Trenches - What Happens When Law and Technology Collide | Audit, Risk & Compliance B6. Combating Vulnerabilities as a Team | Vendor B7. Deception - Lure, Detect, Defend | Vendor B8. Identity-Driven Security | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 12:30 PM - 1:30 PM | Lunch | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 1:30 PM - 2:00 PM | Desserts in Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 2:00 PM - 3:00 PM | App Sec C1. Building Patterns for Secure Microservices, an Approach and Pattern Zero Candidate | Security Management C2. Women in Security Panel: Trailblazers and Torchbearers | Architecture/How-To C3. GreatSCT: Gotta Catch 'Em AWL (Application Whitelisting) | Emerging Trends C4. Container Native Application Protection in a Cloud Native World | Security Stories C5. Chasing LEAD, a Japanese APT Story | Audit, Risk & Compliance C6. Math is Hard: Compliance to Continuous Risk Management | Vendor C7. Investigate and Mitigate Potential Insider Threats | Vendor C8.Security, Visibility, Automation for your Cloud & Network Infrastructure | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 3:15 PM - 4:15 PM | App Sec D1. Detection as Code: Apply the Software Development Lifecycle to Your Blue Team | Incident Response D2. This Way to the Dark Metaverse: Threatcasting Tomorrow’s Threats | Architecture/How-To D3. Pen Test Data Science: Vulns, Metrics, Lions, Tigers, and Bears, Oh My | Emerging Trends D4. The Myth of IoT Security | Security Stories D5. Ransomware Recovery: How One City Got Through It | Audit, Risk & Compliance D6. Taking Compliance to the Cloud (Tools and Techniques Using ISO Standards) | Vendor D7. End The Dark Endpoint Epidemic With Absolute | Vendor D8. Change is Simply an Act of Survival | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 4:30 PM - 5:15 PM | Keynote Keynote Session with Dan Burns | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Thursday Agenda
| Thursday, May 10, 2018 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 7:00 AM - 8:00 AM | Breakfast in the Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 8:15 AM - 9:15 AM | Keynote Keynote Session with Daniel Miessler | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 9:15 AM - 10:00 AM | Networking Break in Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 10:10 AM - 11:10 AM | App Sec E1. Security in the Automated Pipeline; A Story of Fear, Perseverance and Triumph | Incident Response E2. "I" Before "R" Except After "IOC" | Architecture/How-To E3. AWS Security Best Practices | Emerging Trends E4. Oil and Water DO Mix: Implementing Compliant Change Management in a CICD Environment | Soft Skills E5. Managing Your Identity: Are You Limited, Limiting or Limitless? | Audit, Risk & Compliance E6. GDPR . . . Separating Fact from Fiction | Vendor E7. Minimizing the Detection to Recovery Timeframe | Vendor E8. Digital Identity Authorities - the Key to Enterprise Cloud Transformation | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 11:15 AM - 12:15 PM | App Sec F1. From Rogue One to Rebel Alliance: Building Developers into Security Champions | Incident Response F2. 0 To Hero in 60 Weeks: How to Build a World Class IR Team | Architecture/How-To F3. A Proven Method for Finding Targeted Attacks with Free and Open Source Tools | Emerging Trends F4. The Secure Metamorphosis - Streaming Logs with Kafka and TLS | Soft Skills F5. Human Hacking: The Psychology Behind Cybersecurity | Audit, Risk & Compliance F6. GDPR Impacts on Incident Response | Vendor F7. The “Zero Trust” Model for Cyber Security | Vendor F8. Incident Response Preparedness for Executives | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 12:30 PM - 1:30 PM | Lunch | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 1:30 PM - 2:00 PM | Desserts in Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 2:00 PM - 3:00 PM | Vendor G8. Yes, You Can Get Burned When Its Cloudy | App Sec G1. Rock Your Next Web Application Penetration Test | Audit, Risk & Compliance G3. Realistic Cyber Security Practices – Conducting Cyber Security Assessments | Emerging Trends G4. The Evolution of a Hack for Financial Gain: CryptoJacking, CryptoCurrencies, and Blockchains | Security Management G5. Persuasion Techniques for Selling Security – No Really | Audit, Risk & Compliance G6. SecDevOps: Auditing Security at Scale | Vendor G7. Turtles, Trust and The Future of Cybersecurity | Escape Room Living Security Escape Room | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 3:15 PM - 4:15 PM | Vendor H8. How Targeted Attacks Such as Phishing and Ransomware Break Through Traditional E-mail Security | App Sec H1. Would You Like to Play a (Security) Game? | Security Management H2. Inside Cyber Balance Sheets: Communicating Cyber Risks to Your Executives | Architecture/How-To H3. Blowing up the 16-Digit Gold Mine | Emerging Trends H4. Business Ramifications of Proposed State and Federal Cybersecurity Legislation | Security Stories H5. Evolving Pentesting to Create Measurable Defensive Improvements | Audit, Risk & Compliance H6. SOC 2, COSO, and ISO 27001 Walked Into a Bar – What Happened? | Vendor H7. Cybercriminal Operations Revealed | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 4:15 PM - 5:15 PM | Keynote Keynote Session with Phil Palisoul | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 5:15 PM - 5:45 PM | Lite Reception & Prize Drawings | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||