IANS brings you together with your peers and experts from the IANS Faculty. IANS Faculty are industry practitioners that provide the breadth and depth of information to help you tackle your toughest problems. Walk away with new connections and practical solutions.
Two-day events with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.
One-day roundtables designed exclusively for CISOs and senior level InfoSec executives to learn and share insights in a confidential setting.
Half-day, deep-dive explorations of technical and operational information security topics, free of vendor presence.
Hour-long interactive discussions examining hot topics in information security.
Webinar
As the Cybersecurity Information Sharing Act (CISA) 2015 faces potential expiration next month, organizations risk a significant reduction in threat intelligence sharing. This session will detail what’s included in the law, the implications of its potential lapse and proactive steps CISOs can take to maintain information flow and collaboration in uncertain times.
Ismael Valenzuela is the Vice President of Threat Research and Intelligence at Arctic Wolf, where he leads advanced research focused on tracking adversaries, uncovering emerging threats, and helping organizations build proactive, defensible security strategies. Prior to his current role, Ismael was responsible for leading offensive and defensive security roles for Foundstone, Intel, McAfee and BlackBerry Cylance, among others, and founded one of the first IT security consultancies in Spain. Ismael has also served as an advisor to large government and private sector organizations, including the EU, U.S. government agencies and critical infrastructure operators in New York. Ismael is also one of the few holding the highly regarded GIAC Security Expert (GSE) certification in the world. In 2025, Ismael is serving as a co-chair of a new advisory panel under the international Counter Ransomware Initiative (CRI), focused on enhancing public-private collaboration to combat ransomware through intelligence sharing, joint disruption efforts, and policy innovation. His work bridges technical depth and strategic vision, helping shape resilient cyber defense strategies across industries and governments worldwide.
Summer is a three-time CISO in the autonomous vehicle industry currently at Torc Robotics, which specializes in AI software for long-haul trucking. She is also a faculty member at Carnegie Mellon University where she teaches a graduate course in cybersecurity policy and multiple courses on cybersecurity metrics and product cybersecurity for executive education programs. In addition, Summer serves on the board of directors for Brentwood Bank, a regional bank in Pittsburgh, PA. She is also an active board member for the Forte Group, an advocacy and education non-profit focused on amplifying women in technology, cybersecurity, and privacy. Summer is often requested to speak at conferences and events, and she has provided expert testimony on cybersecurity risk in the US Congress.
Prior to her role at Torc Robotics, Summer worked at Motional and Argo AI, both AI companies focused on robo-taxi technology. She also led cybersecurity risk and resilience at Carnegie Mellon University's CERT program and Johns Hopkins University's Applied Physics Lab. Summer started her career as a software engineer at Northrop Grumman Corporation after receiving her MS and BS in Computer Science from the University of Pittsburgh.
Cyber Resilience has become THE hot topic at the IANS CISO Roundtables we've hosted this year. As security supply chains become more complex and inter-dependencies grow, modernizing your resilience capabilities is essential. Clients are turning to Tabletops in order to test and measure their effectiveness here, but how do you know if you're doing it right and getting value?
Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances or his postings about cybersecurity.
The Westin Charlotte
This one-day event is designed for security practitioners to gain actionable technical solutions and leadership insights focused on current and emerging challenges. Engage with IANS Faculty members and network with peers who are tackling similar challenges.
In this webinar, IANS Faculty Steve Martano and Senior Research Director Nick Kakolowski will unpack the findings of the IANS and Artico 2025 CISO Compensation and Budget Survey to provide a deep dive on how security budgets are changing and what you can do about.
Steve is a partner in Artico Search’s cybersecurity practice. He is an expert in security executive recruiting and compensation focused on recruiting best-in-class CISOs and their teams across various industries. He leads strategic partnerships and initiatives including Artico’s annual CISO compensation & budget survey conducted in collaboration with IANS. Prior to Artico, Steve served in Caldwell Partner's cybersecurity practice and at Russell Reynolds associates.
Web Conference
Quantum computing may still be in its infancy, but cryptography is designed to protect against future threats, not just current ones. ‘Store now, decrypt later’ strategies add to the urgency to act. In other words, the time to begin the post-quantum cryptography (PQC) migration is right now. Still, there is a lot of hype in the post-quantum cryptography space and there are always opportunists looking to profit off the hype and fear as it grows. In this symposium, IANS Faculty Adrian Sanabria takes an unbiased look at the current state of PQC with actionable recommendations to help you move your PQC strategy forward.
Adrian is the Principal Researcher at The Defenders Initiative, a firm he founded to feature and support decades of cybersecurity research. His foundation spans technical, GRC, and leadership roles with a background as a practitioner, incident responder, penetration tester, and PCI QSA.
As an industry analyst, studying market trends, working with founders and investors brought a deep understanding of the business side of cybersecurity. After Adrian’s own startup was acquired, he spent seven years helping startups grow, market, and sell to their clients. Leaving the startup space, Adrian is once again focused on helping practitioners solve fundamental challenges, with or without the help of industry vendors.
New York Marriott Marquis
The buzz around Agentic AI – the latest form of AI systems designed to autonomously make decisions and act – is rampant. As security leaders grapple to understand the nuances of this next wave of AI excitement, there are many considerations to take into account to determine if, where and how to experiment and accelerate its use within your environment. In this symposium, IANS Faculty Jake Williams cuts through the noise and shares practical insights and recommendations to aid your understanding of the technology, its risks and guardrails for adoption within your enterprise.
