DAY 1
Registration & Breakfast
Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.IANS Welcome & State of the Industry
Come join us as we welcome you to the Forum.
Shamla Naidoo
Shamla Naidoo is an accomplished executive with experience managing hundreds of millions of dollars in budgets for large, globally distributed teams who support operations in 170 countries. As Managing Partner of IBM Global Security Services, Shamla is one of the most influential security executives among Fortune 50 companies. Her advice and thought leadership in strategy and execution is sought by governments, public institutions, and private companies. Her ability to communicate complex technical process into simpler, more understandable terms is highly regarded. Shamla serves on advisory, not-for-profit and academic boards of various public and private institutions.
Phil Gardner
Founder & Chief Executive Officer
Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.
Keynote Interview: From the Durban Slums to Leading Big Blue’s InfoSec Team
with Shamla Naidoo and Phil GardnerIn a Keynote Interview, IBM’s Shamla Naidoo and Phil Gardner will discuss Shamla’s remarkable story – from the slums of Durban, South Africa, to her immigration to the U.S., to being selected as IBM’s Global CISO. Shamla will share how both grit and good fortune have been instrumental in her success. She will also share practical insights on finding mentors, making decisions fearlessly, and managing a global team with decisiveness and empathy.
Tabletop Break
IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Aaron Turner
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.
Advancements in Secure Remote Access
with Aaron TurnerThe endpoint continues to grower wider and muddier as professionals access company resources from a growing array of mobile devices. This session looks at:
- How VPNs are evolving
- Vendors in the space and how they compare.
- Tools and techniques organizations can use to bolster secure remote access
Ken Van Wyk
Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.
File Security: Tools and Techniques in 2019
with Ken Van WykAttackers continue to find new ways to access, steal and corrupt files. This means organizations need to up their game in protecting them. To that end, this session will explore:
- Advancements vendors in the space have made and what’s right for you
- The latest techniques to ensure files are only being accessed by those whose jobs require it
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
GDPR: Learning from EU Regulatory Enforcement Actions
with George GerchowThe EU hasn’t found its posterchild for GDPR punishment yet. Companies are left guessing what they still must do and how much time they’ll have to do it. To help prepare you, this session will explore:
- How to use EU enforcement actions as a guide to assess GDPR strengths and weaknesses
- Preparing for the chance your company will eventually be found lacking by regulators
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
How to Recruit and Retain the Best People
with Davi OttenheimerThe skills gap makes it difficult to find people who are best equipped to handle evolving threats. The best people leave after a year because there are plenty of other opportunities out there. To help address the problem, this session will look at:
- Non-traditional recruiting avenues you can explore to help counteract the skills gap
- How to leverage the NIST Skills Framework to this end
- How to spot warning signs that someone has an eye on the door
- Training and career development options to keep employees growing and interested in staying
- Incentives beyond salaries for retaining people?
Ondrej Krehel
Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.
The Changing Face of Ransomware
with Ondrej KrehelRansomware continues to be a significant problem for many organizations, and it has shown a ferocious ability to evolve. One reason is ransomware as a service, where people with little skill can buy ransomware-making kits online. This session explores:
- Ways ransomware has evolved in the last 6-12 months
- What ransomware as a service looks like and why it’s such a problem
- What vendors are doing to get ahead of the bad guys.
Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
JP Blaho
Arbor Networks, Market Insights leader
John Paul (JP) Blaho currently leads the Market Insights group for Arbor Networks, and is a seasoned Product and Solutions professional with more than 15 years in the product and services marketing aresin IT.With eight years focused specifically on network security solutions, JP has developed a focus on understanding the buyer journey for Enterprises and identify the unique personas who engage in making complex IT security assessment and purchase decisions. Mr. Blaho has worked for leading security and services organizations such as Sungard Availability Services, Blue Coat Systems, Teradyne, and IBM Security.
JP received his BS degree from Bethany College in Bethany, West Virginia, and received his MBA from Northeastern University’s D’Amore-McKim School of Business in Boston, Massachusetts.
Lunch & Sponsor Keynote: Visibility Without Borders: Building a Security Posture to Stop Attacks Closer to the Source
with JP BlahoNetwork and Security Operations teams are hungry for data to analyze and establish security protocols. However, these same teams struggle to correlate the data they do ingest in order to draw connections between server and network or application and device.
Disparate applications, infrastructures and security platforms have exacerbated this visibility gap. Couple this data gap with network growth and limited IT resources, and you start to see the importance of automation and better data analysis. In this session, we will discuss the importance of true network and data visibility, and how it can help standardize and potentially move the defense posture out from the edge and to the source of the attack by having:
- Extensive visibility from the internet through your intranet;
- Continuous visibility at every premise; and
- Smarter visibility based on smart data
Aaron Turner
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.
Cutting Through the AI/ML Vendor Hype
with Aaron TurnerVendors hype the benefits of AI/ML too broadly when it’s really meant for small, well-defined situations. This session will address the following:
- When we say AI/ML is for small or well-defined situations, what are examples of those?
- What are specific examples of where AI/ML works, and where it doesn’t?
John Strand
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
Bringing Red/Blue/Purple Teaming into Balance
with John StrandYour Red Team does one thing, your Blue Team does the other, and they don’t talk. Companies struggle to get them on the same page and achieve the true value of these exercises. What to do? This session will explore:
- The most valuable KPIs to use for these activities
- How to use automation testing to test the effectiveness of a response during an exercise
- How to leverage balanced scorecards for direct tracking of capabilities
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
Choosing a Cloud Provider
with George GerchowThere are too many vendors, an over-saturated market and confusion over the security requirements that truly matter vs. the vendor fluff. In this session, you’ll learn how cut through the confusion and address:
- What the cloud provider landscape look like
- When to go with a big player as opposed to smaller players
- Questions you should ask internally before looking at potential providers
- The right (or wrong) questions to ask prospective cloud providers
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Vendor Optimization: Thinning the Herd
with Davi OttenheimerThere are too many security vendors that have expanded offerings in a way that has created a lot of overlap and complexity within Fortune 1000 companies’ environments. This session will explore:
- How to do an assessment and logically start pruning your stack
- How one tool can replace several others without loss of functionality or controls coverage
- The most important questions to ask your existing and prospective vendors in order to determine where the overlap exists
- Specific examples of what you can kill?
- Integrations between products that currently exist but are not being leveraged
Ondrej Krehel
Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.
