2019 Charlotte
Information Security Forum

#IANSCharlotte #IANSEvents

September 25 - 26, 2019
Charlotte Convention Center, 501 South College Street, Charlotte, NC

The IANS 2019 Charlotte Information Security Forum delivers an immersive curriculum with 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers. Attend the two-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise security leaders. Network with peers to benchmark your information security practices and engage with IANS Faculty during interactive sessions.

Let your colleagues know you're coming!

This event has ended.

Check out our other upcoming events!

View All Events

DAY 1

7:30 AM - 8:30 AM

Registration & Breakfast

Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
8:30 AM - 8:45 AM

IANS Welcome and Perspective

Come join us as we welcome you to the Forum.
Kecia Heidebrecht

Kecia Heidebrecht

Bank of America, Global Information Security (GIS) Cyber Security Technology (CST) Chief Operating Officer (COO)

Ms Heidebrecht joined Bank of America in 2006 (part of LaSalle Bank / ABN AMRO). She worked on the LaSalle Bank transition, Prime Brokerage divestiture, and the Merrill Lynch transition, as an information security project manager. Ms Heidebrecht moved into Global Business Continuity and Recovery (GBCR) in 2009 where she managed business continuity risk and controls, working to establish critical governance oversight and risk routines. In 2012, she joined the newly created Business Controls Monitoring and Readiness (BCMR) organization as the Executive overseeing business continuity, vendor management, change process, data management, and records retention functions. In 2015, Ms Heidebrecht joined Global Compliance as the Horizontal Technology Compliance Executive responsible for technology regulations oversight. She joined GIS in 2018 as COO for the Business Information Security Officer (BISO) organization and as the Chicago Site Executive responsible for the development and growth of the Chicago workforce. In April 2019, she assumed COO responsibility for the Cyber Security Technology (CST) organization and is responsible for running CST operations.

Ms Heidebrecht received her Bachelors of Administration from University of Illinois at Chicago with a degree in Communication and graduated with honors.

Ms Heidebrecht resides in Charlotte, NC.

Phil Gardner

Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

8:45 AM - 9:30 AM

Scaling a World-Class, Diverse InfoSec Team: A Keynote Conversation with BofA’s Kecia Heidebrecht

with Kecia Heidebrecht and Phil Gardner Bank of America’s Global Information Security (GIS) program is world-class and diverse with over 2,500 professionals working to protect the bank and its clients. Join Kecia Heidebrecht, BofA’s Cyber Security Technology COO, and IANS' Founder and CEO Phil Gardner for a keynote conversation where Kecia will detail how the bank sources, assesses and hires extraordinary InfoSec talent at scale. Kecia and Phil will also discuss how the bank achieves its diversity and inclusion targets within its aggressive hiring goals.
9:30 AM - 9:50 AM

Tabletop Break

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
9:50 AM - 10:25 AM

Technology Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
mike-rothman

Mike Rothman

IANS Faculty

Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

10:35 AM - 11:10 AM Morning Roundtable How-To Sessions Improve Infrastructure and Ops

IoT: Who Owns Device Risk Management

with Mike Rothman

There’s no clear consensus on who is responsible for managing risks associated with IoT devices in an organization. This session is designed to clear up that confusion. Attendees will learn:

  • Where all the IOT devices are
  • The breakdown of who should be in charge of security risks related to IOT
  • How to assemble a responsibility tree for who does what if an IOT-related compromise happens
joff-thyer

Joff Thyer

IANS Faculty

Joff has 15+ years of experience in the IT industry in roles such as enterprise network architect and network security defender. He has mentored "Intrusion Detection in Depth" and taught "Python for Penetration Testers" for the SANS Institute. Currently Joff is a Researcher and Penetration Tester with Black Hills Information Security (BHIS). He helps lead the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. Joff holds a B.Sc. in Mathematics, an M.Sc. in Computer Science, and holds the GIAC certifications GPEN, GWAPT, and GXPN. In his free time, he is a host on the Security Weekly podcast and contributes to open-source projects.

