Plan. Create Playbooks. Respond.

We're expecting 500+ CISO, Manager and Analyst attendees in this concentrated yet focused community event. Join us!


About IR19

IR19 is a conference for cybersecurity professionals to learn and develop playbooks to improve Incident Response processes.

  • 18+ hours of practical training on today’s best practices in incident response topics
  • 36 breakout sessions designed for all levels of experience
  • Learn practical operations tips and best practices from industry leaders
  • Leave the conference with a developed incident response plan

Community-Driven conference for all levels of cybersecurity professionals!


Information Security Executives

Information Security Executives will have a great opportunity to share best practices in cybersecurity with their peers. IR19 will provide a collaborative space to discuss and learn how to bridge the gap between technology and business to ensure high potential in security teams.



Managers will learn techniques and develop playbooks to manage security teams in an efficient and cost-effective manner. Customized playbooks will improve security team's preparedness to cyber-incidents and attacks.

Security Analysts


Analysts will improve their knowledge about different systems logs, security alerts, and proper response to incidents to ensure their organization’s safety. Analysts will gather knowledge to implement incident response playbooks within their organizations.

IR19 Agenda



Aaron Sherman

Sr. Director of Cyber Threat Intelligence at Braintrace


Alissa Torres

DFIR Consultant & Trainer at SimSpace


Gregory Spicer

Chief Revenue Officer at Braintrace


Wyatt Roersma

Senior Cyber Defense Operator at SimSpace


Brad Isbell

Senior Range Engineer at SimSpace


Mel Shakir

VP, Product Development at Securonix


Bruce Diamond

Sr. Cybersecurity Instructor at SimSpace


Bryan Geraldo

VP - Services Consulting at Fidelis Cybersecurity


Craig Harber

Chief Technology Officer at Fidelis Cybersecurity


David Swift

Principal Architect – Security Analytics at Securonix


Ethan Packard

Systems Engineer at CyberSponse


Joseph H. Schafer

IT & Cyber Strategy Professor at National Defense University


Diane Burt

Director Governance, Risk & Compliance at Braintrace


James Phillips

Network Threat Hunter at MI613 Inc


Sam Elkholy

Director of Systems Engineer at CyberSponse

Key Note Speakers


Mike Rogers | Former Chair of the House Intelligence Committee

Michael J. Rogers is a former U.S. Representative for Michigan's 8th congressional district. Rogers served from 2001 to 2015. From 2011 to 2015, he was Chairman of the Permanent Select Committee on Intelligence. Rogers has a contract to speak on national-security topics on CNN. In June 2016, he presented a six-part series on CNN, titled Declassified: Untold Stories of American Spies.


Andy Bonillo | CISO at Ciena

Prior to his private sector career, Andy served as a Special Agent with the United States Secret Service where he led the largest cybercrime investigation in US history and was awarded the Distinguished Service Award from the U.S. Attorney General. He holds a Bachelors degree in Criminal Justice from Saint Anselm College, taught the first cybersecurity class at Harvard and MIT, has appeared on NBC's the Today Show, and is globally recognized as an expert in cybercrime and incident response. His entrepreneur endeavors include being the Co-Founder of Task Force 7 Technologies, Inc., a company focusing on building the world’s premier Professional Cyber Security Social Network, as well as a co-host of Task Force 7 Radio, LLC., “The Voice of Cyber Security”, a weekly radio show on Cyber Security Topics on the Voice America Business Channel.



Hugh Clapp | Senior Director, Defensive Cyber Operations, Symantec

Hugh Clapp is currently the Senior Director, Defensive Cyber Operations (DCO) at Symantec. This role serves as the global lead for detection engineering, threat hunting, incident response, cyber threat intelligence, as well as the head of the Security Operations Centers located in Sydney and the Washington DC area. Prior to joining Symantec, Hugh has provided executive leadership over multiple disciplines across cybersecurity operations & intelligence at both Capital One, and the Department of Energy. He served 20 years as a Navy Cryptologic Officer, retiring from his last position as the Deputy Director, DCO for Fleet Cyber Command. Hugh has a BS in Intelligence, a MS in Systems Engineering, and is a former cyber federal executive fellow at Carnegie Mellon University.


Joseph Loomis | Founder and CTO, CyberSponse

Joseph Loomis is the Founder & CTO of Security Operations Technology, CyberSponse, Inc. Joe is a proven serial security entrepreneur with successful startup exits and has provided security based technology for companies like Apple, Microsoft, Novartis, Sony, LG, Pfizer and many others. Mr. Loomis is well versed in Cyber Security methodologies, incident response and leverages his relationships to help define visionary and innovative product offerings for the information security sector. Joe is often seen speaking on national news networks to include CNBC, FOX, CNN and a few others. Joe works closely with multiple government agencies in his cooperative efforts combating Cybercrime and Cybersecurity. Joe is driven by a deep passion for helping others in need, mentoring other entrepreneurs and helping the next founder build their business.


Mel Shakir | VP of Product Development, Securonix

Mel Shakir joins Securonix as Vice President of Product Development with responsibility for engineering, quality assurance and support spanning the Securonix research and development teams. Mel brings a deep expertise in architecting and developing log management and security monitoring solutions. He has held senior development and product management roles, including CTO of SIEM vendors RippleTech and NitroSecurity (acquired by McAfee) as well as senior product management roles at RSA NetWitness.


