IANS brings you together with your peers and experts from the IANS Faculty. IANS Faculty are industry practitioners that provide the breadth and depth of information to help you tackle your toughest problems. Walk away with new connections and practical solutions.
Two-day events with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.
One-day roundtables designed exclusively for CISOs and senior level InfoSec executives to learn and share insights in a confidential setting.
Half-day, deep-dive explorations of technical and operational information security topics, free of vendor presence.
Hour-long interactive discussions examining hot topics in information security.
Web Conference
State and local government agencies face a unique set of transparency obligations which are often more stringent, diverse and operationally fragmented than those at the federal level. As agencies consider deploying agentic AI—systems that autonomously produce actions and outputs—they must consider that these outputs may be considered public records, and explanations on how the outputs were generated may be called into question. In this virtual symposium, geared specifically for those working at state and local agencies, IANS Faculty Jake Williams provides a practical framework for assessing transparency risks and preparing for agentic AI adoption in state and municipal environments.
Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances or his postings about cybersecurity.
Hotel Seville NoMad
IANS CISO Roundtables are an exclusive opportunity to connect with peer security executives. The curated agenda is designed to foster conversations between participants, letting them share best practices in an environment free from press or vendors. It’s a closed-door opportunity to tackle the problems that matter most to you and your teams.
Renaissance Dallas Richardson Hotel
This one-day event is designed for security practitioners to gain actionable technical solutions and leadership insights focused on current and emerging challenges. Engage with IANS Faculty members and network with peers who are tackling similar challenges.
Webinar
As security roles continue to evolve, technical depth alone is no longer enough. High‑performing security professionals increasingly need working knowledge across multiple domains—from SOC and engineering to GRC, communications, and cloud. In this session, IANS Faculty Lynda Grindstaff and Ismael Valenzuela will explore why cross‑domain capability is becoming essential for both team effectiveness and individual career resilience. They will discuss how skills assessments can help practitioners understand their strengths, identify development priorities, and take ownership of their professional growth. Attendees will gain practical insights on expanding capability beyond specialization and using structured self‑awareness to guide more intentional career development.
Lynda Grindstaff has 30 years’ experience as a technology and cybersecurity engineering executive, public board director and strategic advisor for growth companies. Most recently, Lynda was a VP of engineering at McAfee, where she led the global malware operations teams. In addition to protecting customers, she provided incident response and drove efficiencies across the company. Prior to McAfee, Lynda spent 22 years at Intel in various technical and senior leadership roles. She is known for being a passionate and inspirational leader who excels in driving innovation and efficient cybersecurity solutions.
Ismael Valenzuela is the Vice President of Threat Research and Intelligence at Arctic Wolf, where he leads advanced research focused on tracking adversaries, uncovering emerging threats, and helping organizations build proactive, defensible security strategies. Prior to his current role, Ismael was responsible for leading offensive and defensive security roles for Foundstone, Intel, McAfee and BlackBerry Cylance, among others, and founded one of the first IT security consultancies in Spain. Ismael has also served as an advisor to large government and private sector organizations, including the EU, U.S. government agencies and critical infrastructure operators in New York. Ismael is also one of the few holding the highly regarded GIAC Security Expert (GSE) certification in the world. In 2025, Ismael is serving as a co-chair of a new advisory panel under the international Counter Ransomware Initiative (CRI), focused on enhancing public-private collaboration to combat ransomware through intelligence sharing, joint disruption efforts, and policy innovation. His work bridges technical depth and strategic vision, helping shape resilient cyber defense strategies across industries and governments worldwide.
As privacy regulations continue to grow in scope and complexity, many privacy programs are challenged with moving from policy to execution. In this Webinar, IANS Faculty member Rebecca Herold walks through the latest enhancements to the IANS Privacy Operational Framework, highlighting how recent updates reflect evolving privacy laws and practitioner needs. Attendees will be provided with an overview of the redesigned Privacy Operations platform experience. The session will focus on what is new and improved, and learn how the updated framework supports building, managing, and maturing privacy programs across core operational domains.
Rebecca is Founder, Owner, and CEO of Rebecca Herold, LLC aka The Privacy Professor®, an information security, privacy, IT, and compliance services firm. She also co-founded Privacy Security Brainiacs, a SaaS platform, early 2020 with her oldest son, Noah. Rebecca also serves as a Distinguished Ponemon Institute Fellow and as an Advisory Board Member for multiple technology businesses and startups. Additionally, Rebecca serves as an expert witness for diverse cases, is an advisor on multiple high school and college/university curriculum and program boards, and hosts a VoiceAmerica radio show called “Data Security & Privacy with the Privacy Professor.”
