Toronto Information Security
Team Symposium

Thursday, October 12, 2017 – 10:00AM to 3:00PM — Sheraton Centre Toronto

IANS Team Symposiums bring together information security leaders and practitioners for a dual-track educational seminar that addresses current challenges.

The day will begin at 10:00 a.m. with attendees choosing to participate in one of the two sessions below.

Architecting and Maturing Your Cloud

Business leaders usually drive the push to the cloud, but security leaders need to help plan the migration path and mature existing cloud environments over time. Cloud disruptors, from Netflix to Uber, are everywhere. We have seen the benefits of anything-as-a-service – and we’ve also seen costs explode unexpectedly when there is no clear plan or when security requirements are not considered. As the pace of cloud adoption increases and more critical workloads move to the cloud, these environments are growing into a major attack surface.

Symposium leader George Gerchow, a long-time veteran of the information security community, will facilitate the session and drill into the various challenges and solutions. Through a blend of thought leadership, interactive discussion and a group exercise, participants will gain clear guidance and walk away with real-world solutions to implement immediately.

Points for discussion include:

  • Determining which workloads to move to the cloud
  • Planning a successful transition
  • Protecting against DDoS
  • Managing threat intelligence
  • Creating strategies for encryption and key management
  • Implementing best practices for MFA, SSO and monitoring
George Gerchow

Speaker

George Gerchow

IANS Faculty

Sumo Logic's Vice President of Security and Compliance


Threat Modeling: Start Small, Start Now

hreat modeling directly reduces application cost and risk by methodically seeking and weeding out security flaws at the design phase. Yet, many – maybe most – organizations skip this common-sense step. In this interactive session, KRvW Associates Founder Ken Van Wyk will share his approach to evolving a process that consistently delivers meaningful results.

Points for discussion include:

  • Threat modeling purpose and process
  • Whiteboard as a weapon exercise: Discuss, detect and dissect the threat modeling of an application
  • A conceptual overview of the major tools and methodologies, and best use cases for each
Ken Wan Wyk

Speaker

Ken Van Wyk

IANS Faculty

Principal Consultant and Founder, KRvW Associates, LLC.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.