The conference series ICISS (International Conference on Information Systems Security), held annually, provides a forum for disseminating latest research results in information and systems security. ICISS 2017 will be held at Indian Institute of Technology, Bombay between December 16-20, 2017 (Submission due July 24, 2017). The thirteenth conference in this series, will be held under the aegis of the Society for Research in Information Security and Privacy (SRISP). The acceptance ratio of the first twelve conferences has averaged less than 30%. Like previous years, proceedings of the conference will be published as part of the Springer Verlag series of Lecture Notes in Computer Science. Submissions are encouraged from academia, industry and government, addressing theoretical and practical problems in information and systems security and related areas. Topics of interest include but are not limited to: - Access and Usage Control - Application Security - Authentication and Audit - Biometric Security - Cloud Security - Cryptographic Protocols - Cyber-physical Systems Security - Data Security and Privacy - Digital Forensics - Digital Rights Management - Distributed Systems Security - Formal Models in Security - Identity Management - Intrusion Detection and Prevention - Intrusion Tolerance and Recovery - Key Management - Language-based Security - Malware Analysis and Mitigation - Network Security - Operating Systems Security - Privacy and Anonymity - Security and Usability - Sensor and Ad Hoc Network Security - Software Security - Secure Data Streams - Security Testing - Smartphone Security - Usable Security - Web Security - Vulnerability Detection and Mitigation For more information, please see http://www.iciss.org.in