Securing the Enterprise from IoT: Managing the Unmanageable

Thursday, March 23, 2017, 10:00am to 3:00pm at Sheraton Centre Toronto

Until the Mirai based attacks in 2016, IoT had been hyped as the enterprise security challenge… of the somewhat distant future. The Mirai attacks and Dyn outage have awoken the enterprise to the very real implications of IoT, and the need to address this now. Security professionals need to understand the scale of the risk in their environments, and determine what and how to mitigate it.

Are you concerned with unmanaged and unmanageable devices connected to your enterprise network? Does your organization lack the visibility into the scale of its IoT risk?

This Symposium is for you.

Symposium leader Aaron Turner, a long time veteran of the information security community, will present solutions to these issues, and facilitate interactive group discussions.

Topics Include:

  • How to conduct asset inventory and device discovery
  • Pros and cons for leveraging network segmentation approaches, which includes traditional segmentation tools and software-defined networking (SDN)
  • How to optimize resources through automation
  • Developing robust monitoring approaches

Objective

Participants will leave with a strategy to develop an IoT action plan that addresses the issues of discovery, management, and reporting of unmanaged devices connected to your network. You’ll also leave with new and renewed peer connections in your area. Our hope is that this Symposium’s value brings IANS to mind when participants face infosec opportunities and challenges in the future.

Audience

This Symposium is designed with CISOs, Security Architects, and SecOps leaders in mind. But, security practitioners and risk managers of all types are welcome.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.



Speaker

Aaron-Turner

Aaron Turner

IANS Faculty

Aaron founded Terreo in 2014 as an Internet of Things security product development company, patented a series of inventions which captured radio frequency transmissions from IoT devices.



Agenda

Thursday, March 23, 2017

The environment is highly interactive and designed to encourage group discussion and peer contribution.

The session begins with introductions of each attendee’s goals for the day. Aaron will then set the stage with the problem statement and a presentation that is practical, thought-provoking and engaging. Aaron will discuss a multi-faceted approach in greater detail, and how you can implement in your own environment:

  • The network centric approach, which includes both traditional and software defined networking (SDN) segmentation, and both inbound and outbound monitoring
  • The device centric approach, which features an insightful review of the few tools currently available for device-security management
  • The human centric approach, which focuses on effective user training to increase awareness, improve standards and process for adding new IoT hosts, and ensure adequate maintenance and policy enforcement