Blockchain: What Your Vendors Have and How to Use It
with Ondrej KrehelCompanies don’t understand how blockchain works inside their security vendor offerings. This session will arm attendees with a stronger foundation by exploring:
- The use cases around how blockchain enhances security
- Blockchain-related products that are actually viable
- How blockchain increase the efficacy of things like vulnerability management and SIEM
- What CISOs should tell their exec stakeholders about blockchain
Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.Tabletop Break
IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Aaron Turner
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.
How to Fill SIEM Gaps with UEBA/SOAR
with Aaron TurnerOrganizations want their SIEM to alert them in real time, but that’s not happening. Instead, their SIEM only helps determine how a breach occurred after the fact. Practitioners have heard that UEBA and SOAR can be used to overcome the limits of their current SIEM set up, but they seek concrete answers about how it all works and what kind of training and investments are required. In this session, attendees will learn:
- The specific actions they must take in order to fully understand where their SIEM is hitting the wall,
- A list of ways to tell if their MSSP is properly goaled/resourced/qualified to correlate and alert in real time, and
- A clearer understanding of the small and well-defined situations AI/ML is best suited for.
John Strand
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
Hybrid Web App Pen Testing
with John StrandCompanies do not know whether to do manual or automated web app pen testing, or to go with the hybrid approach. To help find answers, this session will explore:
- How the hybrid approach marks an improvement over the traditional approach
- The limits of an automation-only approach
- What you need in a toolkit -- examples: PortSwigger’s Burp Suite Pro (commercial), OWASP Zed Attack Proxy (open source).
- The ideal testing methodology?
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
DevSecOps Business Cases
with George GerchowCompanies still struggle to get developers and security on the same page. They need case studies to show them where and how DevSecOps successes have happened. To that end, this session explores:
- Case studies of DevSecOps done right
- How to measure your maturity for DevSecOps -- Phase 1 to Phase 5, for example
- How to put the “Shift Left” DevSecOps workflow in place
- How DevSecOps leads to more secure cloud deployments
- How to use DevSecOps to improve security in IoT technology when they are at the development stage
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Getting Control of Container Security
with Davi OttenheimerFortune 1000 problem: Companies spin up containers quickly, then set them loose with no security due diligence. It’s a process problem as much as a technology issue. Questions to address:
- How can a company create a more deliberate process to determine when containers are necessary?
- What is some specific automation or orchestration tools? (Docker Swarm, Kubernates). This part is the end.
- How does one optimize such tools as AppArmor and SELinuxbecause to prevents a misconfiguration or bug at the container daemon level?
- What is Docker Notary and how can it add a layer of trust?
- What are some of the more recent attacks to exploit unsecured containers?
Ken Van Wyk
Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.
Mobile Device Management: Case Studies of Success and Failure
with Ken Van WykCompanies still struggle to secure personal devices on the company network. They need examples and case studies of how others have successfully (and unsuccessfully) done it. This session explores:
- How to develop a threat model for all types of personal devices
- How to you approach data protections on devices without traditional security controls
- Who owns the endpoint? Does it matter anymore?
- The differences between iOS vs. Android
- Is ZeroTrust enabling secure BYOD procedures or preventing it?
Networking Reception
Come network with your peers! Hors d'eouvres and cocktails will be served!DAY 2
Registration & Breakfast
Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.Keynote Address
More info coming soon.Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Breaking a Failed Vulnerability Management Cycle
with Davi OttenheimerCompanies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right. This session will explore:
- Particular tools you should be using to create more automation
- How to use automation to move through the flaw finding and patching process more quickly
- Which companies have taken this to the next level
- What they did to move past the struggle most still find themselves in
- What the Vulnerability Management Process Workflow is and how will it help
- How can organizations can ensure data within their SQL Server, DB2 and Oracle databases are secure?
- Besides Shodan, some other tools that will cast a wider net for vulnerabilities
Ondrej Krehel
Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.
Cryptojacking & Cryptocurrency Mining: Defensive Measures
with Ondrej KrehelCryptojacking malware and crypto mining are eating AWS resources, tying up CPU capacity and costing money. This session will help you fight back by exploring:
- How to tell if cryptomining malware is in the system
- How to get the malware out of your systems
- How to keep it out
- The most prolific cryptocurrency-based attacks targeting companies
- How this malware differs from others, such as worms, ransomware and Trojans
John Strand
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
Deception and Honeypots
with John StrandCompanies struggle enough with basic security tasks and don’t truly know if deception/honeypots are worth trying or if they would provide the adequate ROI. To help them reach a better place, this session will explore:
- What level of operational maturity one must have for honeypots/deception to make sense?
- How to find balance when it comes to how many doors to leave open for snoopers and would-be thieves.
- The latest honeypot/deception technologies worth deploying
- The management/technology overhang associated with them?
- Buying versus building
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
Multi-cloud Deployments: People, Process, Technology
with George GerchowThe process to align controls, capabilities and governance is a mess, with misaligned team reporting structures and central management that fails to span environments. This session will explore:
- How to compare/contrast controls between multiple PaaS/IaaS environments
- How to evolve Identity and Access Management for multi-cloud deployments
- Which controls lend themselves to centralization and multiple cloud environments
- How to adapt governance, risk assessment and critical security processes for multi-cloud deployments
Ron Ritchey
Ron is a seasoned technologist specializing in cyber security with over 30 years experience working within the IT industry. At JP Morgan Chase, Ron is the global lead for their Cyber Security Technology and Architecture team. This group is responsible for helping the business build and maintain robust, secure solutions to support our clients and employees. He is also an active researcher and speaker in the IA field and is widely published on network security topics including co-authoring books on Software Assurance and Insider Threat. He has authored courses on computer security that have been taught across the country and has been a faculty member of the SANS Institute, the Institute for Applied Network Security (IANS), and George Mason University. He holds masters and bachelors degrees in computer science from Mason and a PhD in Information Technology from their School of Information Technology and Engineering.
Prioritizing Privilege Management
with Ron RitcheyAs IT infrastructure gets more complex and infrastructure-as-a-service (IaaS) becomes a reality, one of the few controls we have left is privileged user management (PUM). But it’s difficult to get it right. To advance in the right direction, this session will explore:
- How to link privileged access management to change management
- How to identify what is happening with the use of these credentials
- How to Identify the appropriate tools to use for privileged access management
- How to handle insider threats related to privilege abuse/misuse
Tabletop Break
IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Chris Calvert
Respond Software, VP Product Strategy and Co-Founder
Chris has over 30 years of experience in defensive information security: 14 years in the defense and intelligence community and 17 years in the commercial industry. He has worked on the Defense Department Joint Staff and held leadership positions in both large and small companies, including IBM and HPE. He has designed, built and managed global security operations centers and incident response teams for six of the global Fortune-50. As he often says, if you have complaints about today’s security operations model, you can partially blame him. It’s from his first-hand experience in learning the limitations of the man vs. data SecOps model that Chris leads product design and strategy for Respond Software.