Protect Applications and Data

Hybrid Web App Pen Testing

with Joff Thyer

Companies do not know whether to do manual or automated web app pen testing, or to go with the hybrid approach. To help find answers, this session will explore:

  • How the hybrid approach marks an improvement over the traditional approach
  • The limits of an automation-only approach
  • What you need in a toolkit -- examples: PortSwigger’s Burp Suite Pro (commercial), OWASP Zed Attack Proxy (open source)
  • The ideal testing methodology
jason-gillam

Jason Gillam

IANS Faculty

Jason has over 20 years of industry experience including software design, architecture, and security testing. He graduated from Royal Military College of Canada where he earned his Bachelor of Engineering. Jason was the tech lead for Bank of America's Security by Design team for several years, and is currently a Senior Security Consultant at Secure Ideas, LLC. He is author of many extensions for Burp Suite, and is a contributor to several other projects including SamuraiWTF, MobiSec, and Laudanum. Jason has spoken multiple events including BSides and ISSA Charlotte.

Improve Infrastructure and Ops

DevSecOps Business Cases

with Jason Gillam

Companies still struggle to get developers and security on the same page. They need case studies to show them where and how DevSecOps successes have happened. To that end, this session explores:

  • Case studies of DevSecOps done right
  • How to measure your maturity for DevSecOps -- Phase 1 to Phase 5, for example
  • How to put the “Shift Left” DevSecOps workflow in place
  • How DevSecOps leads to more secure cloud deployments
  • How to use DevSecOps to improve security in IoT technology when they are at the development stage
mike-saurbaugh

Mike Saurbaugh

IANS Faculty

Mike is the Director of Technical Alliances with Cofense, (formerly, PhishMe). Prior to Cofense, Mike spent nearly two decades in financial services and was the head of information security for 12 years as well as having led IT operations. Mike was involved from the onset with Security Current when it launched and served as the research director leading a number of strategic projects for global security vendors and CISOs. Also, Mike is a mentor with Queen City Fintech, in Charlotte, NC, and has a security consulting LLC where he conducts independent advisory and risk assessment engagements. Mike holds a Master's of Science in Information Assurance from Walsh College and is a member of two college information security curriculum advisory committees. In his free time, he loves to spend time with his wife and two daughters, workout, drive his Jeep Wrangler, and cook for those who love great food and drinks.

Detect, Respond and Recover

Phishing and Social Engineering: New Solutions to an Old Problem

with Mike Saurbaugh

Phishing is an old social engineering technique and organizations have certainly tried to make employees aware of email links they shouldn’t open. But phishing remains a highly successful technique for the bad guys. So what do we keep doing wrong? This session explores:

  • New phishing security tools that may help
  • What organizations can do to enhance security awareness among employees
11:20 AM - 11:55 AM

Technology Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
JP Blaho

JP Blaho

Arbor Networks, Market Insights leader

John Paul (JP) Blaho currently leads the Market Insights group for Arbor Networks, and is a seasoned Product and Solutions professional with more than 15 years in the product and services marketing aresin IT.With eight years focused specifically on network security solutions, JP has developed a focus on understanding the buyer journey for Enterprises and identify the unique personas who engage in making complex IT security assessment and purchase decisions. Mr. Blaho has worked for leading security and services organizations such as Sungard Availability Services, Blue Coat Systems, Teradyne, and IBM Security.

JP received his BS degree from Bethany College in Bethany, West Virginia, and received his MBA from Northeastern University’s D’Amore-McKim School of Business in Boston, Massachusetts.

