Decision Support

High-performing information security teams build two pillars of mastery: technical excellence and organizational engagement.

IANS Decision Support is an annual subscription service that connects security teams with knowledge resources and leading expert practitioners, providing deep insights and advice on both technical and organizational challenges.

We act as an extension of your team, arming you with skills and information that can be applied to virtually any type of information security challenge.

Decision Support

Our Approach

In today's world of rapidly evolving challenges, it is critical to have access to real-time advice from industry-tested experts. IANS Decision Support delivers practitioner-level insights and step-by-step recommendations, empowering your team to take immediate action.

Our approach is free of hype-driven management consulting axioms and stack-ranking technologies. IANS strives to act as a supplement to your team when and where you need it, connecting you with our Faculty of over 50 of the world’s leading information security experts.

Our Approach

Ask-An-Expert

Through our Ask-An-Expert service, you can access a virtual team of security experts who act as an extension of your team and provide you with the knowledge, skills, and expertise you need to solve challenges as they arise.

You'll have the ability to submit unlimited Ask-An-Expert inquiries on topics and issues critical to your information security needs. Our Client Services team evaluates your request and, based on the question and your situation quickly engages the right expert from the IANS Faculty to provide counsel. Ask-An-Expert answers can be delivered as a written report, or through a one-on-one phone call with the IANS Faculty Member.

Sample Ask An Expert Sessions

TThe CISO for an insurance company with 5,000 employees is looking for materials outlining best practices associated with IT security metrics. Specifically, he is looking for guidance regarding what the industry recommendation is associated with items such as patch management and system compliance:

  • For example, is it reasonable to assume that a good practice from a key risk indicator perspective is that 95% of all systems are compliant or that 100% of systems are 95% compliant with secure configuration?

Read the Expert Response

Detailing Advanced Detection TechniquesDetailing Advanced Detection Techniques

A security analyst at a small financial services firm believes it is increasingly important to have strong detection methods in place due to an acceptance that prevention methods will, at times, fail. The security team wants to expand its detection capabilities on a host beyond traditional monitoring solutions leveraging known bad signatures. The security analyst is considering the value of cataloging all running processes across the network, and would like to know:

  • Would collecting hash values of all running processes from systems in an environment and comparing them to a catalogue of known good processes be an effective method to confidently detect malware?

Read the Expert Response

Tracking Stolen Data on the Dark WebTracking Stolen Data on the Dark Web

The security team for a large health insurer wants to start monitoring the web to alert it if/when the company’s sensitive customer data shows up on unapproved sites or the dark web. The issue came to light shortly after an internal incident response (IR) tabletop exercise highlighted this deficiency in its process. The team would like not only to be alerted when stolen data is found, but also be able to quickly suppress such data, before it is discovered by clients or publicized by the media. Specifically, the team asks:

  • If our company is breached and hackers put our stolen data on the web, how can we locate it and how can we ensure it gets taken down quickly?
  • Do any firms specialize in suppressing breached protected health information (PHI) or personally identifiable information (PII)?

Read the Expert Response

Have a question for our infosec experts?

Request a session

IANS Clients:
Schedule your Ask-An-Expert

Insights

Decision Support clients have access to the online IANS Portal, an always-on content resource that contains thousands of research articles, news updates, Ask-An-Expert responses, and IANS event takeaways. Anonymized questions submitted by clients and answers from the IANS Faculty are published on the Portal daily, giving you a real-time point of view on the challenges and topics that are facing information security teams.

IANS Insights are influenced by our clients’ needs. The Ask-An-Expert questions submitted to our experts give us a clear line of vision into the issues that are most relevant to information security professionals. The Faculty researches and publishes responses to these issues - company-specific information is removed — providing you and your team with the opportunity to have your own specific questions answered as well as access to the questions and answers of other information security professionals.

IANS content is highly actionable, containing step-by-step recommendations as well as pointers to other on-line resources that you can use to take immediate action.

Peer Community

The IANS peer community is made up of thousands of information security professionals, ranging from technical practitioners to senior executive leaders. To provide our community with educational resources and peer-to-peer engagement, we facilitate an ongoing and diverse set of events.

Attendees are eligible to receive 1 CPE credit per hour of the event.

Learn more about IANS events

All Faculty »

Learn More

If you have a question, comment, or would like to learn more about our services, please use this form to let us know what you’re looking for. A member of the IANS team will be in touch soon.