CISO Roundtables are the most exclusive, intimate events offered by IANS. Our virtual roundtables are curated experiences with agendas designed specifically for an organization’s CISOs and senior-most executives. In addition to strategic insights presented by IANS Faculty, facilitated conversations and networking opportunities allow you and your CISO peers to share best practices in a trusted, closed-door environment.
Making the shift from hands-on execution to shaping Infosec strategy requires a change in focus and mindset. Join Gary McAlum, Former CISO at AIG, and Summer Fowler, CISO at Torc Robotics, for this 60-minute discussion on taking your cyber leadership to the next level. Gary and Summer will share how they have helped leaders make the leap from being a technically driven professional to a business partner and how the IANS Leadership Development Program can help leaders develop the tools and mindset to thrive at the executive table. We will explore the critical skills of Business Acumen and Executive Presence to position yourself as a trusted business risk executive and prepare for future responsibilities.
Gary recently retired from AIG as their Chief Information Security Officer where he led the global cybersecurity risk management program while working closely the Executive Leadership Team to drive information security strategy for the company. In addition to his IANS Faculty work, Gary currently provides CISO advisory support to HiddenLayer, a cybersecurity company that specializes in security for artificial intelligence and machine learning systems. Prior to AIG, Gary served as Senior Vice President at USAA and was their first Chief Security Officer where he was responsible for building out a holistic security program spanning Information Security, Fraud Operations, Privacy, Business Continuation, Physical Security, and Corporate Investigations. Gary spent a short time with Deloitte in their federal practice after a 25-year career as an Air Force officer where he served in a variety of leadership and staff positions within the information technology career field including: telecommunications, satellite communications, deployed network operations, and cybersecurity. Most notably, Gary was on the front line of cyberspace operations for the Department of Defense where he supported the establishment and evolution of the Joint Task Force Global Network Operations, the organization that was the focal point for the operation and security of DoD information systems and networks, and pre-cursor to establishment of the US Cyber Command.
The exponential growth of AI agents and MCP connectors will pose increasing challenges for cybersecurity teams as their dynamic nature can undermine past investments in security controls. Join IANS Faculty Aaron Turner for a look into how innovative cybersecurity teams are working with their AI counterparts to embrace the potential of AI while still managing risks through compensating controls.
Aaron is a three-decade veteran of the cybersecurity community, having worked on projects covering every aspect of the industry, from helping build security technologies while at Microsoft to his work on offensive cyber projects for the U.S. government. He has spent the last 15 years on a series of cybersecurity startups, building technologies and developing companies to help teams solve some of the toughest cybersecurity problems.
Hyatt Regency Santa Clara
CISO Roundtables are the most exclusive, intimate events offered by IANS. Our in-person roundtables are curated experiences with agendas designed specifically for an organization’s CISOs and senior-most executives. In addition to strategic insights presented by IANS Faculty, facilitated conversations and networking opportunities allow you and your CISO peers to share best practices in a trusted, closed-door environment.
Hyatt Regency Minneapolis
Metrics continue to be a pain point in infosec—both in terms of getting a clear understanding of how the program is functioning and communicating that narrative across lines of business. At the center of this problem is the reality there is no one-size-fits-all solution. The best metrics are specific to your business context. In light of that, this session leans on fundamental best practices to help you pressure test your concepts.
Ryan is the Founder and CEO of Neuvik, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.
Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.
In the past ten years, many organizations have found themselves with deployments in a number of leading cloud service provider (CSP) environments. In the early years of multicloud, most security teams struggled to determine the right controls and practices to effectively protect their organizations. While this is sometimes still the case today, we’ve learned a lot about what works and what doesn’t in multicloud security architecture, policy and operations.
Dave is the founder and principal consultant with Voodoo Security, an information security consulting firm with broad expertise. He is also a senior instructor, analyst and course author for the SANS Institute and a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. In addition, Dave has served as co-chair of the Cloud Security Alliance (CSA) Top Threats Working Group and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of organizations in the areas of security, regulatory compliance, network architecture and engineering. He has also worked as a security architect, analyst and manager for several Fortune 500 companies.
Wyndham Atlanta Buckhead Hotel & Conference Center
Omni Boston Hotel at the Seaport
As infosec teams grapple with tightened resourcing, balancing the skillsets of your employees, maximizing existing staff and positioning leaders to empower their teams is becoming even more critical as scope expansion outpaces resource allocation. Pulling insights from the IANS and Artico 2025 CISO Compensation and Budget and Infosec Staff Compensation and Career Surveys, IANS Faculty Steve Martano and Senior Research Director will offer guidance on how to organize and optimize your infosec team, position security as an indispensable business partner.
Convene
Marriott Marquis Times Square
The University of Massachusetts Club
Security architecture teams often face burnout from juggling too much engineering work or being pulled into non-architectural tasks. Misalignment with enterprise architects and challenges in demonstrating value to the organization further compound the problem. During this highly interactive event, IANS Faculty Wolfgang Goerlich will share his experience and expertise and facilitate peer-to-peer discussions that provide you actionable insights to elevate your architecture program to improve maturity, demonstrate value, and drive high-quality results
J. Wolfgang Goerlich is a CISO in the public sector. Prior to this role, he led IT and IT security in the healthcare, financial services, and tech verticals. Wolfgang has held senior positions at several consulting firms, leading security advisory and assessment practices. He is a strong presence in the security community, contributing to the establishment and organization of multiple groups and events. Wolfgang focuses on strategy, governance, identity and access management, and resilience.
The Westin Dallas Stonebriar
Raddison Blu Aqua Hotel