ISACA-CMC 20th Annual Day of Training with G. Mark Hardy - January 2024 Virtual Training

When:  Jan 10, 2024 from 08:30 to 16:00 (ET)
Associated with  Central Maryland Chapter

The ISACA Central Maryland Chapter invite you to our monthly training event on Wednesday, January 10, 2024. ISACA Members, AGA Members, cyberaudit, assurance, Cybersecurity Nexus (CSX), risk management, governance, and internal control professionals and practitioners new to the field and those with years of experience will benefit from this event. The training event offers an opportunity to expand your network and build onto your knowledge and skills. 

After registration, you will receive the Registration Confirmation e-mail which will also include the Attendee Hub session link to connect to the training session on the day of training.

Note: This training earns up to 7 CPEs if attended for duration.

Speaker: G. Mark Hardy


CISO Mindmap: The CISO Mindmap is Rafeeq Rehman's tour de force that enumerates the myriad responsibilities of a modern CISO. This presentation will examine the major elements of an InfoSec Professional's responsibilities, examine the recent updates and themes for 2024, and how to incorporate this wisdom in your career to improve your knowledge and value to your organization.

Presenting to the Board: With recent SEC rulings and governance initiatives, security leaders are going to be called more frequently to present to the board and executive teams. This presentation will offer templates for effective high-level communication, tips on what information to include (and NOT to include) and walk through a sample briefing of how to discuss a major security breach.

Ransom-where? We spend a lot of time trying to present ransomware, but in spite of our best efforts, it still happens. A lot. Small businesses, medical establishments, and local governments are becoming a frequent target because they often lack the resources of a large corporation. Learn what you can do with very little money to protect (or increase the protection) of your organization.

Faking out the Bad Guys: The core functions of the NIST Cybersecurity Framework are identify, protect, detect, respond, and recover. The problem is protective controls fail (otherwise we wouldn't need any other function) and detection is often time late (Ponemon says 207 days to detect a breach.) There is a better way. We'll explore how deploying non-production resources can provide low-noise, high-fidelity detection early and often, putting the odds back on our favor.

Generative AI and Security: Advances in generative AI (e.g., ChatGPT) seem to be happening weekly. But AI poses three distinct hazards for security professionals: weaponized for nefarious activity, malicious targeting of corporate AI systems, and unintended consequences for both inputs and outputs (e.g., a programmer who uploaded proprietary source code to ChatGPT made it public.) We'll explore ways to protect ourselves in this brave, new world.

Cyberwarfare In Battle:  What Have We Learned So Far? It's now been nearly two years, and the war in Ukraine has led to numerous innovations, both on and off the battlefield. What does the future hold for development and deployment of cyber weapons? Unlike old tanks that can be refurbished, Windows 95 exploits have no modern usefulness. Yet innovations on both sides continue to break new ground in the conduct of modern conflict. We'll examine a number of these and look at how this might become part of a future national strategy.

Single Vendor Security: Organizations have dozens, often hundreds, of vendors present in their environment; many of which are used for cybersecurity. But is there a single vendor that could protect the enterprise? Surprisingly (or not), Microsoft comes the closest. We'll examine a strategic array of Redmond-based solutions that you may already be paying for that can increase your security posture without damaging your budget.

We promise you a high knowledge value session. 

7:30 – 8:30 - Registrants and speakers enter the attendee hub to join the meeting for networking time.
8:30 - 10:00 - Presentation

10:00 - 10:20 - Break

10:20 - 12:00 - Presentation

12:00 - 1:00 - Lunch

1:00 - 2:00 - Presentation

2:00 - 2:20 - Break

2:20 - 4:00 - Presentation

4:00 - 4:15 - Networking & Q&A

Earn 7 CPEs toward your CISM, CISA, or other certification (CPE credits are based on 50 minute increments)

Members $100.00
Non-Members $150.00
Retirees $75.00
Full-time Students $75.00
(*Members Price is for all ISACA, IIA, ISSA, AGA, and CFE members)

Payment options:
• Pay by credit card

Training Session 8:30 AM to 4:00 PM*
* A break will be offered in between training sessions

Cancellation Notice: Please refer to the “Fees” page for our refund policy for this event. Full refunds will be given if registration is cancelled prior to noon on Sunday (January 7, 2024) before the meeting is held. Use either the link in your confirmation email or select “Already Registered” at the bottom of the meeting summary event page to access your registration (i.e., the email address used to register for the event and your confirmation number will be needed to access/modify/cancel your registration). If you need to cancel after that date, please contact Wendy Wang via email at as refunds will not be given, although attendance is transferable. Reservations made after this time will be accepted on a first come, first served basis, but cannot be guaranteed due to space limitations and may include a late fee. ISACA Central Maryland Chapter reserves the right to cancel this event if there is not sufficient participation.  Participants will be notified in the event that the monthly meeting has been cancelled and paid registrations will be refunded.


ISACA-CMC Membership