Philippe Courtot | CEO, Qualys

Demonstrating a unique mix of technical vision, marketing and business acumen, Philippe Courtot has repeatedly built innovative companies into industry leaders. As CEO of Qualys, Philippe has worked with thousands of companies to improve their IT security and compliance postures. Philippe received the SC Magazine Editor’s Award in 2004 for bringing on demand technology to the network security industry and for co-founding the CSO Interchange to provide a forum for sharing information in the security industry. He was also named the 2011 CEO of the Year by SC Magazine Awards Europe.


Matt Chevraux | Assistant Special Agent in Charge at USSS

R. Matthew Chevraux is the Assistant Special Agent in Charge of the Cyber Strategy and Outreach Section within the Office of Investigations. His work in this assignment is to enhance the public/private partnerships within the Service’s network of Electronic Crimes Task Forces, further information sharing initiatives, and regularly represent the USSS’ cyber interests at both governmental working groups and private industry events. He has been an agent with the United States Secret Service for over 20 years; previous assignments include in the Los Angeles Field Office, the Presidential Protective Division, the Criminal Investigative Division at Secret Service Headquarters, and at the Department of Homeland Security’s National Cybersecurity and Communication Integration Center (NCCIC), the Federal Government’s 24/7 cyber and communication situational awareness, incident response and management center. During ASAIC Chevraux’s career with the Secret Service, he has investigated counterfeit, financial, and cyber crimes, been a computer forensics examiner, cyber exercise facilitator, and his presidential protective assignment was with both President George W. Bush and President Barack Obama. ASAIC Chevraux holds a bachelor’s degree in business administrative studies from the University of California, Riverside.


Chris Roberts | Chief Security Strategist at Attivo Networks

Roberts works with customers globally to develop and implement risk reduction strategies across new and legacy technologies. He manages an advanced consulting services program which will provide compliance/assurance reviews to assess whether cybersecurity policies and standards are being met and to provide cybersecurity strategy and operations guidance for C-level executives. He is also a key driver of strategy and vision around the Attivo Networks deception portfolio in areas where he has deep expertise including adversary and vulnerability research and market education.


Boyden Rohner | Director of Cybersecurity Operations at DHS

Boyden is the Director of Cybersecurity Operations for the Information Security Office at the Department of Homeland Security (DHS). In this role, Boyden oversees the DHS Enterprise Cybersecurity Operations Center which prevents, detects, and responds to cyber threats targeting DHS. Previously, Boyden worked at the National Security Council Staff in direct support of the President of the United States and the National and Homeland Security Advisors. Prior, Boyden managed the production of the daily intelligence and operations brief for three Homeland Security Secretaries. Before joining DHS, Boyden served on three destroyers as a Surface Warfare Officer in the United States Navy and deployed to the Middle East in support of Operations Enduring and Iraqi Freedom. Boyden holds a Bachelor of Science from the United States Naval Academy, a certificate in Executive Leadership from the Kennedy School of Government at Harvard University, and Masters of Public Administration from American University.


James Phillips | Network Threat Hunter at MI613 Inc

James’ background includes the Department of National Defense, former Manager of Forensics for both PwC and KPMG, Senior Forensic Analyst at TELUS and full time college professor teaching Forensics and Investigations. Most recently James was the Advanced Threat Protection specialist for Symantec (Blue Coat) providing expert level knowledge into deep packet inspection, malware analysis and SSL Decryption. James is the recipient of a prestigious award from the Toronto Police Service for work he did as an investigator that led to a search warrant and ultimately the dismantling of a major crime ring. James has been recognized as one of the top 30 instructors at University of Toronto out of 700 instructors.

Why Should You Attend?

Build playbooks for your organization by working with the best in the industry

Leave with operational Incident Response plan by using the best tools

Learn how to build efficient and effective processes

Sharpen your skills by cyber wargaming against the best in incident response

Venue Information

The Renaissance Arlington Capital View Hotel, Crystal City is conveniently located less then 2 miles from both the Pentagon and Reagan National Airport. Furthermore, this new 4-star hotel is 5 minutes away from the heart of Washington, D.C.


2800 South Potomac Ave.
Arlington, VA 22202

The Incident Response Conference (IR19) is being held at the Renaissance Arlington Capital View Hotel, Crystal City. IR19 has reserved a block of rooms at the Renaissance Arlington Capital View at a group rate of $179 USD per night (plus tax). Please make sure to reserve your room now as the block will fill quickly. Reservation requests for the IR19 Annual Summit will be accepted through Tuesday, August 13, 2019. The block is available up to this date or until filled. Reservations requests received after August 21 are on vacancy and price availability. Reserve your room here or call 703-413-1300 and reference "Incident Response Consortium"

Renaissance Arlington Capital View

Be a Part of the New Community!

Do not miss this opportunity to be part of history! Join the cybersecurity community and be part of inspiring change in improving incident response process!

Stay Connected on  

Join the Incident Response Consortium Slack Channel to be a part of the conversation.

Register Below


IR19 is a free event. All registrants must use their corporate or government email address to attend.
Any registrants using personal email accounts will be denied entry.

Please select only one ticket option on registration site.

This is an IR Consortium Members Only event.
For more information, click here.

Our Mission

IRC is the first non-profit, industry managed and community-driven organization focused on practical customized incident response plan development, operational capabilities and the skills necessary for effective cybersecurity. All organizational levels from C-Suite to Analysts are encouraged to engage in the community. IR’s mission is to ensure that the best practices in incident response skills, playbooks and management are shared amongst the community to improve cybersecurity across all organizational levels. There are too many tools and point solutions that do not result in better security. Cybersecurity has a people and process problem: IRC is here to provide a platform for the cyber community to solve these difficult challenges together and build plans to make us all more secure.