IANS brings you together with your peers and experts from the IANS Faculty. IANS Faculty are industry practitioners that provide the breadth and depth of information to help you tackle your toughest problems. Walk away with new connections and practical solutions.
Two-day events with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.
One-day roundtables designed exclusively for CISOs and senior level InfoSec executives to learn and share insights in a confidential setting.
Half-day, deep-dive explorations of technical and operational information security topics, free of vendor presence.
Hour-long interactive discussions examining hot topics in information security.
Web Conference
Strategic financial services security leaders strive to be business enablers and move their programs beyond just meeting mandatory regulatory and compliance requirements and reacting to vulnerabilities and threats. To do this, they must incorporate the context of the business within their security strategy. Pulling from examples and lessons learned from successful collaborations across cyber, fraud, product and operational teams, this symposium delves into ways to design your architectures and capabilities to better secure your enterprise, products and customers.
Manufacturing and consumer goods companies are squarely in cyber attackers’ crosshairs, and the financial impact of just one incident is typically significant. With ransomware attacks comprising of more than two-thirds of incidents, appropriately preparing through tabletop exercises and other measures will prove invaluable.
Bill is a Shareholder at LBMC Information Security, where he is responsible for security assessments, incident response, digital forensics, electronic discovery and overall litigation support. He also serves as an expert witness in federal courts and numerous state courts and has conducted digital forensic investigations and electronic discovery services to support litigation efforts. He is also an active member of the International Society for Forensic Computer Examiners and Board Member in East Tennessee’s InfraGard Chapter.
The Whitley Atlanta Buckhead
CISO Roundtables are the most exclusive, intimate events offered by IANS. Our in-person roundtables are curated experiences with agendas designed specifically for an organization’s CISOs and senior-most executives. In addition to strategic insights presented by IANS Faculty, facilitated conversations and networking opportunities allow you and your CISO peers to share best practices in a trusted, closed-door environment.
Many organizations began their zero trust journey focusing on identity, devices and networks. Increasingly, there is broad industry recognition that zero trust initiatives, due to their holistic nature, need to more explicitly include an emphasis on workloads and data.
Jason Garbis is Founder and Principal at Numberline Security LLC, a consulting firm helping enterprises prepare for, define, and execute on effective Zero Trust security strategies. Jason has authored two books on Zero Trust security, is co-chair of the Zero Trust Working Group at the Cloud Security Alliance, and is a frequent contributor to and speaker at industry conferences. Professionally, he has served in both hands-on and executive leadership roles in product management, engineering, marketing, and consulting at security and technology companies.
Webinar
Copilot for Microsoft 365 is coming fast and furious for IANS clients. Integration with the M365 suite of applications poses exciting capability to help with tasks like summarizing lengthy emails, reviewing contract language, creating presentations, etc. It also poses security risk – integration with the Microsoft stack poses inherent risk in Copilot exposing sensitive info (i.e. access to the CEO’s calendar, sensitive HR data, patient records, etc.).
Sounil is a member of the IANS Faculty, and has over 30 years of hands-on experience creating, breaking and fixing computer and network systems. He is the creator of the Cyber Defense Matrix and the DIE Triad, guest lectures at Carnegie Mellon, and is a senior fellow at the National Security Institute, and advises many security startups. He’s the former Chief Security Scientist at Bank of America, a recipient of the SANS Institute Lifetime Achievement Award, and a frequent speaker at major information security conferences.
Renaissance Dallas Richardson Hotel
This one-day event is designed for security practitioners to gain actionable technical solutions and leadership insights focused on current and emerging challenges. Engage with IANS Faculty members and network with peers who are tackling similar challenges.
The healthcare industry is well established as a sector where infosec teams have to do more with less. The threat landscape is vast and orgs often have core priorities – like saving lives – that divert resources directly away from cyber spending. With infosec budget growth slowing in the industry, this webinar is designed to help you contextualize your program’s resourcing relative to your peers and justify your spend.
Steve is a partner in Artico Search’s cybersecurity practice. He is an expert in security executive recruiting and compensation focused on recruiting best-in-class CISOs and their teams across various industries. He leads strategic partnerships and initiatives including Artico’s annual CISO compensation & budget survey conducted in collaboration with IANS. Prior to Artico, Steve served in Caldwell Partner's cybersecurity practice and at Russell Reynolds associates.
In today’s climate of economic uncertainty, security leaders face mounting challenges, including budget pressures and spending freezes. This webinar explores strategies for maintaining effectiveness and resilience in resource-constrained environments. The discussion focuses on two critical areas: optimizing your vendor stack to manage costs and maximize value, and fostering employee engagement and development during uncertain times. Join us for a practical and interactive session designed to help security leaders adapt, thrive and lead with confidence.
Gary is the Chief Information Security Officer at AIG where he leads the global cybersecurity risk management program while working closely the Executive Leadership Team to drive information security strategy for the company. Additionally, Gary provides start-up advising as a member of the Forgepoint Capital Cybersecurity Advisory Council, and serves on two non-profit Boards. Prior to AIG, Gary served as a Senior Vice President at USAA and was their first Chief Security Officer where he was responsible for building out a holistic security program spanning Information Security, Fraud Operations, Privacy, Business Continuation, Physical Security, and Corporate Investigations. Gary spent a short time with Deloitte in their federal practice after a 25-year career as an Air Force officer where he served in a variety of leadership and staff positions within the information technology career field including: telecommunications, satellite communications, deployed network operations, and cybersecurity. Most notably, Gary was on the front line of cyberspace operations for the Department of Defense where he supported the establishment and evolution of the Joint Task Force Global Network Operations, the organization that was the focal point for the operation and security of DoD information systems and networks, and pre-cursor to establishment of the US Cyber Command.
