IANS brings you together with your peers and experts from the IANS Faculty. IANS Faculty are industry practitioners that provide the breadth and depth of information to help you tackle your toughest problems. Walk away with new connections and practical solutions.
Two-day events with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.
One-day roundtables designed exclusively for CISOs and senior level InfoSec executives to learn and share insights in a confidential setting.
Half-day, deep-dive explorations of technical and operational information security topics, free of vendor presence.
Hour-long interactive discussions examining hot topics in information security.
Web Conference
Business teams are racing to use M365 Copilot, putting pressure on security teams to identify potential risks and put guardrails in place to address those risks.
Shannon is the Founder and CEO of ThirdScore. This followed her role as VP, Security at Adobe, where she led Product and Software Security. Shannon is also the Founder of DevSecOps, a non-profit organization committed to uniting security with DevOps and Agile practices via experimentation and education. Shannon is an award-winning security innovator and leader experienced in developing emerging security programs for Fortune 500 companies including Intuit, ServiceNow, Sony, Sempra, Savvis, Cable & Wireless, 99 Cents Only, Exodus, and Bank of America.
Webinar
Do you want to be a CISO? Do you want to be a better CISO? Join IANS Faculty Shamla Naidoo and Wolf Goerlich to explore the fundamental shifts and industry evolution of cybersecurity. We will discuss how complacency in recognizing these impending changes can present a risk for security leaders. Shamla and Wolf will share how to leverage leadership skills and behaviors to make a significant impact within your organization.
Shamla is a CXO Advisor at Netskope and a former Managing Partner and Global CISO at IBM. She is a public company Board Director at QBE and WisdomTree. Her experience spans 40+ years in a variety of sectors and 6 continents, making her an expert in cross-cultural collaboration and working across industries. She is recognized as a leader that enables priorities of the business using technology innovation and cybersecurity. Her background includes authoring and teaching several courses at the University of Illinois Chicago School of Law in technology, security, and privacy law. Shamla coaches professionals on leadership, board communication and how to align security with strategic business initiatives.
J. Wolfgang Goerlich is a CISO in the public sector. Prior to this role, he led IT and IT security in the healthcare, financial services, and tech verticals. Wolfgang has held senior positions at several consulting firms, leading security advisory and assessment practices. He is a strong presence in the security community, contributing to the establishment and organization of multiple groups and events. Wolfgang focuses on strategy, governance, identity and access management, and resilience.
Hyatt Regency Minneapolis
This one-day event is designed for security practitioners to gain actionable technical solutions and leadership insights focused on current and emerging challenges. Engage with IANS Faculty members and network with peers who are tackling similar challenges.
Stakeholder participation and collaboration is key to a successful vendor selection process, but how can you ensure both technical and non-technical teams fully understand the task at hand, and can participate and contribute effectively?
Adrian is the Principal Researcher at The Defenders Initiative, a firm he founded to feature and support decades of cybersecurity research. His foundation spans technical, GRC, and leadership roles with a background as a practitioner, incident responder, penetration tester, and PCI QSA.
As an industry analyst, studying market trends, working with founders and investors brought a deep understanding of the business side of cybersecurity. After Adrian’s own startup was acquired, he spent seven years helping startups grow, market, and sell to their clients. Leaving the startup space, Adrian is once again focused on helping practitioners solve fundamental challenges, with or without the help of industry vendors.
Dave is the founder and principal consultant with Voodoo Security, an information security consulting firm with broad expertise. He is also a senior instructor, analyst and course author for the SANS Institute and a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. In addition, Dave has served as co-chair of the Cloud Security Alliance (CSA) Top Threats Working Group and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of organizations in the areas of security, regulatory compliance, network architecture and engineering. He has also worked as a security architect, analyst and manager for several Fortune 500 companies.
Convene
CISO Roundtables are the most exclusive, intimate events offered by IANS. Our in-person roundtables are curated experiences with agendas designed specifically for an organization’s CISOs and senior-most executives. In addition to strategic insights presented by IANS Faculty, facilitated conversations and networking opportunities allow you and your CISO peers to share best practices in a trusted, closed-door environment.
Third-party risk management efforts often hit a wall once orgs get past questionnaires. As third-party supply chains get more complex, it’s time to push through this wall and take actionable steps to manage and mitigate risks created throughout the supply chain.