Lunch & Sponsor Keynote: The Power of AI to Disrupt Security Ops
with Chris CalvertMany of today’s companies are hesitant to adopt new security technologies – particularly AI. The truth is AI is successfully disrupting many area of security operations and shifting us away from the traditional SOC and man-led threat intelligence. In this session, Chris Calvert will introduce the concept of autonomous security driven by AI, probability theory and advanced algorithms. These new technologies apply reasoning, judgement and experience to identify threats and make decisions at the scale, speed and consistency no human can match, freeing up analysts for higher level investigation and response actions.
Calvert believes that this new approach to old security issues, shifting from human-led security to machine-led security and utilizing AI, can and will be realistic for any security organization.
Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Case Study: How One Company Uses AI/ML
with Davi OttenheimerCompanies have heard much about the benefits of AI/ML but have struggled to see where it’s useful in their environments. This session will explore:
- How BOA or another big company are doing it.
Ken Van Wyk
Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.
Insider Threats
with Ken Van WykCompanies are usually unaware that a malicious insider is up to no good in their networks until it’s too late. They need help knowing how to identify early red flags. To that end, this session will explore:
- Early red flags to look for
- Security controls you can put in place to detect and prevent insider threat activity
- Top insider threat monitoring solutions, their strengths and weaknesses
- Detection tool essentials
John Strand
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
New Threat Hunting Techniques
with John StrandAttackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It’s time to get proactive – and that’s where threat hunting comes into play. This session explores the latest techniques in that area, and how to:
- Position hunt teams to directly increase the overall maturity (and ROI) of their monitoring and detection capabilities, and
- Detect abnormal patterns of behavior.
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
Adapting the SOC to a Cloud Environment
with George GerchowSecurity Operations Centers remain rooted in the same tech, procedures and mindsets that existed before the cloud. They need to adapt to life in the cloud, and this session will explore how to get there. Issues addressed include:
- How an old-world SOC differs from one in the cloud
- Changes you need to make with your SOC
- How to make that transition without dropping the ball in either world
- Skills that need to be picked up in the new cloud-based SOC
- Examples of cloud detection and response
Ron Ritchey
Ron is a seasoned technologist specializing in cyber security with over 30 years experience working within the IT industry. At JP Morgan Chase, Ron is the global lead for their Cyber Security Technology and Architecture team. This group is responsible for helping the business build and maintain robust, secure solutions to support our clients and employees. He is also an active researcher and speaker in the IA field and is widely published on network security topics including co-authoring books on Software Assurance and Insider Threat. He has authored courses on computer security that have been taught across the country and has been a faculty member of the SANS Institute, the Institute for Applied Network Security (IANS), and George Mason University. He holds masters and bachelors degrees in computer science from Mason and a PhD in Information Technology from their School of Information Technology and Engineering.
IoT: Who Owns Device Risk Management
with Ron RitcheyThere’s no clear consensus on who is responsible for managing risks associated with IoT devices in an organization. This session is designed to clear up that confusion. Attendees will learn:
- Where all the IOT devices are
- The breakdown of who should be in charge of security risks related to IOT
- How to assemble a responsibility tree for who does what if an IOT-related compromise happens
Closing Ceremonies
Come network with your peers! Hors d'eouvres and cocktails will be served!DAY 1
Registration & Breakfast
Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.IANS Welcome & State of the Industry
Come join us as we welcome you to the Forum.
Shamla Naidoo
Shamla Naidoo is an accomplished executive with experience managing hundreds of millions of dollars in budgets for large, globally distributed teams who support operations in 170 countries. As Managing Partner of IBM Global Security Services, Shamla is one of the most influential security executives among Fortune 50 companies. Her advice and thought leadership in strategy and execution is sought by governments, public institutions, and private companies. Her ability to communicate complex technical process into simpler, more understandable terms is highly regarded. Shamla serves on advisory, not-for-profit and academic boards of various public and private institutions.
Phil Gardner
Founder & Chief Executive Officer
Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.
Keynote Interview: From the Durban Slums to Leading Big Blue’s InfoSec Team
with Shamla Naidoo and Phil GardnerIn a Keynote Interview, IBM’s Shamla Naidoo and Phil Gardner will discuss Shamla’s remarkable story – from the slums of Durban, South Africa, to her immigration to the U.S., to being selected as IBM’s Global CISO. Shamla will share how both grit and good fortune have been instrumental in her success. She will also share practical insights on finding mentors, making decisions fearlessly, and managing a global team with decisiveness and empathy.
Tabletop Break
IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Aaron Turner
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.
Advancements in Secure Remote Access
with Aaron TurnerThe endpoint continues to grower wider and muddier as professionals access company resources from a growing array of mobile devices. This session looks at:
- How VPNs are evolving
- Vendors in the space and how they compare.
- Tools and techniques organizations can use to bolster secure remote access
Ken Van Wyk
Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.
File Security: Tools and Techniques in 2019
with Ken Van WykAttackers continue to find new ways to access, steal and corrupt files. This means organizations need to up their game in protecting them. To that end, this session will explore:
- Advancements vendors in the space have made and what’s right for you
- The latest techniques to ensure files are only being accessed by those whose jobs require it
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
GDPR: Learning from EU Regulatory Enforcement Actions
with George GerchowThe EU hasn’t found its posterchild for GDPR punishment yet. Companies are left guessing what they still must do and how much time they’ll have to do it. To help prepare you, this session will explore:
- How to use EU enforcement actions as a guide to assess GDPR strengths and weaknesses
- Preparing for the chance your company will eventually be found lacking by regulators
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
How to Recruit and Retain the Best People
with Davi OttenheimerThe skills gap makes it difficult to find people who are best equipped to handle evolving threats. The best people leave after a year because there are plenty of other opportunities out there. To help address the problem, this session will look at:
- Non-traditional recruiting avenues you can explore to help counteract the skills gap
- How to leverage the NIST Skills Framework to this end
- How to spot warning signs that someone has an eye on the door
- Training and career development options to keep employees growing and interested in staying
- Incentives beyond salaries for retaining people?
