SEARCH ADVANCED

Forums

Information Security Forums bring together experienced IT and information security practitioners for confidential information sharing on the industry's most important issues, technologies, and trends. The two-day event includes keynote addresses, peer-to-peer technical and strategic roundtable discussions led by IANS' Faculty, and was inspired by the Harvard Business School teaching method.

Why Attend

  • Gain tangible, real world insights on best practices and lessons learned directly from your peers
  • Stay current with emerging technologies and early-stage deployments
  • Connect with the industry's leading minds
  • Network and connect with other influential senior IT managers and business leaders
  • Earn 16 Continuing Education Credits

    Who attends Forums
    Information Security Forum attendees come from practitioner organizations that include Fortune 1000, Government agencies, and Academic institutions. Forums are for mid to senior level information security vice presidents, directors, managers, analysts, architects, and engineers.

    In 2008, 32% of attendees were CISSP certified and had an average of 11 or more years of industry experience.

    Major industries represented included Financial Services, Insurance, Government, Telecommunications, Healthcare,
    Higher Education, and Technology Services.

    2010
    New England Information Security Forum
      September 28-29, 2010 The Copley Marriot Boston, MA Info Register
    Midwest Information Security Forum
      November 8-9, 2010 Millennium Knickerbocker Hotel Chicago, IL Info Register
    Pacific Information Security Forum
      December 6-7, 2010 Parc 55 Hotel San Francisco San Francisco, CA Info Register


  • Forum Pricing

    Standard Conference Price
    IANS Information Security Forum - US $1350

    Forum Discounts and Promotions

    On-going discounts

    IANS Enterprise Research Clients: If your company is an IANS Enterprise Research client, you may have pre-paid Forum Seats available.

    Do you have pre-paid Forum Seat waiting for you?
    Contact Mary Dussault at mdussault@iansresearch.com to find out if your company is an IANS Enterprise Research Client.

    Bring a Team: When you register three colleagues from the same company at the same time with payment, the fourth colleague may attend for free.

    Present at IANS: IANS Presenters receive a 50% discount for giving a 10 minute case-study style briefing outlining the approach and solution that they or their information security team developed when addressing a relevant issue or theme. More information.

    Association Discounts: Discounts are also available for nonprofit, government, and educational institutions. All ISC² members receive a $350 discount to attend our Information Security Forum. Please contact Mary Dussault at mdussault@iansresearch.com for more information.

    Payment Methods
    Credit Card
    IANS, through RegOnline, accepts all major credit cards.

    Purchase Orders (PO)
    IANS accepts payment through purchase orders. To use this payment method, please contact Mary Dussault at mdussault@iansresearch.com or (617) 399-8100.

    Cancellations
    By completing registration, you are reserving your place at the Forum. Registered attendees will select specific Forum discussion sessions onsite. Please note that space is limited and assigned on a first come, first serve basis.

    All registrations must be approved by IANS. Forum delegate positions are restricted to security practitioners. Cancellations must be submitted in writing and received by two weeks prior to a forum to qualify for a refund. Refunds will only be given for one-half of the original registration fee. Any cancellations submitted within fourteen days of the Forum will not be subject to refunds.

    Terms and Conditions
    This conference is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the conference to any entity or individual. IANS’ receipt of a registration application and payment does not constitute acceptance until some form of acknowledgment or acceptance is sent; applications and payments that are not accepted will be returned within 30 days of receipt.


    Executive Roundtables

    Executive Roundtables are intimate gatherings known for their innovative moderated discussion format. During Executive Roundtables join a community of your peers in an effort to address current issues, brainstorm on new ideas, drive effective solutions, and strengthen your professional network.

    Why Attend

  • Focused discussion topic highlighting information security "pain points" and relevant technology
  • Gain tangible, real-world insights
  • Networking with other IT managers and business leaders

    Executive Roundtables are held regionally, limited to 15-20 participants, hosted either during breakfast or in the afternoon, and are underwritten by sponsors.

    2010
    Identifying High-Risk Applications-Prioritizing the Risk Each Carries to Your Enterprise
      September 16, 2010 New York, NY The Penn Club As new and exciting applications make their way behind the firewall and into the enterprise, security teams are being asked to accept new types of vulnerabilities in order to accommodate additional functionality.
    This requires a process for quantifying risk according to the application’s importance followed by a decision on what vulnerabilities to prioritize and what to notate but accept.

    During this session we will discuss how businesses are making strategic decisions on which applications present the greatest risk, which risks to accept, how to explain those risks in terms that resonate with business partners, and how to track those risks in an ongoing fashion. We will focus on lessons learned from IANS partners, ideas shared during IANS Forums, and feedback from other practitioners on what’s worked for them.

    Underwritten by Security Innovation">
    more
    Executive Roundtable Program Information Register
    Re-Inventing Network Security: Creating a New Perimeter in a Deperimeterized World
      September 22, 2010 Atlanta, Georgia The Commerce Club As traditional network security tools such as firewalls become increasingly ineffective in blocking today’s threats, the network “perimeter” continues to disappear for enterprise users. Information security
    professionals are continually frustrated by applications and services such as Skype, Twitter, and Facebook, applications designed specifically to slip through firewalls. As internal users have haphazardly introduced new applications in their efforts to conduct business and improve communication, they have increased the burden on security teams and augmented the need for a perimeter re-invention.

    Join us as we dive into the issues facing the current perimeter and discuss the concept of deperimeterization; what does that mean for the firewall?

