Boston CISO Roundtable

Wednesday, October 18, 2017 – 7:30am to 5:00pm at Boston Convention and Exhibition Center

Private Peer Gathering of Chief Information Security Officers

IANS deep bench of information security practitioners are building a day designed for each participant to leave with information that is immediately useful — practical, as well as interesting. The day begins with introductions and ends with a social hour where you can explore the day’s learnings in casual conversations with your peers. The program itself is formatted in four session components structured to build a logical progression of learning:

1. Program Advancement

Participants will group around issues CISOs face today. Working through structured case scenarios, each group will address challenges specific to their organization. During this time, group members have the chance to share ideas, feedback, and advice, later debriefing with the other groups. Experience has shown that this peer exchange, in a private and confidential setting, yields rich insight and serves as a strong foundation for connecting with others in the room.

  • Managing Your MSSP: — You rely on your MSSP — but that doesn’t mean accepting business as usual. You need visibility into the policies, procedures, and people that are safeguarding your organization’s security and business continuity. We’ve planned an interactive session to take a practical look at the issues and challenges of managing this critical third-party relationship.

  • Building Your Security Metrics Story: — You probably came up through the ranks, armed with excellence in execution and the technical metrics to prove it. But, if you’re like most CISOs, your business peers and executive team really aren’t very interested in those operational metrics.

    This session takes a how-to approach to communicating the business value of information security. It’s a practical way to marry security metrics to the objectives and fears that resonate with business leaders. The goal is to gain the necessary traction with senior management to secure the budget and resources your team needs to get the job done. This exercise will review the tools and communications you need to build a compelling story, and back it up in the board room.

  • Managing Key Stakeholder Relationships: — Technical excellence and managerial skill were key ingredients to your advancement. Now, as CISO of a large, complex organization, you are charged with securing information assets in the absence of direct control or authority. In order for your team to do its job, other functional leaders need to accept your recommendations, even when this means changing their own processes.

    You must excel at influencing up and down your chain of command, as well as across functional interests. This interactive session takes a practical approach to extending information security into the fabric of the business. From identifying your natural allies and adversaries to selecting which business leaders to target, the exercise is designed to heighten and apply CISO organizational impact.

2. Interpersonal Effectiveness and Creating Impact

Using key issues and insights identified in the Program Advancement sessions, participants will build critical communication approaches in a highly interactive session led by internationally recognized communications expert David Agran. The exercise, “Interpersonal Effectiveness: Creating Impact Through Communication and Influence,” works with the CALM model (Connect, Align, Learn, Motivate) to establish and leverage trust across key elements in any business relationship.

Scenario-based, interactive exercises tackle issues that matter to you and your peers. Building on the work you did earlier in the day, small groups will apply communication skills to real-world problems. The combination of communication skills training applied to practical questions, in a fun and focused peer environment, fast-tracks both problem solving and relationship building.

3. Vendor Assessment: Next Gen AV/Endpoint Protection

Lunch is followed by a spirited exercise aimed at increasing the effectiveness of vendor evaluations. Using a structured but straight-forward template, IANS faculty Aaron Turner will peel back the layers of complexity when evaluating Next Gen AV/Endpoint Protection solutions. Vendors in this category will be rated based on industry input and IANS client work.

Four vendors will present their solutions with a short briefing. They leave the room for a facilitated discussion of perceived value, drawbacks, reactions, and suggestions. Participants leave with a practical approach to vendor evaluation and a clear idea of how to get the best from the sales process.

4. Emerging Issue: A New Approach to Managing Threats

The formal portion of the day concludes with an in-depth look at how current methods of threat management are falling short and the movement toward a new “ threat operations" approach with improved use of analytics, more effective use of people, and judicious application of trustworthy automation. This session will be led by IANS Faculty member Mike Rothman. This portion of the day will be a combination of presentation and facilitated discussion.

Networking Reception

After spending the day learning and sharing ideas with your peers, it’s time to relax. It’s been fun, but now it’s unstructured and accompanied by food and drink. Take the time to enjoy new connections and renew old acquaintances before heading back to your field of action.

As an IANS client and past participant in our CISO Roundtable, you know how quickly these days fill up. If you are new to IANS’ CISO Roundtables, you will discover a high-energy group of peers who freely share ideas and challenges in a venue that is private, confidential, and by invitation-only. Peer exchange and community combined with first-rate industry expertise and practicality are field marks of the offering.


Tim Bernard

Tim Bernard

Area Vice President

Aaron Turner

Aaron Turner

IANS Faculty

David Agran

David Agran

IANS Faculty

Mike Rothman

IANS Faculty