IANS brings you together with your peers and experts from the IANS Faculty. IANS Faculty are industry practitioners that provide the breadth and depth of information to help you tackle your toughest problems. Walk away with new connections and practical solutions.
Two-day events with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.
One-day roundtables designed exclusively for CISOs and senior level InfoSec executives to learn and share insights in a confidential setting.
Half-day, deep-dive explorations of technical and operational information security topics, free of vendor presence.
Hour-long interactive discussions examining hot topics in information security.
Web Conference
Specific agentic AI threat models have been developed to address the unique risks and challenges that exist due to the autonomy, continuous learning and interaction of agentic AI systems. In this virtual symposium, delve into how to threat model agentic AI applications, the differences between industry-leading threat models/frameworks and how to apply them to your environment.
Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances or his postings about cybersecurity.
Webinar
The AWS and Azure cloud outages this past fall, and predictions by some that we will likely see another hyperscaler outage in 2026 at least of the order of magnitude of these last ones, have many organizations considering their cloud resiliency strategy. For most orgs, using more than one cloud environment is common, but given the impact of the recent outages, some may be wondering if doubling-down on their multicloud strategy is the way to ensure continuity.
Rich is CEO and Analyst for Securosis, an information security research and advisory firm, in addition to Founder and Vice President of Product at DisruptOPS, a cloud environment monitoring platform. Prior to founding Securosis, he was Research Vice President for Gartner’s security team where he also served as Research Co-Chair for the Gartner Security Summit. Additionally, Rich has served as an independent consultant, web application developer, software development manager, and a systems and network administrator.
Whether concerned with the increased risks of data exfiltration via AI or the growing infiltration of imposter North Korean remote workers, organizations are looking for ways to enhance protection of insider threat risks. This symposium provides specific, actionable recommendations whether you’re just standing up a program or looking to mature and modernize it. We’ll share strategies to improve your monitoring within Legacy Applications, M365, Azure, AWS and GCP environments, and recommend processes for cross-functional collaboration to identify key applications and data, establish baselines for day-to-day activity, detect anomalies and respond to risks.
Aaron is a three-decade veteran of the cybersecurity community, having worked on projects covering every aspect of the industry, from helping build security technologies while at Microsoft to his work on offensive cyber projects for the U.S. government. He has spent the last 15 years on a series of cybersecurity startups, building technologies and developing companies to help teams solve some of the toughest cybersecurity problems.
For most organizations, using more than one cloud environment is common for a variety of reasons. In the past, many security teams felt like they were stretched thin trying to cover multiple cloud environments, but today we’ve learned a lot about what works and what doesn’t in multicloud security architecture, policy and operations. With huge growth in both commercial and open source security tools and services that can accommodate multiple leading clouds, and better DevOps and cloud engineering practices in place within pipelines and operations teams, there’s lots of design patterns and best practices that enterprise teams can embrace. In light of recent outages with some of the larger providers, resilience and continuity is also top of mind for cloud deployments, as well.
Dave is the founder and principal consultant with Voodoo Security, an information security consulting firm with broad expertise. He is also a senior instructor, analyst and course author for the SANS Institute and a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. In addition, Dave has served as co-chair of the Cloud Security Alliance (CSA) Top Threats Working Group and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of organizations in the areas of security, regulatory compliance, network architecture and engineering. He has also worked as a security architect, analyst and manager for several Fortune 500 companies.
The Model Context Protocol (MCP), an open standard defining how AI assistants connect to external data sources and tools, is becoming vital infrastructure for generative and agentic AI applications. As organizations rapidly adopt these capabilities while managing risks, this symposium helps security leaders understand MCP's architecture, why vendors are quickly developing MCP servers, and the security risks of connecting AI systems to enterprise resources. We also explore how AI Security Posture Management (AI-SPM) tools are evolving to address these challenges and provide practical frameworks for managing MCP-enabled AI deployments.
George is currently chief security officer at Bedrock Data, an organization specializing in AI-driven data protection. Before that, he was head of trust and interim CISO at MongoDB and Sumo Logic's chief security officer & SVP of IT. George possesses more than 20 years of leadership experience in the domains of cybersecurity, compliance and cloud operations. He has actively participated at the forefront of secure architecture, privacy and DevSecOps since co-founding the VMware Center for Policy & Compliance.
A recognized authority in the industry, George is a frequent keynote speaker at significant security forums, including RSA, Black Hat and TEDx. He actively provides advisory services to various cybersecurity startups and enterprise technology companies, assisting in the development of product and go-to-market strategies. Additionally, George serves on several advisory boards and is a co-founder of XFoundation, a nonprofit organization dedicated to raising awareness about fentanyl poisoning.
Most organizations today have a vast array of privileged non-human accounts in use – with some research enumerating that for each human identity, there are an average of 92 NHIs. Provisioning and entitlements of NHIs is complex, as we see excessive permissions and secret mismanagement of these accounts commonplace. Agentic AI and Robot Process Automation (RPA) accounts further complicate the situation by expanding the use cases for NHIs. With many high-profile breaches in the past year stemming from NHI attacks and the use of NHIs continuing to exponentially grow – whether in your cloud environment or from the adoption of AI agents – CISOs and security leaders must review the architectural design, identity lifecycle and governance, and controls necessary to meet the specific requirements of these often poorly managed but highly privileged accounts.
J. Wolfgang Goerlich is a CISO in the public sector. Prior to this role, he led IT and IT security in the healthcare, financial services, and tech verticals. Wolfgang has held senior positions at several consulting firms, leading security advisory and assessment practices. He is a strong presence in the security community, contributing to the establishment and organization of multiple groups and events. Wolfgang focuses on strategy, governance, identity and access management, and resilience.