home_banner
Vince Aimutis, Federated Mutual Insurance

Events

Join The IANS Peer Community

IANS facilitates and connects clients-to-experts and experts-to-experts. Our Faculty of industry experts provides the breadth and depth of information to guide you on your information security journey. Through a regional delivery model, our events gather all members of the security function.

*CPE credits will be awarded for attending the event.

Interested in Forum Sponsorship? Learn More.

Forums

Two-day events with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.

CISO Roundtables

One-day roundtables designed exclusively for CISOs and senior level InfoSec executives to learn and share insights in a confidential setting.

Symposiums

Half-day, deep-dive explorations of technical and operational information security topics, free of vendor presence.

Webinars

Hour-long interactive discussions examining hot topics in information security.

August 14

Hospitals are not adequately prepared for the attacks, the gaps and the responsible parties can sometimes be slow to provide software updates to fix vulnerabilities. In this webinar, IANS Faculty member and medical device security expert Justine Bone will help attendees better understand the risks and what to do about them.

Speakers:
  • Justine Bone

    Justine Bone

    IANS Faculty

    Justine is a technology and cybersecurity executive with a background in vulnerability research. Justine currently serves as the CEO of Florida-based cybersecurity solutions provider MedSec, a company focused on medical device security management and the delivery of security solutions to Healthcare Delivery Organizations and Medical Device Manufacturing companies. Her previous roles include Global Chief Information Security Officer at Dow Jones, a News Corporation company and publisher of the Wall Street Journal, Global Head of Information and Physical Security at Bloomberg L.P., and CEO of security research firm Immunity Inc. Justine is also a member of HP’s Security Advisory Board, an invited member of the BlackHat USA guest review board, organizer of the security research Pwnie Awards, and an advisor to several other technology startups. She began her career as a vulnerability researcher with Internet Security Systems (now IBM) X-Force and New Zealand’s Government Communications Security Bureau.

August 20

Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right.

Speakers:
  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

August 21

Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right.

Speakers:
  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

September 4

Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right.

Speakers:
  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

September 11

IANS Forum content is designed for senior-level information security executives across all industries. Attendees include CISOs, CIOs, VPs and Managing Directors of Information Security, Senior Information Security Architects, and Senior Information Security Engineers.

Speakers:
  • Ken Van Wyk

    Ken Van Wyk

    IANS Faculty

    Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.

  • Teri Radichel

    Teri Radichel

    IANS Faculty

    Teri Radichel was on the original team that helped Capital One, the first major US Bank to use AWS, move production workloads to the cloud. She then architected a SAAS IOT solution for firewalls connecting to the cloud for a security vendor. She also led a cloud team of 30 people and delivered a secure CI/CD pipeline based on her white paper, Balancing Security and Innovation with Event Driven Automation. Now she focuses on training, penetration testing, and cloud security assessments. She also enjoys security research and writing. You can find her articles in publications like Dark Reading, Infosecurity Magazine, and her cloud security blog. Teri has presented on cloud security at conferences like RSA, AWS re:Invent, Countermeasure IT, SANS Networking, SANS Cloud Summit, and BSides. She is an AWS Hero and runs the Seattle AWS Architects and Engineers meetup which has almost 3,000 members. She received the 2017 SANS Differences Makers Award and was on the initial SANS cloud security curriculum advisory board. She now offers training through IANS Summits and other venues. Cybersecurity certifications: GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN

  • Bill Dean

    Bill Dean

    IANS Faculty

    Bill is a Senior Manager in LBMC’s Information Security Services division and is responsible for incident response, digital forensics, electronic discovery and overall litigation support. Bill has more than 20 years of information technology experience with a specialty in information security and digital forensics for the past 10 years. Prior to LBMC, he served as the Director of Security Assessments and Digital Forensics for Sword & Shield Enterprise Security Inc. Bill was also the founder of Forensic Discoveries, before merging with Sword & Shield Enterprise Security and served as a senior security analyst responsible for information security for a large healthcare organization. In these roles, he was responsible for digital forensics to support litigation, incident response services, penetration testing, and overall security defense posture. Bill's roles have included delivering penetration testing and incident response services to companies around the world. Additionally, he consults with organizations of all sizes in security topics related to endpoint protection, vulnerability assessments, network forensics, incident response and overall hardening and monitoring of infrastructures. Lastly, Bill conducts digital forensic investigations and electronic discovery services to support litigation efforts. In these roles, he has been qualified as an expert witness in Federal Courts and Tennessee State Courts. Bill is a frequent speaker and published author on the topics of computer security, digital forensics and electronic discovery for numerous legal and technical associations. Additionally, Bill is a Certified Computer Examiner (CCE), GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN) and GIAC Certified Forensic Analyst (GCFA). He is also an active member of the International Society for Forensic Computer Examiners and InfraGard Board member. Bill holds an A.S. in Computer Science from Walters State Community College and a BS in Information Technology from Information Technology.

