Internet of Things Security Conference

When:  Dec 6, 2018 from 8:00 AM to 2:30 PM (ET)


GWDC Member - $105, Other ISACA Member - $135, Non-ISACA Member: $150


Attendees of this one-day conference will learn about the Internet of Things and how it impacts security and privacy. Additionally, attendees will be able to prepare their business for the unknown by anticipating enterprise risks and closing security gaps created by new devices that are being connected to their network.


Securing Data in Smart Cities
NTT Group, one of the biggest information and communication technology companies in the world that encompasses NTT Data, NTT Communications and Dimension Data, believes smart cities are the natural evolution in public safety that should make full use of next-generation sensors, ultra-high definition cameras and other forward-reaching technologies. This session covers the smart city solution is built on NTT Group’s Cognitive Foundation architecture. 

When Intelligent Digital Assistants ( IDAs)  Turn into Insider Threat Assistants (ITAs)
Intelligent Digital Assistants (IDAs) have opened up a new world of convenience in home and work ecosystems. Waking up in the morning and finding out, with a simple question, what is your schedule or how the weather is, completing your shopping list with a simple verbal request is a game changer with good and bad outcomes. Gartner predicts that the IDA market will increase to over 2.1BN by 2020. However, it appears that as we surround ourselves with more and more IDA devices, more and more news reports are delivering stories that are raising concerns regarding the reliability and trustworthiness of such IVAs. In this presentation we will discuss the IDA core architectures and the security and privacy concerns raised by their integration into home and work environments.

IoT Device Fingerprinting - Interpreting the IoT Communication Without Deciphering It
The plethora of interconnected ‘Things’ that are flooding our everyday lives are offering features that enhance human experiences, and our lives in general. The very same devices often pose cybersecurity threats that may overshadow the benefits. A series of DDoS attacks against Dyn LLC in the fall of 2016 demonstrated how high is the security risk and revealed the tsunami effect of such attack originated by unsecure, compromised IoT devices.   Current presentation will introduce our research focused on analyzing IoT network traffic generated in the NIST IoT Lab. The analysis employs statistical- and cognitive-based methods to 'fingerprint' IoT devices with dedicated functionality. We will discuss features selection, consideration of various ANN models and their selection criteria for IoT traffic analysis, and device fingerprinting using the aforementioned models.  The presentation will conclude with a brief discussion of our future research focused on leveraging the IoT device fingerprinting approach to identify malicious behavior or deviations from normal behavior that may raise security concerns.

Complexity and issues dealing with integration of IoT
enabled devices in legacy systems that have long duration life cycles.
The presentation will focus on the architecture and implementation at the application level of the IoT protocol stack and propose some design principles that can assist in the effective operational use of IoT enabled devices as they are introduced into operational use. These technologies not only employ a vast number of sensors (audio, video, RF, and environmental) but also may have in- and out-of-band signaling and control of individual components using the nascent IoT technology. Security enhancements are possible and, just as importantly, data integrity and validation assures QA/QC functions required of a robust customer service. Most of these new technologies are available as vertically implemented point solutions. The products can be effectively folded into a common logical architecture for symbiotic transfer of information among the systems and subsystems to permit efficient use of resources while lowering operating costs. If implemented within a unified architecture, it may also be possible to increase the level of security, integrity and continuity of service of all applications serviced.


Who should attend?

  • Any professional in the Information Security / Assurance industry, including IT auditors, IT consultants, and general IT professionals with exposure to or looking to get exposure to cybersecurity initiatives.
  • Anyone that is already or anyone interested in getting involved with the ISACA CSX program.

AGENDA - Provided when the conference is finalized.



Shamlan Siddiqi

Vice President and Chief Technology Officer for Public Sector, NTT DATA

Shamlan Siddiqi is Vice President and Chief Technology Officer for Public Sector at NTT DATA, a leading global IT and business services firm.  He drives the firm’s technology vision, strategy and innovation. Previously, Mr. Siddiqi held executive roles including VP of Applications and VP of Digital where he led the development of award winning commercial solutions.  Mr. Siddiqi has served on numerous industry working groups/ task forces on topics including blockchain, digital/ cloud and cyber security in addition to being a published writer/ contributor and speaker. Mr. Siddiqi is also actively supporting an internal organization called Women Inspiring NTT DATA (WIN) DC Chapter to support the identification, retention and development of women across NTT DATA.  Mr. Siddiqi has served on the Board of Directors and is currently a Charter Member of an Entrepreneurship non-profit organization focusing on mentoring and guiding aspiring students and professionals on teamwork, career development and leadership. Mr. Siddiqi was recently awarded the Prominent Patriot award from George Mason University.