George is currently Head of Trust at MongoDB and was formerly Sumo Logic's Chief Security Officer & SVP of IT. George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, IT teams in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including, cloud secure architecture design, compliance and operational security including a TedX talk.
George has been on the bleeding edge of public cloud security, privacy and modernizing IT systems since being a co-founder of the VMware Center for Policy & Compliance. He is a Faculty Member for IANS - Institute of Applied Network Security and sits on several industry advisory boards. Mr. Gerchow is also a known philanthropist and CEO of a nonprofit corporation, XFoundation.
This year’s RSAC Conference was all abuzz about “agentic AI”—the latest form of AI where agents autonomously and independently perform tasks and decisions, potentially offloading (maybe replacing) humans. But what risks does agentic AI pose and how can security teams both enable and safeguard the business as it deploys hundreds or thousands of autonomous agents? In this webinar, IANS Faculty Ashish Rajan helps cut through the noise and shares practical insights and recommendations on the next evolution of AI to help you build your roadmap and securely accelerate its use.
Ashish has over 13 years of experience in the cybersecurity industry, with the last seven focused primarily on helping enterprises manage security risk at scale in a cloud-first world. Most recently, he was the CISO of a global cloud-first tech company. Ashish is also a keynote speaker and host of the wildly popular Cloud Security Podcast, a SANS trainer for cloud security and an outspoken opinion leader on all things cloud security and DevSecOps. He is a frequent contributor on topics related to public cloud transformation, cloud security, DevSecOps, security leadership, future tech and the associated security challenges for practitioners and CISOs.
As privileged accounts continue to be a prime target for credential theft and ransomware attacks, privilege access management (PAM) tools and strategies are becoming more critical. This symposium offers an in-depth exploration of three key privilege use cases, delivering recommended architectural patterns, effective controls and solutions to common design challenges.
Gunnar is the CISO at Forter, a trust platform for digital commerce. Previously, he was chief security architect at Bank of America, a visiting scientist at the Software Engineering Institute at Carnegie Mellon, and a contributing analyst at Securosis.
CISO Roundtables are the most exclusive, intimate events offered by IANS. Our virtual roundtables are curated experiences with agendas designed specifically for an organization’s CISOs and senior-most executives. In addition to strategic insights presented by IANS Faculty, facilitated conversations and networking opportunities allow you and your CISO peers to share best practices in a trusted, closed-door environment.
Security architecture teams often face burnout from juggling too much engineering work or being pulled into non-architectural tasks. Misalignment with enterprise architects and challenges in demonstrating value to the organization further compound the problem. This symposium provides actionable insights on elevating your architecture program to improve maturity and focus and enable high-quality results.
As infosec budget growth continues to slow in healthcare, security leaders face a growing challenge in justifying the resources being devoted to their teams. In this symposium, IANS Faculty Steve Martano will do a deep dive into our CISO and infosec staff compensation and budget data to provide a comprehensive look at healthcare industry spend patterns
Steve is a partner in Artico Search’s cybersecurity practice. He is an expert in security executive recruiting and compensation focused on recruiting best-in-class CISOs and their teams across various industries. He leads strategic partnerships and initiatives including Artico’s annual CISO compensation & budget survey conducted in collaboration with IANS. Prior to Artico, Steve served in Caldwell Partner's cybersecurity practice and at Russell Reynolds associates.
Washington Marriott at Metro Center
Metrics continue to be a pain point in infosec—both in terms of getting a clear understanding of how the program is functioning and communicating that narrative across lines of business. At the center of this problem is the reality there is no one-size-fits-all solution. The best metrics are specific to your business context. In light of that, this session leans on fundamental best practices to help you pressure test your concepts.
Ryan is the Founder and CEO of Neuvik, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.
Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.
According to Verizon’s 2024 Data Breach Investigations Report, ransomware remains the top threat across 92% of industries, with roughly one-third of all breaches involving ransomware or some other extortion technique. In this symposium, we’ll use digital forensics and incident response reports from real-world incidents to walk through the tactics, techniques and procedures of top ransomware gangs and share lessons learned to help you avoid the same fate.
Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances or his postings about cybersecurity.
The Westin Charlotte
Hyatt Regency Santa Clara
Atlanta Marriott Buckhead
Omni Boston Hotel at the Seaport
The Westin Dallas Stonebriar