Ondrej Krehel
Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.
The Changing Face of Ransomware
with Ondrej KrehelRansomware continues to be a significant problem for many organizations, and it has shown a ferocious ability to evolve. One reason is ransomware as a service, where people with little skill can buy ransomware-making kits online. This session explores:
- Ways ransomware has evolved in the last 6-12 months
- What ransomware as a service looks like and why it’s such a problem
- What vendors are doing to get ahead of the bad guys.
Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
JP Blaho
Arbor Networks, Market Insights leader
John Paul (JP) Blaho currently leads the Market Insights group for Arbor Networks, and is a seasoned Product and Solutions professional with more than 15 years in the product and services marketing aresin IT.With eight years focused specifically on network security solutions, JP has developed a focus on understanding the buyer journey for Enterprises and identify the unique personas who engage in making complex IT security assessment and purchase decisions. Mr. Blaho has worked for leading security and services organizations such as Sungard Availability Services, Blue Coat Systems, Teradyne, and IBM Security.
JP received his BS degree from Bethany College in Bethany, West Virginia, and received his MBA from Northeastern University’s D’Amore-McKim School of Business in Boston, Massachusetts.
Lunch & Sponsor Keynote: Visibility Without Borders: Building a Security Posture to Stop Attacks Closer to the Source
with JP BlahoNetwork and Security Operations teams are hungry for data to analyze and establish security protocols. However, these same teams struggle to correlate the data they do ingest in order to draw connections between server and network or application and device.
Disparate applications, infrastructures and security platforms have exacerbated this visibility gap. Couple this data gap with network growth and limited IT resources, and you start to see the importance of automation and better data analysis. In this session, we will discuss the importance of true network and data visibility, and how it can help standardize and potentially move the defense posture out from the edge and to the source of the attack by having:
- Extensive visibility from the internet through your intranet;
- Continuous visibility at every premise; and
- Smarter visibility based on smart data
Aaron Turner
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.
Cutting Through the AI/ML Vendor Hype
with Aaron TurnerVendors hype the benefits of AI/ML too broadly when it’s really meant for small, well-defined situations. This session will address the following:
- When we say AI/ML is for small or well-defined situations, what are examples of those?
- What are specific examples of where AI/ML works, and where it doesn’t?
John Strand
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
Bringing Red/Blue/Purple Teaming into Balance
with John StrandYour Red Team does one thing, your Blue Team does the other, and they don’t talk. Companies struggle to get them on the same page and achieve the true value of these exercises. What to do? This session will explore:
- The most valuable KPIs to use for these activities
- How to use automation testing to test the effectiveness of a response during an exercise
- How to leverage balanced scorecards for direct tracking of capabilities
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
Choosing a Cloud Provider
with George GerchowThere are too many vendors, an over-saturated market and confusion over the security requirements that truly matter vs. the vendor fluff. In this session, you’ll learn how cut through the confusion and address:
- What the cloud provider landscape look like
- When to go with a big player as opposed to smaller players
- Questions you should ask internally before looking at potential providers
- The right (or wrong) questions to ask prospective cloud providers
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Vendor Optimization: Thinning the Herd
with Davi OttenheimerThere are too many security vendors that have expanded offerings in a way that has created a lot of overlap and complexity within Fortune 1000 companies’ environments. This session will explore:
- How to do an assessment and logically start pruning your stack
- How one tool can replace several others without loss of functionality or controls coverage
- The most important questions to ask your existing and prospective vendors in order to determine where the overlap exists
- Specific examples of what you can kill?
- Integrations between products that currently exist but are not being leveraged
Ondrej Krehel
Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.
Blockchain: What Your Vendors Have and How to Use It
with Ondrej KrehelCompanies don’t understand how blockchain works inside their security vendor offerings. This session will arm attendees with a stronger foundation by exploring:
- The use cases around how blockchain enhances security
- Blockchain-related products that are actually viable
- How blockchain increase the efficacy of things like vulnerability management and SIEM
- What CISOs should tell their exec stakeholders about blockchain
Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.Tabletop Break
IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Aaron Turner
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.
How to Fill SIEM Gaps with UEBA/SOAR
with Aaron TurnerOrganizations want their SIEM to alert them in real time, but that’s not happening. Instead, their SIEM only helps determine how a breach occurred after the fact. Practitioners have heard that UEBA and SOAR can be used to overcome the limits of their current SIEM set up, but they seek concrete answers about how it all works and what kind of training and investments are required. In this session, attendees will learn:
- The specific actions they must take in order to fully understand where their SIEM is hitting the wall,
- A list of ways to tell if their MSSP is properly goaled/resourced/qualified to correlate and alert in real time, and
- A clearer understanding of the small and well-defined situations AI/ML is best suited for.
John Strand
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
Hybrid Web App Pen Testing
with John StrandCompanies do not know whether to do manual or automated web app pen testing, or to go with the hybrid approach. To help find answers, this session will explore:
- How the hybrid approach marks an improvement over the traditional approach
- The limits of an automation-only approach
- What you need in a toolkit -- examples: PortSwigger’s Burp Suite Pro (commercial), OWASP Zed Attack Proxy (open source).
- The ideal testing methodology?
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
DevSecOps Business Cases
with George GerchowCompanies still struggle to get developers and security on the same page. They need case studies to show them where and how DevSecOps successes have happened. To that end, this session explores:
- Case studies of DevSecOps done right
- How to measure your maturity for DevSecOps -- Phase 1 to Phase 5, for example
- How to put the “Shift Left” DevSecOps workflow in place
- How DevSecOps leads to more secure cloud deployments
- How to use DevSecOps to improve security in IoT technology when they are at the development stage
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Getting Control of Container Security
with Davi OttenheimerFortune 1000 problem: Companies spin up containers quickly, then set them loose with no security due diligence. It’s a process problem as much as a technology issue. Questions to address:
- How can a company create a more deliberate process to determine when containers are necessary?
- What is some specific automation or orchestration tools? (Docker Swarm, Kubernates). This part is the end.
- How does one optimize such tools as AppArmor and SELinuxbecause to prevents a misconfiguration or bug at the container daemon level?
- What is Docker Notary and how can it add a layer of trust?
- What are some of the more recent attacks to exploit unsecured containers?
Ken Van Wyk
Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.