Michaela_Iorga (1)

Dr. Michaela Iorga

Senior Security Technical Lead for Cloud Computing

Dr. Michaela Iorga is the Senior Security Technical Lead for Cloud Computing with the National Institute of Standards and Technology (NIST) and the Co-chair ofNIST Cloud Computing Security and Cloud Computing Forensic Science Working Groups.  Michaela is a recognized expert in cloud computing, information security risk assessment, information assurance and ad-hoc mobile networks. In her role at NIST, she works with industry, academia, and other government stakeholders to develop and disseminate vendor-neutral cybersecurity standards and guidelines that meet national priorities. Dr. Iorga’s current work includes the development of security, privacy and forensic specifications and guidelines that support the widespread adoption of cloud and IoT technology.


Dr. Olivera Kotevska

Doctor of Philosophy

Olivera Kotevska is currently a postdoctoral researcher at the National Institute of Standards and Technology (NIST), working with the Secure Systems and Applications Group as part of the Computer Security Division. Her research interest is in the field of machine learning, network science, and the Internet of Things. She received her Ph.D. degree in Computer Science from the University of Grenoble Alpes, France, and M.Sc. and B.Sc. degree from Saints Cyril and Methodius University, Macedonia. She is a member of AI, Big Data working group, and Global City Teams Challenge at NIST.


Dmitry Cousin

Specialist at National Institute of Standards and Technology

Dmitry Cousin is a specialist in the security automation and mechanisms group of cybersecurity division (CSD) in NIST. Dmitry has over 20 years of experience with building, analyzing and using connectionist models and other methods of artificial intelligence (AI) in various fields that include: speech recognition, automated securities analysis, and security automation among the others.


Prasad Nair

President of Project Management Enterprises,

Since 1985 and until 2017, Mr. Nair has been president of Project Management Enterprises, Inc (PMEI), a Bethesda-based business focused on various areas of energy management and aviation data communications. Mr. Nair is now the President and CEO of Nair and Associates, LLC. an entity formed by re-organizing of the operations of (PMEI) with the purpose of focusing on the evolving energy monitoring and management sector. He has provided system integration, engineering and consulting services to Federal Government and the private sector, including Department of Energy, Federal Aviation Administration, National Aviation and Space Administration, General Services Administration, Library of Congress, Architect of the Capitol and a number of large and small commercial organizations. Nair is co-inventor of U.S. Patent 6,477,359 B2, Diversity Reception for Aeronautical Packet Data Communications Systems, and also is co-inventor identified on more than a dozen communication patent applications.


Paul Plofchan

Area Director for Zingbox

Paul Plofchan is an Area Director for Zingbox, helping health systems manage medical device security in the Southeast. His past experiences include positions as Vice President of Government & Regulatory Affairs and Chief Privacy Officer at ADT and various corporate affairs and sales leadership roles at Pfizer, Inc. He is also the co-founder and past board member of Kind Hearts, Inc., a Nebraska company dedicated to helping seniors live independently in their communities. Paul is a graduate of both the University of Notre Dame and the University of

Nebraska and is certified in data privacy through the International Association of Privacy Professionals (IAPP).

Paul’s civic involvement includes working with the FBI InfraGard Chapter of South Florida as both a board member and sector chief and prior experience as Chairman of bio Nebraska, a life sciences association.


Special Instructions

ISACA Members from Other Chapters: You will need to bring your ISACA Membership Card to the event to verify your ISACA Membership.

Presentations: Conference presentations will be included in the registrants' final event-related email message containing the CPE certificate and evaluation survey when permission is received from the presenter and their organization. In some cases, permission is not received.

Requests for Assistance: If you require assistance for an audio, visual, or other disability, please contact the Programs Director to discuss your needs, as soon as possible.  We need as much advance notice as possible to determine whether requests can be accommodated. Thank You.

If your organization is interested in being an event sponsor, please take a look at the five (5) various event sponsorship packages and click this sponsorship link to become a sponsor.

CPE Information

Earn up to 7 Continuing Professional Education (CPE) credits in the area of Specialized Knowledge. The ISACA® GWDC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:

CPE Distribution and Evaluation Survey

CPE's will be distributed via e-mail along with the event evaluation survey up to seven (7) business days after the completion of the event. Attendees must be present the full day to receive full CPE credit.

CPE-Related Details

  • Prerequisites and Advance Preparation: N/A
  • Program Knowledge Level: N/A
  • Delivery Method: Live in person event
Date: December 6
Time: 8:00 am - 4:30 pm
Cost: GWDC Member - $105, Other ISACA Member - $135, Non-ISACA Member: $150
Event Category: 
Event Tags: 


Holiday Inn Rosslyn @ Key Bridge
1900 North Fort Myer Drive 
Arlington, VA 22209 United States
+ Google Map
Please do not contact the venue directly regarding this event.


Holiday Inn Rosslyn @ Key Bridge
1900 North Fort Myer Drive
Arlington, VA 22209


Marvin Muhumuza