    Underwritten by Palo Alto Networks">">">
    more
    Executive Roundtable Program Information Register
    Re-Inventing Network Security: Creating a New Perimeter in a Deperimeterized World
      October 13, 2010 St. Louis, Missouri Saint Louis Club As traditional network security tools such as firewalls become increasingly ineffective in blocking today’s threats, the network “perimeter” continues to disappear for enterprise users. Information security
    professionals are continually frustrated by applications and services such as Skype, Twitter, and Facebook, applications designed specifically to slip through firewalls. As internal users have haphazardly introduced new applications in their efforts to conduct business and improve communication, they have increased the burden on security teams and augmented the need for a perimeter re-invention.

    Join us as we dive into the issues facing the current perimeter and discuss the concept of deperimeterization; what does that mean for the firewall?

    Underwritten by Palo Alto Networks">">">">
    more
    Executive Roundtable Program Information Register
    Re-Inventing Network Security: Creating a New Perimeter in a Deperimeterized World
      October 14, 2010 Seattle, Washington Washington Athletic Club As traditional network security tools such as firewalls become increasingly ineffective in blocking today’s threats, the network “perimeter” continues to disappear for enterprise users. Information security
    professionals are continually frustrated by applications and services such as Skype, Twitter, and Facebook, applications designed specifically to slip through firewalls. As internal users have haphazardly introduced new applications in their efforts to conduct business and improve communication, they have increased the burden on security teams and augmented the need for a perimeter re-invention.

    Join us as we dive into the issues facing the current perimeter and discuss the concept of deperimeterization; what does that mean for the firewall?

    Underwritten by Palo Alto Networks">">">">">
    more
    Executive Roundtable Program Information Register
    Leveraging Threat Modeling to Make Informed Secure Software Design, Development & Test Decisions
      October 21, 2010 Los Angeles, CA Jonathan Club As new and exciting applications make their way behind the firewall and into the enterprise, security teams are being asked to accept new types of vulnerabilities in order to accommodate additional functionality.
    This requires a process for quantifying risk according to the application’s importance followed by a decision on what vulnerabilities to prioritize and what to notate but accept. The next step is to create methodologies, frameworks, and metrics to track this information, so that security teams can revisit risk acceptances periodically while monitoring for new vulnerabilities at all times. During this session we will discuss how businesses are making strategic decisions on which applications present the greatest risk – with specific focus on internally developed applications while also discussing productivity and customer-facing applications that are becoming more prevalent in the enterprise. By categorizing and defining those risks, we will help attendees with recommendations on which risks to accept, how to articulate those risks in terms that resonate with business partners, and how to prioritize and track those risks in an ongoing fashion. We will focus on lessons learned from IANS clients, ideas shared during IANS Forums, and feedback from practitioners on what’s worked for them. Underwritten by Security Innovation">">">
    more
    Executive Roundtable Program Information Register
    Leveraging Threat Modeling to Make Informed Secure Software Design, Development & Test Decisions
      November 4, 2010 Boston, MA The Harvard Club of Boston As new and exciting applications make their way behind the firewall and into the enterprise, security teams are being asked to accept new types of vulnerabilities in order to accommodate additional functionality.
    This requires a process for quantifying risk according to the application’s importance followed by a decision on what vulnerabilities to prioritize and what to notate but accept. The next step is to create methodologies, frameworks, and metrics to track this information, so that security teams can revisit risk acceptances periodically while monitoring for new vulnerabilities at all times. During this session we will discuss how businesses are making strategic decisions on which applications present the greatest risk – with specific focus on internally developed applications while also discussing productivity and customer-facing applications that are becoming more prevalent in the enterprise. By categorizing and defining those risks, we will help attendees with recommendations on which risks to accept, how to articulate those risks in terms that resonate with business partners, and how to prioritize and track those risks in an ongoing fashion. We will focus on lessons learned from IANS clients, ideas shared during IANS Forums, and feedback from practitioners on what’s worked for them. Underwritten by Security Innovation">">">
    more
    Executive Roundtable Program Information Register


  • Interactive Phone Conferences

    Interactive Phone Conferences (IPCs) are briefings that provide an in-depth focus on specific information security topics and technologies. IPCs are Faculty moderated, content-rich, compelling discussions.

    Interactive Phone Conferences are complimentary, one-hour sessions.



    2010
    Converting Security & Log Data into Business Intelligence: Art or Science?
      September 16, 2010 at 3 pm EST Organizations, in a quest to gather intelligence on their environment, track and store ever-increasing amounts of event logs and related data. Often, though, they find their use of the data and its
    value to the business is elusive at best, overlooked at worst. This Interactive Phone Conference will focus on which tools make mastering the task of converting SIEM tool outputs and log data into business intelligence that drives a better understanding of the organizations risk profile. Key takeaways from this session will include:
    • What is business intelligence in the context of security?
    • Which SIEMs enable users to stretch logs and events into useable business intelligence?
    • Methods for communicating security intelligence to the business.
    Participants will join a log management, security monitoring, and incident response specialist, Tom Chmielarski, and a representative from underwriting solution provider Q1 Labs in a discussion of how end users can use SIEM tools to drive better understanding of security exposure and secure critical business assets.

    Tom Chmielarski has spent over 10 years working in information security. He presently is a Senior Consultant at GlassHouse Technologies specializing in log management, security monitoring, and incident response. Prior to that, he was a Security Service Development Manager at Motorola where he spent eight years in a variety of roles including cyber investigations, SIEM & log management implementation, global IDS management, the design, implementation, and management of a 24x7 managed security services operation. He has Bachelor’s Degrees from Illinois State University in Applied Computer Sciences.

    Underwritten by Q1 Labs
    more
    Register