Mobile Device Management: Case Studies of Success and Failure
with Ken Van WykCompanies still struggle to secure personal devices on the company network. They need examples and case studies of how others have successfully (and unsuccessfully) done it. This session explores:
- How to develop a threat model for all types of personal devices
- How to you approach data protections on devices without traditional security controls
- Who owns the endpoint? Does it matter anymore?
- The differences between iOS vs. Android
- Is ZeroTrust enabling secure BYOD procedures or preventing it?
Networking Reception
Come network with your peers! Hors d'eouvres and cocktails will be served!DAY 2
Registration & Breakfast
Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.Keynote Address
More info coming soon.Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Breaking a Failed Vulnerability Management Cycle
with Davi OttenheimerCompanies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right. This session will explore:
- Particular tools you should be using to create more automation
- How to use automation to move through the flaw finding and patching process more quickly
- Which companies have taken this to the next level
- What they did to move past the struggle most still find themselves in
- What the Vulnerability Management Process Workflow is and how will it help
- How can organizations can ensure data within their SQL Server, DB2 and Oracle databases are secure?
- Besides Shodan, some other tools that will cast a wider net for vulnerabilities
Ondrej Krehel
Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.
Cryptojacking & Cryptocurrency Mining: Defensive Measures
with Ondrej KrehelCryptojacking malware and crypto mining are eating AWS resources, tying up CPU capacity and costing money. This session will help you fight back by exploring:
- How to tell if cryptomining malware is in the system
- How to get the malware out of your systems
- How to keep it out
- The most prolific cryptocurrency-based attacks targeting companies
- How this malware differs from others, such as worms, ransomware and Trojans
John Strand
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
Deception and Honeypots
with John StrandCompanies struggle enough with basic security tasks and don’t truly know if deception/honeypots are worth trying or if they would provide the adequate ROI. To help them reach a better place, this session will explore:
- What level of operational maturity one must have for honeypots/deception to make sense?
- How to find balance when it comes to how many doors to leave open for snoopers and would-be thieves.
- The latest honeypot/deception technologies worth deploying
- The management/technology overhang associated with them?
- Buying versus building
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
Multi-cloud Deployments: People, Process, Technology
with George GerchowThe process to align controls, capabilities and governance is a mess, with misaligned team reporting structures and central management that fails to span environments. This session will explore:
- How to compare/contrast controls between multiple PaaS/IaaS environments
- How to evolve Identity and Access Management for multi-cloud deployments
- Which controls lend themselves to centralization and multiple cloud environments
- How to adapt governance, risk assessment and critical security processes for multi-cloud deployments
Ron Ritchey
Ron is a seasoned technologist specializing in cyber security with over 30 years experience working within the IT industry. At JP Morgan Chase, Ron is the global lead for their Cyber Security Technology and Architecture team. This group is responsible for helping the business build and maintain robust, secure solutions to support our clients and employees. He is also an active researcher and speaker in the IA field and is widely published on network security topics including co-authoring books on Software Assurance and Insider Threat. He has authored courses on computer security that have been taught across the country and has been a faculty member of the SANS Institute, the Institute for Applied Network Security (IANS), and George Mason University. He holds masters and bachelors degrees in computer science from Mason and a PhD in Information Technology from their School of Information Technology and Engineering.
Prioritizing Privilege Management
with Ron RitcheyAs IT infrastructure gets more complex and infrastructure-as-a-service (IaaS) becomes a reality, one of the few controls we have left is privileged user management (PUM). But it’s difficult to get it right. To advance in the right direction, this session will explore:
- How to link privileged access management to change management
- How to identify what is happening with the use of these credentials
- How to Identify the appropriate tools to use for privileged access management
- How to handle insider threats related to privilege abuse/misuse
Tabletop Break
IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Chris Calvert
Respond Software, VP Product Strategy and Co-Founder
Chris has over 30 years of experience in defensive information security: 14 years in the defense and intelligence community and 17 years in the commercial industry. He has worked on the Defense Department Joint Staff and held leadership positions in both large and small companies, including IBM and HPE. He has designed, built and managed global security operations centers and incident response teams for six of the global Fortune-50. As he often says, if you have complaints about today’s security operations model, you can partially blame him. It’s from his first-hand experience in learning the limitations of the man vs. data SecOps model that Chris leads product design and strategy for Respond Software.
Lunch & Sponsor Keynote: The Power of AI to Disrupt Security Ops
with Chris CalvertMany of today’s companies are hesitant to adopt new security technologies – particularly AI. The truth is AI is successfully disrupting many area of security operations and shifting us away from the traditional SOC and man-led threat intelligence. In this session, Chris Calvert will introduce the concept of autonomous security driven by AI, probability theory and advanced algorithms. These new technologies apply reasoning, judgement and experience to identify threats and make decisions at the scale, speed and consistency no human can match, freeing up analysts for higher level investigation and response actions.
Calvert believes that this new approach to old security issues, shifting from human-led security to machine-led security and utilizing AI, can and will be realistic for any security organization.
Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Davi Ottenheimer
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Case Study: How One Company Uses AI/ML
with Davi OttenheimerCompanies have heard much about the benefits of AI/ML but have struggled to see where it’s useful in their environments. This session will explore:
- How BOA or another big company are doing it.
Ken Van Wyk
Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.
Insider Threats
with Ken Van WykCompanies are usually unaware that a malicious insider is up to no good in their networks until it’s too late. They need help knowing how to identify early red flags. To that end, this session will explore:
- Early red flags to look for
- Security controls you can put in place to detect and prevent insider threat activity
- Top insider threat monitoring solutions, their strengths and weaknesses
- Detection tool essentials
John Strand
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
New Threat Hunting Techniques
with John StrandAttackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It’s time to get proactive – and that’s where threat hunting comes into play. This session explores the latest techniques in that area, and how to:
- Position hunt teams to directly increase the overall maturity (and ROI) of their monitoring and detection capabilities, and
- Detect abnormal patterns of behavior.
