 |
 |
 |
 Information Security Forums bring together experienced IT and information security practitioners for confidential information sharing on the industry's most important issues, technologies, and trends. The two-day event includes keynote addresses, peer-to-peer technical and strategic roundtable discussions led by IANS' Faculty, and was inspired by the Harvard Business School teaching method.
Why Attend
Gain tangible, real world insights on best practices and lessons learned directly from your peers
Stay current with emerging technologies and early-stage deployments
Connect with the industry's leading minds
Network and connect with other influential senior IT managers and business leaders
Earn 16 Continuing Education Credits
Who attends Forums
Information Security Forum attendees come from practitioner organizations that include Fortune 1000, Government agencies, and Academic institutions. Forums are for mid to senior level information security vice presidents, directors, managers, analysts, architects, and engineers.
In 2008, 32% of attendees were CISSP certified and had an average of 11 or more years of industry experience.
Major industries represented included Financial Services, Insurance, Government, Telecommunications, Healthcare,
Higher Education, and Technology Services.
 |
|
|
|
|
|
|
 |
New England Information Security Forum |
| |
September 28-29, 2010 |
The Copley Marriot |
Boston, MA |
Info |
 |
Register |
|
|
|
|
Midwest Information Security Forum |
| |
November 8-9, 2010 |
Millennium Knickerbocker Hotel |
Chicago, IL |
Info |
|
Register |
|
|
|
|
Pacific Information Security Forum |
| |
December 6-7, 2010 |
Parc 55 Hotel San Francisco |
San Francisco, CA |
Info |
|
Register |
|
|
|
|
|
|
Standard Conference Price
IANS Information Security Forum - US $1350
Forum Discounts and Promotions
On-going discounts
- IANS Enterprise Research Clients: If your company is an IANS Enterprise Research client, you may have pre-paid Forum Seats available.
Do you have pre-paid Forum Seat waiting for you?
Contact Mary Dussault at mdussault@iansresearch.com to find out if your company is an IANS Enterprise Research Client.
- Bring a Team: When you register three colleagues from the same company at the same time with payment, the fourth colleague may attend for free.
- Present at IANS: IANS Presenters receive a 50% discount for giving a 10 minute case-study style briefing outlining the approach and solution that they or their information security team developed when addressing a relevant issue or theme. More information.
- Association Discounts: Discounts are also available for nonprofit, government, and educational institutions. All ISC² members receive a $350 discount to attend our Information Security Forum. Please contact Mary Dussault at mdussault@iansresearch.com for more information.
Payment Methods
Credit Card
IANS, through RegOnline, accepts all major credit cards.
Purchase Orders (PO)
IANS accepts payment through purchase orders. To use this payment method, please contact Mary Dussault at mdussault@iansresearch.com or (617) 399-8100.
Cancellations
By completing registration, you are reserving your place at the Forum. Registered attendees will select specific Forum discussion sessions onsite. Please note that space is limited and assigned on a first come, first serve basis.
All registrations must be approved by IANS. Forum delegate positions are restricted to security practitioners. Cancellations must be submitted in writing and received by two weeks prior to a forum to qualify for a refund. Refunds will only be given for one-half of the original registration fee. Any cancellations submitted within fourteen days of the Forum will not be subject to refunds.
Terms and Conditions
This conference is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the conference to any entity or individual. IANS’ receipt of a registration application and payment does not constitute acceptance until some form of acknowledgment or acceptance is sent; applications and payments that are not accepted will be returned within 30 days of receipt.
|
|
Executive Roundtables are intimate gatherings known for their innovative moderated discussion format. During Executive Roundtables join a community of your peers in an effort to address current issues, brainstorm on new ideas, drive effective solutions, and strengthen your professional network.
Why Attend
Focused discussion topic highlighting information security "pain points" and relevant technology
Gain tangible, real-world insights
Networking with other IT managers and business leaders
Executive Roundtables are held regionally, limited to 15-20 participants, hosted either during breakfast or in the afternoon, and are underwritten by sponsors.
|
|
|
|
|
|
|
|
Identifying High-Risk Applications-Prioritizing the Risk Each Carries to Your Enterprise |
| |
September 16, 2010 |
New York, NY |
The Penn Club |
As new and exciting applications make their way behind the firewall and into the enterprise, security teams are being asked to accept new types of vulnerabilities in order to accommodate additional functionality.
This requires a process for quantifying risk according to the application’s importance followed by a decision on what vulnerabilities to prioritize and what to notate but accept.
During this session we will discuss how businesses are making strategic decisions on which applications present the greatest risk, which risks to accept, how to explain those risks in terms that resonate with business partners, and how to track those risks in an ongoing fashion. We will focus on lessons learned from IANS partners, ideas shared during IANS Forums, and feedback from other practitioners on what’s worked for them.