12:00 PM - 12:50 PM

Lunch & Sponsor Keynote: Visibility Without Borders: Building a Security Posture to Stop Attacks Closer to the Source

with JP Blaho

Network and Security Operations teams need high fidelity data to analyze. These same teams struggle to correlate the data they ingest to draw connections between server and network or application and device

Disparate applications, infrastructures and security platforms have exacerbated this problem. Couple this with network growth and limited IT resources, and you can see the importance of automation and better data analysis. In this session, we will discuss the importance of true network and data visibility, and how it can move the defense posture out from the edge and closer to the source of the attack.

bill-dean

Bill Dean

IANS Faculty

Bill is a Senior Manager in LBMC’s Information Security Services division and is responsible for incident response, digital forensics, electronic discovery and overall litigation support. Bill has more than 20 years of information technology experience with a specialty in information security and digital forensics for the past 10 years. Prior to LBMC, he served as the Director of Security Assessments and Digital Forensics for Sword & Shield Enterprise Security Inc. Bill was also the founder of Forensic Discoveries, before merging with Sword & Shield Enterprise Security and served as a senior security analyst responsible for information security for a large healthcare organization. In these roles, he was responsible for digital forensics to support litigation, incident response services, penetration testing, and overall security defense posture. Bill's roles have included delivering penetration testing and incident response services to companies around the world. Additionally, he consults with organizations of all sizes in security topics related to endpoint protection, vulnerability assessments, network forensics, incident response and overall hardening and monitoring of infrastructures. Lastly, Bill conducts digital forensic investigations and electronic discovery services to support litigation efforts. In these roles, he has been qualified as an expert witness in Federal Courts and Tennessee State Courts. Bill is a frequent speaker and published author on the topics of computer security, digital forensics and electronic discovery for numerous legal and technical associations. Additionally, Bill is a Certified Computer Examiner (CCE), GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN) and GIAC Certified Forensic Analyst (GCFA). He is also an active member of the International Society for Forensic Computer Examiners and InfraGard Board member. Bill holds an A.S. in Computer Science from Walters State Community College and a BS in Information Technology from Information Technology.

1:00 PM - 2:15 PM Afternoon Roundtable Workshop Sessions Detect, Respond and Recover

Insider Threats

with Bill Dean

Companies are usually unaware that a malicious insider is up to no good in their networks until it’s too late. They need help knowing how to identify early red flags. To that end, this session will explore:

  • Early red flags to look for
  • Security controls you can put in place to detect and prevent insider threat activity
  • Top insider threat monitoring solutions, their strengths and weaknesses
  • Detection tool essentials
teri-radichel

Teri Radichel

IANS Faculty

Teri Radichel was on the original team that helped Capital One, the first major US Bank to use AWS, move production workloads to the cloud. She then architected a SAAS IOT solution for firewalls connecting to the cloud for a security vendor. She also led a cloud team of 30 people and delivered a secure CI/CD pipeline based on her white paper, Balancing Security and Innovation with Event Driven Automation. Now she focuses on training, penetration testing, and cloud security assessments. She also enjoys security research and writing. You can find her articles in publications like Dark Reading, Infosecurity Magazine, and her cloud security blog. Teri has presented on cloud security at conferences like RSA, AWS re:Invent, Countermeasure IT, SANS Networking, SANS Cloud Summit, and BSides. She is an AWS Hero and runs the Seattle AWS Architects and Engineers meetup which has almost 3,000 members. She received the 2017 SANS Differences Makers Award and was on the initial SANS cloud security curriculum advisory board. She now offers training through IANS Summits and other venues. Cybersecurity certifications: GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN

Secure the Cloud

Adapting the SOC to a Cloud Environment

with Teri Radichel

Security Operations Centers remain rooted in the same tech, procedures and mindsets that existed before the cloud. They need to adapt to life in the cloud, and this session will explore how to get there. Issues addressed include:

  • How an old-world SOC differs from one in the cloud
  • Changes you need to make with your SOC
  • How to make that transition without dropping the ball in either world
  • Skills that need to be picked up in the new cloud-based SOC
  • Examples of cloud detection and response
jason-gillam

Jason Gillam

IANS Faculty

Jason has over 20 years of industry experience including software design, architecture, and security testing. He graduated from Royal Military College of Canada where he earned his Bachelor of Engineering. Jason was the tech lead for Bank of America's Security by Design team for several years, and is currently a Senior Security Consultant at Secure Ideas, LLC. He is author of many extensions for Burp Suite, and is a contributor to several other projects including SamuraiWTF, MobiSec, and Laudanum. Jason has spoken multiple events including BSides and ISSA Charlotte.

