The ISACA New York Metropolitan Chapter is dedicated to furthering the educational landscape of our IT Professional community. The goal of the Education Committee is to plan, schedule and deliver the latest information technology, security, audit, governance, risk and audit educational training programs and webinars to our members.

​Call to Action

The Education Committee is looking for volunteers to participate in committee activities. Please send e-mails to to learn how to get involved.

Upcoming Onsite Courses

Full-time students and veterans are eligible for a 25% discount off membership rates upon presentation of current class schedules or a valid student/veteran ID. Please be sure to register early for the upcoming classes. Unless the registration is open, the date and subject matter may be changed at a later date.

Cloud Security Training Course – April 1-2, 2020

St. Johns University Room 203
101 Astor Place
New York, NY 10003

Instructor – Jay Ranade (Risk Management Professionals International) 

Training: Duration: 2 days 

Training Delivery Method: On-site, instructor-led course; or online, instructor-led course, or hybrid class


CCSK credential is designed for experienced IT professionals with at least five years of full-time IT experience, including two years of information security experience. 

What Problem Does This Training Help Solve?
Cloud Security is most appropriate knowledge credential for those whose responsibilities involve procuring, securing and managing cloud environments or purchased cloud services.

Who Should Attend?
Cloud Enterprise Architects, Security Administrators, Systems Engineers, Cloud Security Architects, Security Consultant, Security Engineers, Security Managers, Systems Architects

Course Syllabus:
This training course is for individuals preparing to take the CCSK Exam. In this course, professionals will learn the 14 domains of as determined by CSA (cloud security alliance): 

Domain 1: Cloud Computing Concepts and Architectures

Domain 2: Governance and Enterprise Risk Management

Domain 3: Legal Issues, Contracts and Electronic Discovery

Domain 4: Compliance and Audit Management

Domain 5: Information Governance

Domain 6: Management Plane and Business Continuity

Domain 7: Infrastructure Security

Domain 8: Virtualization and Containers

Domain 9: Incident Response

Domain 10: Application Security

Domain 11: Data Security and Encryption

Domain 12: Identity, Entitlement and Access Management

Domain 13: Security as a Service

Domain 14: Related Technologies

Level: Moderately Technical, 16 CPEs

Link to Registration Site:


Prevention, Detection and Recovery from Cyberattacks: A Seminar/Workshop – May 6-7, 2020

Instructor – Steven Ross (Risk Masters International)

This is a two-day seminar, combining lecture with a hands-on, case-study based workshop that introduces individuals responsible for dealing with cyberattacks to the principles and practice of prevention, detection and recovery from hostile actions against computer systems.  It includes both the technical and organizational measures that are required and focuses on the steps that must be taken and the skills that must be obtained in advance of an attack to be prepared should one occur.  The workshop is the core of the course, built around a continuing case study and finishing with a simulated test of cyber-recovery. 

Intended audience: Information Security managers and staff, I.T. management, technical support and operations personnel, Disaster Recovery Planners, Business Continuity Managers, I.S. Auditing managers and staff, Corporate Management, Risk Managers and staff 

Learning objectives: Participants in this seminar will learn: 

•       How the reality of cyberattacks fits into their business models

•       How to organize, build and maintain an effective capability to prevent, detect and re-cover from cyberattacks

•       What tools, skills and techniques are needed to support cyberattack response

•       How to test and validate recovery capabilities

•       What architectural and design alternatives can be applied for cyberattack prevention, detection and recovery

•       How cybersecurity can be governed and managed

•       How to test cyber-recovery 

Level: Moderately Technical, 16 CPEs

Link to Registration Site:



Webinar - The Hero of a Successful Digital Transformation is GRC - 12 March 2020

To successfully manage the risk in digital transformation you need a modern approach to governance, risk and compliance.

Webinar - Meeting The Board’s Security, Audit and Compliance Demands - 3 March 2020

Informative session on the state of corporate audit and compliance and how to establish consistent best practices.

Webinar - WHO’S IN YOUR CLOUD? - Tuesday, 7 April 2020

Managing who has access to your cloud environment is mission-critical for IT security. Compliance is putting pressure on how organizations manage privileged access on these systems, which are storing petabytes of user and customer data.


Cybersecurity as a strategic business partner  

How can businesses benefit from sharing information in cybersecurity? Wendy Kanna, global head of Security Governance and Oversight, Information Security and Risk at Takeda Pharmaceutical Company Limited, discusses her key cyber priorities, the importance of partnering with the business, and the cultural challenges she’s navigating as a cyber leader in Japan.


How to safeguard trust in the digital age

Data analytics, AI, and other tools of the digital age can help marketers improve CX, but they also may raise concerns about data usage and privacy. Brands have an opportunity to build trust by showing they use these technologies wisely—and always in service to the customer.



Incident Response Planning: Too Important to Procrastinate

Cyber-attacks can cause immediate damage, so knowing how to respond is crucial. An incident response plan provides a set of instructions to help staff identify, respond to, and recover from cybersecurity incidents.

Read About Incidence Response


CFOs today are often bogged down by operational activities instead of focusing on strategic, forward-thinking initiatives. Fortunately, the role of the CFO is changing for the better. This partner webinar does not qualify for CPE.

Register for AI and the Future of Financial Management


Live Webinar | More Data, More Problems: Applying the Right Automation to Propel Security Operations - April 7, 2020

In this session, Chris Calvert, one of the foremost designers of global security operations centers, will lead a spirited and informative discussion that will lift the hood on what is hype and what is truly transformative in automation for security operations. Participants will gain insight into the following questions:

  • Are the predictions for automation as the savior for SecOps realistic?
  • If not all automation is created equal, what approach will get us there?
  • When can humans take a back seat to automation and should they?

Live Webinar: Securing Healthcare with Limited Time and Resources - March 31, 2020

Join Gigamon and register for this webinar to learn ways to save time and resources while improving your security posture by:

  • Optimizing tool and team efficiency by filtering out irrelevant traffic
  • Using AI to accelerate cybersecurity threat detection and response
  • Providing full network traffic visibility while maintaining PII confidentiality

Live Webinar: How to Address Fraud Through the Use of Risk Analytics - March 12, 2020

Register for this webinar where we will discuss:

  • The current landscape of digital attacks and threats that leave banks vulnerable
  • Best practice approaches to protecting against account takeover fraud with proven technologies such as machine learning-based risk analytics
  • Why real-time, cross-channel data analysis can save your customers from becoming the next victim


Live Webinar: Taking Your Third Party Security Program to the Next Level - March 11, 2020

Register for this webinar where attendees will learn how to:

  • Implement compensating internal controls when the suppliers don't have or won't reveal their own;
  • Collaborate with suppliers to ensure success in the remediation process;
  • Create KPIs to help manage, improve the process and demonstrate achievements.

Register for Taking Your Third Party Security Program to the Next Level