September 11

Securing the cloud is fundamentally different, yet there are very few guidebooks or clear methods to ensure adequate protection. Leading-edge organizations are doing amazing things with cloud-native and DevSecOps approaches, but they’ve matured their security operational capabilities the hard way.

Speakers:
  • Mike Rothman

    Mike Rothman

    IANS Faculty

    Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

September 16

2019 Chicago
CISO Roundtable

Chicago Marriott Downtown Magnificent Mile

This 1-day roundtable at the Chicago Information Security Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.

September 16 - 17

2019 Chicago
Information Security Forum

Chicago Marriott Downtown Magnificent Mile

IANS Forum content is designed for senior-level information security executives across all industries. Attendees include CISOs, CIOs, VPs and Managing Directors of Information Security, Senior Information Security Architects, and Senior Information Security Engineers.

Speakers:
  • Kevin Johnson

    Kevin Johnson

    IANS Faculty

    Kevin has over 15 years of experience within security working with and performing services for Fortune 100 companies and draws upon his development and system administration background. Kevin is the CEO and Principal Security Consultant with Secure Ideas. Previously, Kevin was a Senior Instructor at SANS and the author of "Security 542: Web Application Penetration Testing and ethical Hacking." Other current speaking engagements include DEFCON, ShmooCon as well as Infragard, ISSA and the University of Florida. He founded BASE (web front-end for snort analysis) as well as Samurai WTF live DVD (live environment focused on web pen testing). Two additional projects Kevin founded are Yokoso and Laudanum, which are focused on exploit delivery. In his free time, Kevin enjoys spending time with his family and is an avid Star Wars fan and member of the 501st Legion (Star Wars charity group).

  • Ondrej Krehel

    Ondrej Krehel

    IANS Faculty

    Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.

  • Dave Shackleford

    Dave Shackleford

    IANS Faculty

    Dave is Lead Faculty at IANS. He is the Founder and Principal Consultant with Voodoo Security, and has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. Dave is also a SANS analyst, instructor, and course author, as well as a board member with the SANS Technology Institute. He is a VMware vExpert, and has extensive experience designing and configuring secure virtualized infrastructures. He's the author of the Sybex book "Virtualization Security: Protecting Virtualized Environments", leads the Atlanta chapter of the Cloud Security Alliance, and co-chairs the CSA Top Threats to Cloud Working Group. Dave has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and has also worked as a security architect, analyst, and manager for several Fortune 500 companies. Dave has his CISSP and SANS GIAC, and received his Bachelor's degree in Microbiology/Psychology and Computer Information Systems, and also has an MBA from GA Tech, GA State, and Kennesaw State University. When he has time, Dave enjoys running, camping, cooking and playing music (piano, guitar and DJing).

  • Aaron Turner

    Aaron Turner

    IANS Faculty

    Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

September 17

Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right.

Speakers:
  • Dave Kennedy

    Dave Kennedy

    IANS Faculty

    Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

September 25

2019 Charlotte
CISO Roundtable

Charlotte Convention Center

This 1-day roundtable at the Charlotte Information Security Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.

September 25 - 26

IANS Forum content is designed for senior-level information security executives across all industries. Attendees include CISOs, CIOs, VPs and Managing Directors of Information Security, Senior Information Security Architects, and Senior Information Security Engineers.

Speakers:
  • Bill Dean

    Bill Dean

    IANS Faculty

    Bill is a Senior Manager in LBMC’s Information Security Services division and is responsible for incident response, digital forensics, electronic discovery and overall litigation support. Bill has more than 20 years of information technology experience with a specialty in information security and digital forensics for the past 10 years. Prior to LBMC, he served as the Director of Security Assessments and Digital Forensics for Sword & Shield Enterprise Security Inc. Bill was also the founder of Forensic Discoveries, before merging with Sword & Shield Enterprise Security and served as a senior security analyst responsible for information security for a large healthcare organization. In these roles, he was responsible for digital forensics to support litigation, incident response services, penetration testing, and overall security defense posture. Bill's roles have included delivering penetration testing and incident response services to companies around the world. Additionally, he consults with organizations of all sizes in security topics related to endpoint protection, vulnerability assessments, network forensics, incident response and overall hardening and monitoring of infrastructures. Lastly, Bill conducts digital forensic investigations and electronic discovery services to support litigation efforts. In these roles, he has been qualified as an expert witness in Federal Courts and Tennessee State Courts. Bill is a frequent speaker and published author on the topics of computer security, digital forensics and electronic discovery for numerous legal and technical associations. Additionally, Bill is a Certified Computer Examiner (CCE), GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN) and GIAC Certified Forensic Analyst (GCFA). He is also an active member of the International Society for Forensic Computer Examiners and InfraGard Board member. Bill holds an A.S. in Computer Science from Walters State Community College and a BS in Information Technology from Information Technology.

