Symposiums

Symposiums are intimate, end-user only gatherings known for their innovative moderated discussion format. During a Symposium, you will join a community of senior information security executives for a day of in-depth discussions and insight sharing. Symposiums topics are driven by IANS Enterprise clients. Symposium participation is by invitation only.

Upcoming Symposiums

Mar
16
Identity & Access Management Symposium

InterContinental Buckhead Atlanta
3315 Peachtree Rd NE
Atlanta, Georgia 30326

The IANS Identity & Access Management Symposium will cover:

Authentication: Getting “Real” about Multi-Factor
Authentication hasn’t changed much technologically over the last two decades. But recent events are challenging existing solutions from a technical and economic standpoint. While executive-level interest in authentication strategies remains high due the RSA breach, we will explore what authentication strategies are working and what aren’t, where organizations have succeeded in making changes, and what the challenges have been in those deployments.

Identity and the Cloud
Cloud and virtualization present difficulty to existing identity strategies – both for provisioning new users and managing existing ones. Strategies that worked in the legacy environment don’t always cleanly transition once these new technologies are adopted. This session will explore how cloud models have changed the identity space, what strategies have worked for organizations that have gone through this change, and the lessons learned for those who are just starting down this road.

Privileged User Management
Managing administrative accounts and privileged users has always been a battle. As environments get more complex, the issue continues to compound and get less manageable. This session will focus on manual and automated strategies that organizations have used to address the challenges in this arena.

The Economics of Identity
Whether organizations realize it or not, identity is a huge expense. The soft costs associated with these tasks are often invisible since they may be spread throughout the organization. This session will focus on sharing experiences, challenges, and strategies for how to realistically understand and measure current spending levels, and how to control these costs.

Registration is limited to Enterprise clients

Past Symposiums

November 1, 2011

Nov
1
Data Leakage: How Can You Stop It Leaking if You Don't Know What It Is?

The McGraw-Hill Conference Center
1221 Avenue of the Americas, 2nd floor
New York, NY 10020

Everyone's concerned about data leakage, but it's a hard problem to start tackling. Depending on how your organization is structured, data may be held in a wide variety of places by an unknown number of sub-groups with varying degrees of autonomy. The default in many organizations appears to be: A big share on a Microsoft platform with RWD set for all the files.

Where do we go from there?

In IANS’ DLP Symposium we will be discussing the pros and cons of various approaches to DLP (at the edge, in the core, in the cloud, in the server) and sharing experiences about what works. We'll also talk through strategies for beginning a DLP roll-out. What tools work, what policies make a difference, and how to identify and sort through data assets. Our emphasis will be on planning and implementing effective controls.

Summaries are only available for download by Enterprise clients.

September 23, 2011

Sep
23
SIEM Effectiveness

Turner Broadcasting Systems, Inc.
At the Atlanta SIEM Symposium, IANS Faculty member Dave Shackleford will lead attendees in discussions that cover a wide range of relevant topics that delve into the most pressing event management issues today. These include, but aren’t limited to, the following:

Effective Data Correlation
Implementation Tips & Tricks
Proven Data Breach Detection & Mitigation Methods

Summaries are only available for download by Enterprise clients.

August 9, 2010

Aug
9
Malware: Prevention and Investigation

The Coca-Cola Company
Malware is a consistent issue for security professionals seeking to maintain a proactive stance in securing their organization's systems and information. With each breed of malware emerging more advanced than the defenses it eludes, an understanding of what comprises the new breed of threats in 2010 and beyond is critical.

Summaries are only available for download by Enterprise clients.

March 25, 2010

Mar
25
What You Should Know Before Going Into the Cloud

Sears Tower
It is not uncommon for a sales manager to decide, "We are going to use SalesForce.com." Throughout the enterprise, business people are pushing for the cloud and information security should not resist this wave, but alternatively, embrace it with caution and education.

Summaries are only available for download by Enterprise clients.

December 4, 2009

Dec
4
Combating the Advanced Persistent Threat (APT)

Information Assurance Technology Advisory Center
For organizations with critical intellectual property, advanced persistent threats (APTs) are among the most significant threats faced today. Once just a concern of the defense/industrial complex, APTs are now a major concern for private enterprise as well. These are complex, customized threats from very sophisticated and well-financed adversaries.

Summaries are only available for download by Enterprise clients.

October 23, 2009

Oct
23
Software Security: Best Practices in Programs and Approaches

Depository Trust & Clearing Corp
As market demand for application security has grown, tools and services have evolved to meet enterprise requirements. An important shift is occurring in software security development form diagnosing problems after they occur to addressing both architectural design and flaws in the code.

Summaries are only available for download by Enterprise clients.

October 9, 2009

Oct
9
Business Partners: Are “In the Cloud” Service Providers Trustworthy?

Akamai Technologies
Outsourcing should be viewed as a strategic business decision that can add sustainable business value. However, businesses continue to wrestle with the issues of trusting their outsourced service providers with sensitive data and customer information.

Summaries are only available for download by Enterprise clients.

June 4, 2009

Jun
4
Security Challenges Unique to CPG Companies

Virtual Symposium
Consumer Packaged Goods (CPG) companies face many similar information security issues. These include the challenges of creating visibility and a business case for security; ensuring the security of third parties; securing sensitive data; and security manufacturing systems in plants. By sharing their challenges and solutions, information security professionals in CPG can identify approaches that can work in their company.

Summaries are only available for download by Enterprise clients.

May 28, 2009

May
28
Containing the Information Oil Spill

Reed Elsevier
Preventing the leakage of sensitive data remains an area of concern and a priority for information security professionals. A data leak is like an oil spill; it can be hard to clean up and can have disastrous consequences. The challenge is preventing the spill in the first place. This symposium had two sections. The first part focused on the problems associated with data leakage. The second part focused on solutions.

Summaries are only available for download by Enterprise clients.

May 6, 2009

May
6
Digging Into PCI

CVS Caremark
PCI remains a major priority for organizations that are subject to it. Most of the confusion and mystery associated with PCI has dissipated. There isn't a clear ROI for PCI; it is something that organizations simply must do. Now organizations face the hard, ongoing work of complying. This has become more difficult in the current economy as organizations have to "do more with less." As a result, organizations are focusing on using better processes, on automating, and on virtualizing aspects of PCI compliance (on isolated, segregated networks).

Summaries are only available for download by Enterprise clients.

January 22, 2009

Jan
22
Log Management and SIEM to Meet PCI Compliance

Nortel
Organizations are in different stages of implementing PCI. Regardless of stage, it is important to understand the basics of PCI. This includes knowing what level of merchant an organization is, what type of self assessment is required, what must be encrypted, and what can and can't be stored. It is also important to minimize the portion of the network (the scope) that must comply with PCI.

Summaries are only available for download by Enterprise clients.

November 17, 2008

Nov
17
Malware and Targeted Spear Phishing: Practical Attack Defenses

Lockheed Martin
Malware and spear phishing attacks against commercial enterprises, government agencies, and universities have become highly sophisticated and coordinated by international crime organizations and nation-states with high-level expertise and tremendous financial resources.

Summaries are only available for download by Enterprise clients.

September 25, 2008

Sep
25
Identifying Insider Threats Against Intellectual Property

Motorola
Identifying insider threats against intellectual property theft.

Summaries are only available for download by Enterprise clients.

June 30, 2008

Jun
30
Securing A Virtualized Computing Environment

Oracle
Assessing the impact of virtualization on security environments and identifying leading practices in this area.

Summaries are only available for download by Enterprise clients.

Some of our Enterprise Clients include:

PREVIOUS
NEXT