End-User Decision Support is our flagship offering delivered through an annual subscription service designed for CISOs and their teams. IANS connects you with independent experts and practitioners who have ‘been there, seen it, and done it,’ enabling you to accelerate your capabilities and make informed decisions.
We connect you with the right IANS Faculty member who can answer your questions in a one-one-one call or written report. They'll share a point of view on a product or technology, provide recommendations for action, and help you come to a decision.Learn More
How do you speak intelligently with executives and board members who aren't fluent in security lingo? Covering InfoSec topics from key news publications, IANS uses business language to help you brief the C-suite and key internal stakeholders.Learn More
Get started quickly on a variety of common information security initiatives. Our tools, toolkits, templates, checklists, matrices, and maps provide the practical support you need to build your action plan.Learn More
IANS Decision Support clients have access to the Insights Portal, a resource with content organized by topic and product type. The portal includes Ask-An-Expert Writeups, Faculty Reports, Content Aggregator slides, Executive Communications materials, Podcasts, Tools and Templates, Topic Guides and Webinar Replays.Learn More
We work with you to shape engagements and provision them with the right IANS Faculty experts. Your project will never be staffed with junior level consultants. Our expertise is built from hands-on experience. We staff your project with doers who recommend actions, and then help you take them.
Understand what’s working well and what needs attention with comprehensive review of technical controls in place, governance, and process along with a roadmap of recommended action.Learn More
Our events feature IANS Faculty members who offer a breadth of in-the-weeds advice and high-level guidance for the entire security team. Designed for you to engage with like-minded security professionals in a supportive environment, you’ll learn from a variety of industry approaches and use cases.
IANS and Securosis have developed the Cloud Security Maturity Model (CSMM) to help organizations understand what their cloud security journey looks like and consciously determine how mature they want to be for each category. We’ve partnered with Cloud Security Alliance to integrate the CSMM into their cloud security research program as well as their certification and training initiatives.Learn More About the CSMM Diagnostic Download - Cloud Security Maturity Benchmark Report
We help CISOs and their teams make well-informed decisions. Our insights come from IANS Faculty practitioners, who are living your challenges and deliver deep-domain, actionable advice on a wide range of security topics.
Children's Hospital and Clinics of Minnesota
With close to 100 end-user security events annually, we are unmatched in the level of peer-to-peer interaction we offer our clients. We provide a safe environment to network, share experiences and discuss challenges.Learn More
IT governance management professional with strong business acumen, employing a pragmatic and consultative approach. Risk and controls experience rests on a foundation of solid experience within corporate IT. Leveraged collaboration skills to involve all silos of the company, including legal, CFO, customer service, business operations and information technology, to promote management awareness and facilitate remediation efforts. Motivated by the challenge of identifying opportunities to significantly improve and streamline business operations, while working effectively with the business stakeholders responsible for implementing the process improvement or controls
IANS Faculty members are expert information security practitioners. Their insights are based on real-world experiences. They understand the key issues you face and deliver actionable recommendations, research, and step-by-step guidance.Learn More
John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.
Security is all we do, and it always has been. What matters to the CISO and team matters to us. We specialize in providing in-depth knowledge and practical insights you can use both with your team and when interacting with the C-suite.Learn More
Janet Oren leads global cybersecurity initiatives at Legg Mason Global Asset Management. Her career path includes 32 years at the National Security Agency (NSA) where she was responsible for the protection of classified information and other cybersecurity standards. She on large weapon systems; wrote national encryption policy; and was the senior cybersecurity representative in the NSA’s 24-hour watch center. In between NSA and Legg Mason, she was a managing director at PricewaterhouseCoopers.
This group of over 100 hands-on practitioners understands the key issues you face and delivers actionable recommendations, research, and step-by-step guidance on achieving fast and successful results.
Summer is a three-time CISO in the autonomous vehicle industry currently at Torc Robotics, which specializes in AI software for long-haul trucking. She is also a faculty member at Carnegie Mellon University where she teaches a graduate course in cybersecurity
policy and multiple courses on cybersecurity metrics and product cybersecurity for executive education programs. In addition, Summer serves on the board of directors for Brentwood Bank, a regional bank in Pittsburgh, PA. She is
also an active board member for the Forte Group, an advocacy and education non-profit focused on amplifying women in technology, cybersecurity, and privacy. Summer is often requested to speak at conferences and events, and she has
provided expert testimony on cybersecurity risk in the US Congress.
Prior to her role at Torc Robotics, Summer worked at Motional and Argo AI, both AI companies focused on robo-taxi technology. She also led cybersecurity risk and resilience at Carnegie Mellon University's CERT program and Johns Hopkins University's
Applied Physics Lab. Summer started her career as a software engineer at Northrop Grumman Corporation after receiving her MS and BS in Computer Science from the University of Pittsburgh.
Traveling with family, Managing her son’s hockey team (her real full-time job), Running and Peloton workouts
Wolf is an Advisory CISO of Duo Security, the leading provider of unified access security and multi-factor authentication delivered through the cloud. He has held senior management roles in IT and IT security in the financial services and healthcare verticals. In addition, Wolf has held senior leadership roles in consulting firms specializing in identity and access management, governance risk and compliance, and security programs. Wolf advises clients primarily in risk management, incident response, business continuity, and secure development.
Shamla is the Head of Cloud Strategy and Innovation at Netskope and a former Managing Partner and Global CISO at IBM. She is a Board Director at both QBE and Stonebridge Acquisition Capital and a Board Member at ReferencePoint. Shamla’s experience spans 38+ years in a variety of sectors and 6 continents, making her an expert in cross-cultural collaboration and working across industries. She is recognized as a leader in applying security to enable priorities of the business. Her background also includes authoring and teaching several courses for the University of Illinois Chicago School of Law in technology, security, and privacy law. Shamla coaches professionals on leadership, board communication and how to align security with strategic business initiatives.
Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in the technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence, and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances, or his postings about cybersecurity.
As Sumo Logic's CSO and SVP of IT, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, IT teams in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including, cloud secure architecture design, compliance and operational security. George has been on the bleeding edge of public cloud security, privacy and modernizing IT systems since being a co-founder of the VMware Center for Policy & Compliance. He is a Faculty Member for IANS - Institute of Applied Network Security and sits on several industry advisory boards. Mr. Gerchow is also a known philanthropist and CEO of a nonprofit corporation, XFoundation.
George’s first language is Spanish. He is an avid snowboarder, golfer, and yogi who is always looking for the best sandwich and IPA in any city that he visits.