  • Jason Gillam

    Jason Gillam

    IANS Faculty

    Jason has over 15 years of industry experience including software design, architecture, and security testing. He graduated from Royal Military College of Canada where he earned his Bachelor of Engineering. Jason was the tech lead for Bank of America's Security by Design team for several years, and is currently a Senior Security Consultant at Secure Ideas, LLC. He is author of many extensions for Burp Suite, and is a contributor to several other projects including SamuraiWTF, MobiSec, and Laudanum. Jason has spoken multiple events including BSides and ISSA Charlotte.

  • Teri Radichel

    Teri Radichel

    IANS Faculty

    Teri Radichel was on the original team that helped Capital One, the first major US Bank to use AWS, move production workloads to the cloud. She then architected a SAAS IOT solution for firewalls connecting to the cloud for a security vendor. She also led a cloud team of 30 people and delivered a secure CI/CD pipeline based on her white paper, Balancing Security and Innovation with Event Driven Automation. Now she focuses on training, penetration testing, and cloud security assessments. She also enjoys security research and writing. You can find her articles in publications like Dark Reading, Infosecurity Magazine, and her cloud security blog. Teri has presented on cloud security at conferences like RSA, AWS re:Invent, Countermeasure IT, SANS Networking, SANS Cloud Summit, and BSides. She is an AWS Hero and runs the Seattle AWS Architects and Engineers meetup which has almost 3,000 members. She received the 2017 SANS Differences Makers Award and was on the initial SANS cloud security curriculum advisory board. She now offers training through IANS Summits and other venues. Cybersecurity certifications: GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN

  • Mike Rothman

    Mike Rothman

    IANS Faculty

    Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

  • Mike Saurbaugh

    Mike Saurbaugh

    IANS Faculty

    Mike is the Director of Technical Alliances with Cofense, (formerly, PhishMe). Prior to Cofense, Mike spent nearly two decades in financial services and was the head of information security for 12 years as well as having led IT operations. Mike was involved from the onset with Security Current when it launched and served as the research director leading a number of strategic projects for global security vendors and CISOs. Also, Mike is a mentor with Queen City Fintech, in Charlotte, NC, and has a security consulting LLC where he conducts independent advisory and risk assessment engagements. Mike holds a Master's of Science in Information Assurance from Walsh College and is a member of two college information security curriculum advisory committees. In his free time, he loves to spend time with his wife and two daughters, workout, drive his Jeep Wrangler, and cook for those who love great food and drinks.

  • Joff Thyer

    Joff Thyer

    IANS Faculty

    Joff has 15+ years of experience in the IT industry in roles such as enterprise network architect and network security defender. He has mentored "Intrusion Detection in Depth" and taught "Python for Penetration Testers" for the SANS Institute. Currently Joff is a Researcher and Penetration Tester with Black Hills Information Security (BHIS). He helps lead the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. Joff holds a B.Sc. in Mathematics, an M.Sc. in Computer Science, and holds the GIAC certifications GPEN, GWAPT, and GXPN. In his free time, he is a host on the Security Weekly podcast and contributes to open-source projects.

September 25

In this 5-hour Super Symposium, you'll choose one track to attend. Track 1 with Jake Williams will focus on 'How to Achieve Saner, More Effective Vulnerability Management.' Track 2 with George Gerchow will focus on 'Monitoring, Detection and Response in the Cloud.'

Speakers:
  • George Gerchow

    George Gerchow

    IANS Faculty

    As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

October 2

In this 5-hour Super Symposium, you'll choose one track to attend. Track 1 with Jake Williams will focus on 'How to Achieve Saner, More Effective Vulnerability Management.' Track 2 with Mike Rothman will focus on 'Advancing Cloud Security: A Roadmap.'

Speakers:
  • Mike Rothman

    Mike Rothman

    IANS Faculty

    Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

October 15

Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right.

Speakers:
  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

October 16

2019 Philadelphia
CISO Roundtable

Philadelphia Marriott Downtown

This 1-day roundtable at the Philadelphia Information Security Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.

October 16 - 17

2019 Philadelphia
Information Security Forum

Philadelphia Marriott Downtown

IANS Forum content is designed for senior-level information security executives across all industries. Attendees include CISOs, CIOs, VPs and Managing Directors of Information Security, Senior Information Security Architects, and Senior Information Security Engineers.