George Gerchow
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
Adapting the SOC to a Cloud Environment
with George GerchowSecurity Operations Centers remain rooted in the same tech, procedures and mindsets that existed before the cloud. They need to adapt to life in the cloud, and this session will explore how to get there. Issues addressed include:
- How an old-world SOC differs from one in the cloud
- Changes you need to make with your SOC
- How to make that transition without dropping the ball in either world
- Skills that need to be picked up in the new cloud-based SOC
- Examples of cloud detection and response
Ron Ritchey
Ron is a seasoned technologist specializing in cyber security with over 30 years experience working within the IT industry. At JP Morgan Chase, Ron is the global lead for their Cyber Security Technology and Architecture team. This group is responsible for helping the business build and maintain robust, secure solutions to support our clients and employees. He is also an active researcher and speaker in the IA field and is widely published on network security topics including co-authoring books on Software Assurance and Insider Threat. He has authored courses on computer security that have been taught across the country and has been a faculty member of the SANS Institute, the Institute for Applied Network Security (IANS), and George Mason University. He holds masters and bachelors degrees in computer science from Mason and a PhD in Information Technology from their School of Information Technology and Engineering.
IoT: Who Owns Device Risk Management
with Ron RitcheyThere’s no clear consensus on who is responsible for managing risks associated with IoT devices in an organization. This session is designed to clear up that confusion. Attendees will learn:
- Where all the IOT devices are
- The breakdown of who should be in charge of security risks related to IOT
- How to assemble a responsibility tree for who does what if an IOT-related compromise happens
Closing Ceremonies
Come network with your peers! Hors d'eouvres and cocktails will be served!2019 New York Speakers
JP Blaho
NETSCOUT, Senior Manager, Product Marketing
Arbor Networks, Market Insights leader
John Paul (JP) Blaho currently leads the Market Insights group for Arbor Networks, and is a seasoned Product and Solutions professional with more than 15 years in the product and services marketing aresin IT.With eight years focused specifically on network security solutions, JP has developed a focus on understanding the buyer journey for Enterprises and identify the unique personas who engage in making complex IT security assessment and purchase decisions. Mr. Blaho has worked for leading security and services organizations such as Sungard Availability Services, Blue Coat Systems, Teradyne, and IBM Security.
JP received his BS degree from Bethany College in Bethany, West Virginia, and received his MBA from Northeastern University’s D’Amore-McKim School of Business in Boston, Massachusetts.
Presentations
- Lunch & Sponsor Keynote: Visibility Without Borders: Building a Security Posture to Stop Attacks Closer to the SourceDAY 112:00 PM 12:50 PM
Chris Calvert
Respond Software, VP Products
Respond Software, VP Product Strategy and Co-Founder
Chris has over 30 years of experience in defensive information security: 14 years in the defense and intelligence community and 17 years in the commercial industry. He has worked on the Defense Department Joint Staff and held leadership positions in both large and small companies, including IBM and HPE. He has designed, built and managed global security operations centers and incident response teams for six of the global Fortune-50. As he often says, if you have complaints about today’s security operations model, you can partially blame him. It’s from his first-hand experience in learning the limitations of the man vs. data SecOps model that Chris leads product design and strategy for Respond Software.
Presentations
- Lunch & Sponsor Keynote: The Power of AI to Disrupt Security OpsDAY 212:50 PM 1:40 PM
George Gerchow
IANS Faculty
As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.
Presentations
- GDPR: Learning from EU Regulatory Enforcement ActionsDAY 110:35 AM 11:10 AM
- Choosing a Cloud ProviderDAY 11:00 PM 2:15 PM
- DevSecOps Business CasesDAY 14:05 PM 4:40 PM
- Multi-cloud Deployments: People, Process, TechnologyDAY 210:35 AM 11:00 AM
- Adapting the SOC to a Cloud EnvironmentDAY 23:20 PM 4:20 PM
Ondrej Krehel
IANS Faculty
Ondrej Krehel is the CEO and Founder of LIFARS LLC, an international cybersecurity and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously conducted forensics investigations and managed the cyber security department at Stroz Friedberg and the Loews Corporation. With two decades of experience in computer security and digital forensics, he has launched investigations into a broad range of IT security matters—from hacker attacks to data breaches to intellectual property theft. His work has received attention from CNN, Reuters, The Wall Street Journal and The New York Times, among many others.
Presentations
- The Changing Face of RansomwareDAY 110:35 AM 11:10 AM
- Blockchain: What Your Vendors Have and How to Use ItDAY 11:00 PM 2:15 PM
- Cryptojacking & Cryptocurrency Mining: Defensive MeasuresDAY 210:25 AM 11:00 AM
Shamla Naidoo
Managing Partner of IBM Global Security Services
Shamla Naidoo is an accomplished executive with experience managing hundreds of millions of dollars in budgets for large, globally distributed teams who support operations in 170 countries. As Managing Partner of IBM Global Security Services, Shamla is one of the most influential security executives among Fortune 50 companies. Her advice and thought leadership in strategy and execution is sought by governments, public institutions, and private companies. Her ability to communicate complex technical process into simpler, more understandable terms is highly regarded. Shamla serves on advisory, not-for-profit and academic boards of various public and private institutions.
Presentations
- Keynote Interview: From the Durban Slums to Leading Big Blue’s InfoSec TeamDAY 18:45 AM 9:30 AM
Davi Ottenheimer
IANS Faculty
Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.
Presentations
- How to Recruit and Retain the Best PeopleDAY 110:35 AM 11:10 AM
- Vendor Optimization: Thinning the HerdDAY 11:00 PM 2:15 PM
- Getting Control of Container SecurityDAY 14:05 PM 4:40 PM
- Breaking a Failed Vulnerability Management CycleDAY 210:25 AM 11:00 AM
- Case Study: How One Company Uses AI/MLDAY 23:20 PM 4:20 PM
Ron Ritchey
IANS Faculty
Ron is a seasoned technologist specializing in cyber security with over 30 years experience working within the IT industry. At JP Morgan Chase, Ron is the global lead for their Cyber Security Technology and Architecture team. This group is responsible for helping the business build and maintain robust, secure solutions to support our clients and employees. He is also an active researcher and speaker in the IA field and is widely published on network security topics including co-authoring books on Software Assurance and Insider Threat. He has authored courses on computer security that have been taught across the country and has been a faculty member of the SANS Institute, the Institute for Applied Network Security (IANS), and George Mason University. He holds masters and bachelors degrees in computer science from Mason and a PhD in Information Technology from their School of Information Technology and Engineering.
Presentations
- Prioritizing Privilege ManagementDAY 210:35 AM 11:00 AM
- IoT: Who Owns Device Risk ManagementDAY 23:20 PM 4:20 PM
John Strand
IANS Faculty
John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.