Hotel Colee, Atlanta Buckhead
Hyatt Regency Minneapolis
Hosted by IANS Faculty Jodi Daniels, this Regulatory and Enforcement Roundup will provide a focused, time-sensitive update on the most critical privacy-related regulation and enforcement developments from the past 60 days.
Jodi Daniels is a Founder and CEO of Red Clover Advisors, a privacy consultancy, that integrates data privacy strategy and compliance into a flexible, scalable approach that simplifies complex privacy challenges. A Certified Information Privacy Professional, Jodi brings over 27 years of experience in privacy, marketing, strategy, and finance across diverse sectors, working and supporting startups to Fortune 500 companies.
Jodi Daniels is a national keynote speaker, host of the top ranked She Said Privacy/He Said Security Podcast and WSJ best-selling author of Data Reimagined: Building Trust One Byte at a Time, and also has been featured in The Economist, WSJ, Forbes, Inc. and more. Jodi holds an MBA and a BBA from Emory University’s Goizueta Business School.
About 90% of Microsoft 365 environments now have access to Copilot, and actual daily usage hovers around 30%. With this continued uptick in access and usage, security teams face data oversharing risks that now affect 15% of business-critical files. In this symposium, IANS Faculty Shannon Lietz walks through documented failure patterns, outlines ways to implement risk-based adoption strategies, and provides recommendations to help teams develop security controls that balance productivity gains against data exposure risks.
Shannon is the Founder and CEO of ThirdScore. This followed her role as VP, Security at Adobe, where she led Product and Software Security. Shannon is also the Founder of DevSecOps, a non-profit organization committed to uniting security with DevOps and Agile practices via experimentation and education. Shannon is an award-winning security innovator and leader experienced in developing emerging security programs for Fortune 500 companies including Intuit, ServiceNow, Sony, Sempra, Savvis, Cable & Wireless, 99 Cents Only, Exodus, and Bank of America.
The Westin Long Beach
The biggest challenges in vulnerability management seem to contradict one another. Even the most aggressive patching SLAs will never be quick enough to prevent exploits against zero days.
Adrian is the Principal Researcher at The Defenders Initiative, a firm he founded to feature and support decades of cybersecurity research. His foundation spans technical, GRC, and leadership roles with a background as a practitioner, incident responder, penetration tester, and PCI QSA.
As an industry analyst, studying market trends, working with founders and investors brought a deep understanding of the business side of cybersecurity. After Adrian’s own startup was acquired, he spent seven years helping startups grow, market, and sell to their clients. Leaving the startup space, Adrian is once again focused on helping practitioners solve fundamental challenges, with or without the help of industry vendors.
W Philadelphia
Omni Chicago Hotel
Security teams often produce large volumes of metrics, charts and dashboards that reflect operational activity but fail to convey actual risk. In this symposium, we walk through how to shift from activity‑based reporting to risk‑driven measurement that better represents reality and supports informed decision making. By better understanding your audience in context with your role and operational structure, we provide the tools and approach to help you design KPIs and KRIs that can be translated to overall metrics that are actionable, risk informative and measurable over time.
Ryan is the Founder and CEO of Neuvik, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.
Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.
Specific agentic AI threat models have been developed to address the unique risks and challenges that exist due to the autonomy, continuous learning and interaction of agentic AI systems. In this virtual symposium, delve into how to threat model agentic AI applications, the differences between industry-leading threat models/frameworks and how to apply them to your environment.
Metro Toronto Convention Centre
Grand Bohemian Charlotte
The growing reliance on a complex network of vendors, platforms, AI systems and supply chains is forcing teams to reassess third-party risk management (TPRM) programs. Realizing your org is only as secure as your least secure partner - or partners’ partners - leaves teams struggling to address the root risks effectively. In this symposium, we discuss how broader risks, such as those in AI and OT environments, complicate traditional approaches and why outdated methods, including questionnaires, fail to provide the necessary insight. We then share practical, actionable strategies to build and scale your TPRM program to more fully understand risk, and accept or mitigate it, while still enabling the business.
Security leaders and teams are playing a large role in governing the use of AI within their enterprises. However, many orgs are still challenged with how to operationalize the governance approaches they know are necessary. In this session, IANS Faculty Summer Fowler provides practical, actionable recommendations to help ensure your AI governance strategies provide proper oversight, risk review and mitigation to enable the business to pursue responsible AI adoption.
Summer Craze Fowler is a three-time Chief Information Security Officer with more than two decades of experience leading cybersecurity, IT, privacy and risk programs across complex organizations. She has launched AI governance in organizations that both build and use AI, and she has a passion for measurements and metrics. She currently leads the cyber practice at Exponent, an engineering firm that provides deep technical expertise for high stakes problems.
Hyatt Regency Frisco - Dallas
The Mayflower Hotel
The Omni King Edward
Hewing Hotel
Sheraton Palo Alto