Speakers:
  • George Gerchow

    George Gerchow

    IANS Faculty

    As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

  • Dave Kennedy

    Dave Kennedy

    IANS Faculty

    Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

  • Dave Shackleford

    Dave Shackleford

    IANS Faculty

    Dave is Lead Faculty at IANS. He is the Founder and Principal Consultant with Voodoo Security, and has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. Dave is also a SANS analyst, instructor, and course author, as well as a board member with the SANS Technology Institute. He is a VMware vExpert, and has extensive experience designing and configuring secure virtualized infrastructures. He's the author of the Sybex book "Virtualization Security: Protecting Virtualized Environments", leads the Atlanta chapter of the Cloud Security Alliance, and co-chairs the CSA Top Threats to Cloud Working Group. Dave has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and has also worked as a security architect, analyst, and manager for several Fortune 500 companies. Dave has his CISSP and SANS GIAC, and received his Bachelor's degree in Microbiology/Psychology and Computer Information Systems, and also has an MBA from GA Tech, GA State, and Kennesaw State University. When he has time, Dave enjoys running, camping, cooking and playing music (piano, guitar and DJing).

  • Aaron Turner

    Aaron Turner

    IANS Faculty

    Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

  • Ken Van Wyk

    Ken Van Wyk

    IANS Faculty

    Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.

October 16

Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right.

Speakers:
  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

October 23

Securing the cloud is fundamentally different, yet there are very few guidebooks or clear methods to ensure adequate protection. Leading-edge organizations are doing amazing things with cloud-native and DevSecOps approaches, but they’ve matured their security operational capabilities the hard way.

Speakers:
  • Adrian Lane

    Adrian Lane

    IANS Faculty

    Adrian is the CTO of the boutique analyst firm Securosis. Adrian has practiced security for twenty years, with prior experience as the CTO of the database security company IPLocks, VP Engineering at the web commerce firm Touchpoint, CTO/CIO of CPMi (A Raymond James brokerage), and CTO of encryption & DRM firm Transactor. Adrian is known for his depth of knowledge in data security, database (RDBMS & NoSQL) security, security monitoring, assessment, and secure application development. Adrian presents at most major security conferences, and has blogged for Dark Reading and Information Week. Adrian is a Computer Science graduate of the University of California at Berkeley with post-graduate work in operating systems at Stanford University. Adrian is an avid runner, mountain biker and maintain a farm in his back yard, but we suspect he is really too busy with his regular Securosis blogs, webcasts and research papers to ever leave his desk.

October 30

2019 Atlanta
CISO Roundtable

Hyatt Regency Atlanta

This 1-day roundtable at the Atlanta Information Security Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.

October 30 - 31

IANS Forum content is designed for senior-level information security executives across all industries. Attendees include CISOs, CIOs, VPs and Managing Directors of Information Security, Senior Information Security Architects, and Senior Information Security Engineers.

Speakers:
  • Dave Kennedy

    Dave Kennedy

    IANS Faculty

    Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

  • Ondrej Krehel

    Ondrej Krehel

    IANS Faculty

    Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.

  • Mike Rothman

    Mike Rothman

    IANS Faculty

    Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

  • Dave Shackleford

    Dave Shackleford

    IANS Faculty

    Dave is Lead Faculty at IANS. He is the Founder and Principal Consultant with Voodoo Security, and has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. Dave is also a SANS analyst, instructor, and course author, as well as a board member with the SANS Technology Institute. He is a VMware vExpert, and has extensive experience designing and configuring secure virtualized infrastructures. He's the author of the Sybex book "Virtualization Security: Protecting Virtualized Environments", leads the Atlanta chapter of the Cloud Security Alliance, and co-chairs the CSA Top Threats to Cloud Working Group. Dave has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and has also worked as a security architect, analyst, and manager for several Fortune 500 companies. Dave has his CISSP and SANS GIAC, and received his Bachelor's degree in Microbiology/Psychology and Computer Information Systems, and also has an MBA from GA Tech, GA State, and Kennesaw State University. When he has time, Dave enjoys running, camping, cooking and playing music (piano, guitar and DJing).

  • Aaron Turner

    Aaron Turner

    IANS Faculty

    Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

November 6

2019 Boston
CISO Roundtable

Boston Convention and Exhibition Center

This 1-day roundtable at the Boston Information Security Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.

November 6 - 7

2019 Boston
Information Security Forum

Boston Convention and Exhibition Center

IANS Forum content is designed for senior-level information security executives across all industries. Attendees include CISOs, CIOs, VPs and Managing Directors of Information Security, Senior Information Security Architects, and Senior Information Security Engineers.

 

Want to know more? Let us know how we can help you.

Success! Thanks for filling out our form!

* Required Fields