Underwritten by Security Innovation"> more
|
|
Register |
|
|
|
|
Re-Inventing Network Security: Creating a New Perimeter in a Deperimeterized World |
| |
September 22, 2010 |
Atlanta, Georgia |
The Commerce Club |
As traditional network security tools such as firewalls become increasingly ineffective in blocking today’s threats, the network “perimeter” continues to disappear for enterprise users. Information security
professionals are continually frustrated by applications and services such as Skype, Twitter, and Facebook, applications designed specifically to slip through firewalls. As internal users have haphazardly introduced new applications in their efforts to conduct business and improve communication, they have increased the burden on security teams and augmented the need for a perimeter re-invention. Join us as we dive into the issues facing the current perimeter and discuss the concept of deperimeterization; what does that mean for the firewall? Underwritten by Palo Alto Networks">">"> more
|
|
Register |
|
|
|
|
Re-Inventing Network Security: Creating a New Perimeter in a Deperimeterized World |
| |
October 13, 2010 |
St. Louis, Missouri |
Saint Louis Club |
As traditional network security tools such as firewalls become increasingly ineffective in blocking today’s threats, the network “perimeter” continues to disappear for enterprise users. Information security
professionals are continually frustrated by applications and services such as Skype, Twitter, and Facebook, applications designed specifically to slip through firewalls. As internal users have haphazardly introduced new applications in their efforts to conduct business and improve communication, they have increased the burden on security teams and augmented the need for a perimeter re-invention. Join us as we dive into the issues facing the current perimeter and discuss the concept of deperimeterization; what does that mean for the firewall? Underwritten by Palo Alto Networks">">">"> more
|
|
Register |
|
|
|
|
Re-Inventing Network Security: Creating a New Perimeter in a Deperimeterized World |
| |
October 14, 2010 |
Seattle, Washington |
Washington Athletic Club |
As traditional network security tools such as firewalls become increasingly ineffective in blocking today’s threats, the network “perimeter” continues to disappear for enterprise users. Information security
professionals are continually frustrated by applications and services such as Skype, Twitter, and Facebook, applications designed specifically to slip through firewalls. As internal users have haphazardly introduced new applications in their efforts to conduct business and improve communication, they have increased the burden on security teams and augmented the need for a perimeter re-invention. Join us as we dive into the issues facing the current perimeter and discuss the concept of deperimeterization; what does that mean for the firewall? Underwritten by Palo Alto Networks">">">">"> more
|
|
Register |
|
|
|
|
Leveraging Threat Modeling to Make Informed Secure Software Design, Development & Test Decisions |
| |
October 21, 2010 |
Los Angeles, CA |
Jonathan Club |
As new and exciting applications make their way behind the firewall and into the enterprise, security teams are being asked to accept new types of vulnerabilities in order to accommodate additional functionality.
This requires a process for quantifying risk according to the application’s importance followed by a decision on what vulnerabilities to prioritize and what to notate but accept.
The next step is to create methodologies, frameworks, and metrics to track this information, so that security teams can revisit risk acceptances periodically while
monitoring for new vulnerabilities at all times.
During this session we will discuss how businesses are making strategic decisions on which applications present the greatest risk – with specific focus on internally
developed applications while also discussing productivity and customer-facing applications that are becoming more prevalent in the enterprise. By categorizing and defining those risks, we will help attendees with recommendations on which risks to accept, how to articulate those risks in terms that resonate with business partners, and how to prioritize and track those risks in an ongoing fashion.
We will focus on lessons learned from IANS clients, ideas shared during IANS Forums, and feedback from practitioners on what’s worked for them.
Underwritten by Security Innovation">">"> more
|
|
Register |
|
|
|
|
Leveraging Threat Modeling to Make Informed Secure Software Design, Development & Test Decisions |
| |
November 4, 2010 |
Boston, MA |
The Harvard Club of Boston |
As new and exciting applications make their way behind the firewall and into the enterprise, security teams are being asked to accept new types of vulnerabilities in order to accommodate additional functionality.
This requires a process for quantifying risk according to the application’s importance followed by a decision on what vulnerabilities to prioritize and what to notate but accept.
The next step is to create methodologies, frameworks, and metrics to track this information, so that security teams can revisit risk acceptances periodically while
monitoring for new vulnerabilities at all times.
During this session we will discuss how businesses are making strategic decisions on which applications present the greatest risk – with specific focus on internally
developed applications while also discussing productivity and customer-facing applications that are becoming more prevalent in the enterprise. By categorizing and defining those risks, we will help attendees with recommendations on which risks to accept, how to articulate those risks in terms that resonate with business partners, and how to prioritize and track those risks in an ongoing fashion.
We will focus on lessons learned from IANS clients, ideas shared during IANS Forums, and feedback from practitioners on what’s worked for them.
Underwritten by Security Innovation">">"> more
|
|
Register |
|
|
|
|
|
|
Interactive Phone Conferences (IPCs) are briefings that provide an in-depth focus on specific information security topics and technologies. IPCs are Faculty moderated, content-rich, compelling discussions.
Interactive Phone Conferences are complimentary, one-hour sessions.
|
|
|
|
|
|
Converting Security & Log Data into Business Intelligence: Art or Science? |
| |
September 16, 2010 at 3 pm EST |
Organizations, in a quest to gather intelligence on their environment, track and store ever-increasing amounts of event logs and related data. Often, though, they find their use of the data and its
value to the business is elusive at best, overlooked at worst. This Interactive Phone Conference will focus on which tools make mastering the task of converting SIEM tool outputs and log data into business intelligence that drives a better understanding of the organizations risk profile. Key takeaways from this session will include:
- What is business intelligence in the context of security?
- Which SIEMs enable users to stretch logs and events into useable business intelligence?
- Methods for communicating security intelligence to the business.
Participants will join a log management, security monitoring, and incident response specialist, Tom Chmielarski, and a representative from underwriting solution provider Q1 Labs in a discussion of how end users can use SIEM tools to drive better understanding of security exposure and secure critical business assets.
Tom Chmielarski has spent over 10 years working in information security. He presently is a Senior Consultant at GlassHouse Technologies specializing in log management, security monitoring, and incident response. Prior to that, he was a Security Service Development Manager at Motorola where he spent eight years in a variety of roles including cyber investigations, SIEM & log management implementation, global IDS management, the design, implementation, and management of a 24x7 managed security services operation. He has Bachelor’s Degrees from Illinois State University in Applied Computer Sciences.
Underwritten by Q1 Labsmore
|
Register |
|
|
|
|
|
|
|