The University of Massachusetts Club
Sheraton Centre Toronto Hotel
TBD
Metrics continue to be a pain point in infosec—both in terms of getting a clear understanding of how the program is functioning and communicating that narrative across lines of business. At the center of this problem is the reality there is no one-size-fits-all solution. The best metrics are specific to your business context. In light of that, this session leans on fundamental best practices to help you pressure test your concepts.
Ryan is the Founder and CEO of Neuvik, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.
Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.
CISO Roundtables are the most exclusive, intimate events offered by IANS. Our virtual roundtables are curated experiences with agendas designed specifically for an organization’s CISOs and senior-most executives. In addition to strategic insights presented by IANS Faculty, facilitated conversations and networking opportunities allow you and your CISO peers to share best practices in a trusted, closed-door environment.
The complexities of IAM are often referred to as "intractable problems" for a reason -- burdensome and broken processes can overwhelm teams. Traditionally, IAM programs rely on manual processes that are cumbersome, time-consuming and difficult to manage and scale. In this symposium, we explore how to transform key areas of your IAM program to streamline operations and boost team efficiency.
Aaron is a three-decade veteran of the cybersecurity community, having worked on projects covering every aspect of the industry, from helping build security technologies while at Microsoft to his work on offensive cyber projects for the U.S. government. He has spent the last 15 years on a series of cybersecurity startups, building technologies and developing companies to help teams solve some of the toughest cybersecurity problems.
Business teams are racing to use M365 Copilot, putting pressure on security teams to identify potential risks and put guardrails in place to address those risks.
Shannon is the Founder and CEO of ThirdScore. This followed her role as VP, Security at Adobe, where she led Product and Software Security. Shannon is also the Founder of DevSecOps, a non-profit organization committed to uniting security with DevOps and Agile practices via experimentation and education. Shannon is an award-winning security innovator and leader experienced in developing emerging security programs for Fortune 500 companies including Intuit, ServiceNow, Sony, Sempra, Savvis, Cable & Wireless, 99 Cents Only, Exodus, and Bank of America.
Hyatt Regency Minneapolis
Convene
Third-party risk management efforts often hit a wall once orgs get past questionnaires. As third-party supply chains get more complex, it’s time to push through this wall and take actionable steps to manage and mitigate risks created throughout the supply chain.
George is currently Head of Trust at MongoDB and was formerly Sumo Logic's Chief Security Officer & SVP of IT. George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, IT teams in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including, cloud secure architecture design, compliance and operational security including a TedX talk.
George has been on the bleeding edge of public cloud security, privacy and modernizing IT systems since being a co-founder of the VMware Center for Policy & Compliance. He is a Faculty Member for IANS - Institute of Applied Network Security and sits on several industry advisory boards. Mr. Gerchow is also a known philanthropist and CEO of a nonprofit corporation, XFoundation.
As privileged accounts continue to be a prime target for credential theft and ransomware attacks, privilege access management (PAM) tools and strategies are becoming more critical. This symposium offers an in-depth exploration of three key privilege use cases, delivering recommended architectural patterns, effective controls and solutions to common design challenges.
Gunnar is the CISO at Forter, a trust platform for digital commerce. Previously, he was chief security architect at Bank of America, a visiting scientist at the Software Engineering Institute at Carnegie Mellon, and a contributing analyst at Securosis.
Security architecture teams often face burnout from juggling too much engineering work or being pulled into non-architectural tasks. Misalignment with enterprise architects and challenges in demonstrating value to the organization further compound the problem. This symposium provides actionable insights on elevating your architecture program to improve maturity and focus and enable high-quality results.
J. Wolfgang Goerlich is a CISO in the public sector. Prior to this role, he led IT and IT security in the healthcare, financial services, and tech verticals. Wolfgang has held senior positions at several consulting firms, leading security advisory and assessment practices. He is a strong presence in the security community, contributing to the establishment and organization of multiple groups and events. Wolfgang focuses on strategy, governance, identity and access management, and resilience.
As infosec budget growth continues to slow in healthcare, security leaders face a growing challenge in justifying the resources being devoted to their teams. In this symposium, IANS Faculty Steve Martano will do a deep dive into our CISO and infosec staff compensation and budget data to provide a comprehensive look at healthcare industry spend patterns
Washington Marriott at Metro Center
According to Verizon’s 2024 Data Breach Investigations Report, ransomware remains the top threat across 92% of industries, with roughly one-third of all breaches involving ransomware or some other extortion technique. In this symposium, we’ll use digital forensics and incident response reports from real-world incidents to walk through the tactics, techniques and procedures of top ransomware gangs and share lessons learned to help you avoid the same fate.
Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances or his postings about cybersecurity.
The Westin Charlotte
Hyatt Regency Santa Clara
Atlanta Marriott Buckhead
Omni Boston Hotel at the Seaport
The Westin Dallas Stonebriar