Presentations
- Bringing Red/Blue/Purple Teaming into BalanceDAY 11:00 PM 2:15 PM
- Hybrid Web App Pen TestingDAY 14:05 PM 4:40 PM
- Deception and HoneypotsDAY 210:25 AM 11:00 AM
- New Threat Hunting TechniquesDAY 23:20 PM 4:20 PM
Aaron Turner
IANS Faculty
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.
Presentations
- Advancements in Secure Remote AccessDAY 110:35 AM 11:10 AM
- Cutting Through the AI/ML Vendor HypeDAY 11:00 PM 2:15 PM
- How to Fill SIEM Gaps with UEBA/SOARDAY 14:05 PM 4:40 PM
Ken Van Wyk
IANS Faculty
Kenneth R. van Wyk is an internationally recognized information security expert and author of three popular books, Enterprise Software Security, Secure Coding, and Incident Response. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds the following positions: Member of the Board of Directors for SecAppDev (http://www.secappdev.org), and monthly columnist for Computerworld (http://www.Computerworld.com). Ken is also the project leader of the Open Web Application Security Project (OWASP) iGoat project and is a Lehigh University distinguished engineering alumnus. Ken has 25 years experience as an IT Security practitioner in the commercial, academic, and military sectors. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. At Carnegie Mellon University’s Software Engineering Institute, Ken was one of the founders of the Computer Emergency Response Team (CERT®). He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, and has presented tutorials and technical sessions CSI, ISF, USENIX, FIRST, AusCERT, and others. Ken is a dual citizen of the EU (England) and the USA, and holds a current U.S. Department of Defense TOP SECRET clearance.
Presentations
- File Security: Tools and Techniques in 2019DAY 110:35 AM 11:10 AM
- Mobile Device Management: Case Studies of Success and FailureDAY 14:05 PM 4:40 PM
- Insider ThreatsDAY 210:35 AM 11:00 AM
Platinum Sponsors
NETSCOUT
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) assures digital business services against disruptions in availability, performance, and security. Our nGenius service assurance solutions provide real-time, contextual analysis of service, network, and application performance. Arbor security solutions protect against DDoS attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers, or in the cloud, and how NETSCOUT’s performance and security solutions, powered by service intelligence can help you move forward with confidence, visit www.netscout.com or follow @NETSCOUT and @ArborNetworks on Twitter, Facebook, or LinkedIn.
Respond
Respond Software delivers instant return on investment (ROI) to organizations in their battle against cyber-crime. With its patented intelligent decision engine, PGO®, Respond Software’s product uniquely combines the best of human expert judgement with the scale and consistency of software. Our quick-to-implement cybersecurity automation software delivers the equivalent of a virtual, best-of-breed analyst team that dramatically increases capacity and improves monitoring and triage capabilities at a fraction of the cost. Respond Software was founded in 2016 by security and software industry veterans. www.respond-software.com
Gold Sponsors
Aqua Security
Armis
Contrast Security
Contrast Security enables applications to automatically detect and fix vulnerabilities, identify attacks, and defend themselves. Contrast employs security instrumentation to strengthen applications before they deploy, protect in production and provide visibility throughout the application lifecycle. More information can be found at www.contrastsecurity.com or by following Contrast on Twitter at @ContrastSec.
Cymulate
Deep Instinct
Deep Instinct is the first company to apply deep learning to cybersecurity. Deep learning is inspired by the brain’s ability to learn. Once a brain learns to identify an object, its identification becomes second nature. Similarly, as Deep Instinct’s artificial neural network brain learns to detect any type of cyber threat, its prediction capabilities become instinctive. As a result, any kind of malware, known and new, first-seen malware, zero-days, ransomware and APT attacks are predicted and prevented in real-time with unmatched accuracy.
Malwarebytes
Qualys
Tanium
Tanium gives the world’s largest enterprises and government organizations the unique power to secure, control, and manage millions of endpoints across the enterprise within seconds. Serving as the “central nervous system” for enterprises, Tanium empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, retrieve data on their current and historical state, and execute change as necessary, all within seconds. With the unprecedented speed, scale, and simplicity of Tanium, organizations now have complete and accurate information on the state of endpoints at all times to more effectively protect against modern day threats and realize new levels of efficiency in IT operations. Visit us at www.tanium.com or follow us on Twitter at @Tanium.
XM Cyber
ZeroFOX
ZeroFOX, the innovator of social media & digital security, protects modern organizations from dynamic security, brand and physical risks across social, mobile, web and collaboration platforms. Using targeted data collection and artificial intelligence-based analysis, ZeroFOX protects modern organizations from targeted phishing attacks, credential compromise, data exfiltration, brand hijacking, executive and location threats and more. Recognized as a Leader in Digital Risk Monitoring by Forrester, the patented ZeroFOX SaaS platform processes and protects millions of posts, messages and accounts daily across the social and digital landscape, spanning LinkedIn, Facebook, Slack, Twitter, HipChat, Instagram, Reddit, Pastebin, Tumblr, YouTube, VK, mobile app stores, the deep & dark web, domains and more.
Led by a team of information security and high-growth company veterans, ZeroFOX has raised nearly $100M in funding from NEA, Highland Capital, Silver Lake Waterman, Redline Capital and others, and has collected top industry awards such as Red Herring North America Top 100, the SINET16 Champion, Dark Reading’s Top Security Startups to Watch, Tech Council of Maryland’s Technology Company of the Year and the Security Tech Trailblazer of the Year.
Silver Sponsors
GuidePoint Security
GuidePoint Security is an elite team of top certified cybersecurity experts. We help organizations minimize cyber gaps and vulnerabilities, understand the evolving threat landscape and optimize resources designed to create a safer, more secure cybersecurity ecosystem. Learn more at www.guidepointsecurity.com.
Intezer
Intezer introduces a Genetic Malware Analysis approach, offering enterprises unparalleled and accelerated incident response. The company provides a fast, in-depth understanding of any file by mapping its code DNA at the ‘gene’ level -- offering the most advanced level of malware detection and analysis. For more information, visit intezer.com.
Kenna Security
Kenna Security is a leader in cyber risk management. The Kenna Security platform, powered by Cyber Risk Context Technology, tracks and predicts real-world exploitations, enabling organizations to work cross-functionally to mitigate cyber risk. Kenna counts among its customers many Fortune 100 companies, and serves nearly every major vertical. Kenna Security is headquartered in San Francisco.
SentinelOne
SentinelOne was founded in 2013 by an elite team of cyber security and defense experts who developed a fundamentally new, groundbreaking approach to endpoint protection.
SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity. SentinelOne unifies prevention, detection, response, remediation and forensics in a single platform powered by artificial intelligence. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated integrated response and to adapt their defenses against the most advanced cyberattacks. SentinelOne has offices in Mountain View, Tel Aviv, and Tokyo. The company is recognized by Gartner as a Visionary for Endpoint Protection and has enterprise customers in North America, Europe, and Japan.
To learn more, please visit our website at www.sentinelone.com.
Terbium Labs
Terbium Labs’ flagship product, Matchlight, provides clients with unprecedented visibility into their exposure on the dark web. This visibility enables a variety of uses, ranging from monitoring of account credentials for information security organizations to real-time analysis of likely common points of compromise of stolen payment cards for anti-fraud practitioners.
Varonis Systems Inc.
Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification, and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.
WhiteSource
WhiteSource helps businesses all over the world to develop better software by harnessing the power of open source.
Open source components, a significant and important part of commercial software today, are often substantially under-managed. WhiteSource fully automates the entire process of open source components selection, approval, tracking and management, including real-time alerts on vulnerable and problematic open source components, customized reports, enforcing policies automatically and more.
An integral part of your software development environment, WhiteSource guarantees the continuity and integrity of open source management and reduces respective risks. WhiteSource provides a complete solution that supports all programming languages. The solution seamlessly plugs into all popular build tools.
Crowne Plaza Times Square
1605 Broadway, New York, NY
Room Rate:
$319per night plus tax
Onsite Questions
Are the presentations available for viewing after the Forum?
All roundtable sessions will be available after the Forum. Many presentations are uploaded to the Mobile App prior to the Forum.
Does IANS provide a Mobile App?
The IANS Information Security Forum App will be available 1 week prior to the event. To download the Mobile App go to the App Store or Google Play Store on your device and search IANS.
How can I promote my involvement with the event?
Please share your thoughts and excitement using our event hashtags found at the top of this page.
How can I submit my feedback on the Forum?
We encourage you to fill out our general survey located in the middle of your program. Please drop off your survey at the registration desk before you leave.
Is there free Wi-Fi onsite?
Free Wi-Fi will be provided throughout the Forum in conference areas.
What can I expect when I attend an IANS event?
When attending an IANS Information Security Forum, you will have the opportunity to take part in technical and strategic Roundtable sessions that discuss the latest issues and trends found in the market. These Roundtable discussions are led by IANS Faculty who are also long-time information security practitioners. You will also have the chance to network with industry peers and learn about the newest technologies and services during any one of our Technology Spotlight sessions.
What is the best way to stay updated before and during the Forum?
For all updates please download the IANS Mobile App or follow us on Twitter.
Where do I pick up my badge and registration material?
Your badge and registration materials will be available to pick-up at the registration desk. Registration starts at 7:30am.
Will there be opportunities to network with peers and sponsors?
There will be chances to network with your peers during the lunches, breaks and the networking reception at the end of day one.
Sponsorship Questions
Are there still sponsorship opportunities?
Please contact Eric Bartczak at sponsorships@iansresearch.com for more information.
Will there be opportunities to network with peers and sponsors?
IANS offers a Silver, Gold and Platinum level sponsorship. Please visit the Event Sponsors Page for more information.
Registration Questions
Can I earn continuing education credits for attending the forum?
Attendees may earn up to 16 credits through our partnership with (ISC)2. Attendees must check in at registration each morning to receive their 8 credits for Day 1 and Day 2. Attendees will receive a Certificate of Completion one week after the forum concludes for any other certification needs. If you have provided IANS with your CISSP # during the registration process then we will automatically submit to (ISC)2.
What is the registration fee?
The Forum is complimentary and open to active Information Security Professionals from private and public sector corporations and organizations.
What time does the Forum begin and end?
The Forum officially begins on Day 1 at 7:30am and ends on Day 2 at 4:40pm.
What's the registration deadline?
You can register for and IANS event up to the day of the event.General Information
Cancellations
IANS requests that cancellations please be submitted two weeks prior to a Forum. Reserved seats are limited.
Hotel Cancellations
If you have booked a hotel room with IANS during the registration process or you have reached out to an IANS team member regarding booking a room, please note our venues have a cancellation policy of 48 hours. If you do not cancel your reservation through your online registration or in writing to IANS, you will be charged for the night(s) in which you have failed to cancel.
Terms and Conditions
This Forum is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Forum to any entity or individual. Attendance to the Forum is complimentary and open to active information security professionals from private and public-sector corporations and organizations.
Individuals from information security solution providers (software, hardware, and consulting companies) are not eligible to attend unless affiliated with a sponsoring organization.
IANS reserves the right to share attendee contact information with event sponsors and other attendees. IANS will provide on-site opt-out forms that enable you to remove your contact information from being shared as described herein. No contact information will be shared prior to the event.
Photography, Audio & Video Recording
IANS Forums are held in a public venue; therefore, IANS does not prohibit participants, sponsors, or other companies from photographing or taking videos. IANS reserves the right to use images taken at IANS Forums with your photograph and/or likeness in marketing materials.
IANS Code of Conducts
IANS is committed to providing a harassment-free conference experience for all attendees, sponsors, speakers and staff regardless of gender, sexual orientation, disability, physical appearance, national origin, ethnicity, political affliction or religion.
IANS expects all participants to behave in a professional manner. IANS will not condone any form of sexual language and imagery, verbal threats or demands, offensive comments, intimidation, stalking, sustained disruption of session or events, inappropriate physical contract, and unwelcomed sexual attention.
If any form of written, social media, verbal, or physical harassment is reported, participant will be asked to stop and expected to comply immediately. Offender will be subject to expulsion from the conference.
If you are being harassed or notice someone being harassed, please contact the event staff. In the event of an emergency situation, please contact local authorities immediately.
We expect participants to follow these rules at all event venues and event-related social activities.
Housing & Travel Questions
How can I book a hotel room?
All hotel requests must be made through the registration site.
How can I cancel my hotel reservation?
Most of our hotel venues have a 72 hour cancellation policy. You must cancel by contacting one of the IANS team members or through the online registration. If you fail to do so you will be charged for the night(s) in which you have failed to cancel.
Is parking provided?
IANS does not cover any parking.
What hotel accommodations are available during the Forum?
IANS provides a room block for forum events. There will be a limited number of rooms available at the discounted rate.
Will I receive a hotel confirmation number?
You will receive a hotel confirmation number 2 weeks prior to the Forum.