Secure the Cloud

Choosing a Cloud Provider

with Jason Gillam

There are too many vendors, an over-saturated market and confusion over the security requirements that truly matter vs. the vendor fluff. In this session, you’ll learn how cut through the confusion and address:

  • What the cloud provider landscape look like
  • When to go with a big player as opposed to smaller players
  • Questions you should ask internally before looking at potential providers
  • The right (or wrong) questions to ask prospective cloud providers
joff-thyer

Joff Thyer

IANS Faculty

Joff has 15+ years of experience in the IT industry in roles such as enterprise network architect and network security defender. He has mentored "Intrusion Detection in Depth" and taught "Python for Penetration Testers" for the SANS Institute. Currently Joff is a Researcher and Penetration Tester with Black Hills Information Security (BHIS). He helps lead the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. Joff holds a B.Sc. in Mathematics, an M.Sc. in Computer Science, and holds the GIAC certifications GPEN, GWAPT, and GXPN. In his free time, he is a host on the Security Weekly podcast and contributes to open-source projects.

Improve Infrastructure and Ops

Bringing Red/Blue/Purple Teaming into Balance

with Joff Thyer

Your Red Team does one thing, your Blue Team does the other, and they don’t talk. Companies struggle to get them on the same page and achieve the true value of these exercises. What to do? This session will explore:

  • The most valuable KPIs to use for these activities
  • How to use automation testing to test the effectiveness of a response during an exercise
  • How to leverage balanced scorecards for direct tracking of capabilities
2:25 PM - 3:00 PM

Technology Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
3:00 PM - 3:20 PM

Tabletop Break

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
3:20 PM - 3:55 PM

Technology Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
bill-dean

Bill Dean

IANS Faculty

Bill is a Senior Manager in LBMC’s Information Security Services division and is responsible for incident response, digital forensics, electronic discovery and overall litigation support. Bill has more than 20 years of information technology experience with a specialty in information security and digital forensics for the past 10 years. Prior to LBMC, he served as the Director of Security Assessments and Digital Forensics for Sword & Shield Enterprise Security Inc. Bill was also the founder of Forensic Discoveries, before merging with Sword & Shield Enterprise Security and served as a senior security analyst responsible for information security for a large healthcare organization. In these roles, he was responsible for digital forensics to support litigation, incident response services, penetration testing, and overall security defense posture. Bill's roles have included delivering penetration testing and incident response services to companies around the world. Additionally, he consults with organizations of all sizes in security topics related to endpoint protection, vulnerability assessments, network forensics, incident response and overall hardening and monitoring of infrastructures. Lastly, Bill conducts digital forensic investigations and electronic discovery services to support litigation efforts. In these roles, he has been qualified as an expert witness in Federal Courts and Tennessee State Courts. Bill is a frequent speaker and published author on the topics of computer security, digital forensics and electronic discovery for numerous legal and technical associations. Additionally, Bill is a Certified Computer Examiner (CCE), GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN) and GIAC Certified Forensic Analyst (GCFA). He is also an active member of the International Society for Forensic Computer Examiners and InfraGard Board member. Bill holds an A.S. in Computer Science from Walters State Community College and a BS in Information Technology from Information Technology.

4:05 PM - 4:40 PM Afternoon Roundtable How-To Sessions Detect, Respond and Recover

The Changing Face of Ransomware

with Bill Dean

Ransomware continues to be a significant problem for many organizations, and it has shown a ferocious ability to evolve. One reason is ransomware as a service, where people with little skill can buy ransomware-making kits online. This session explores:

  • Ways ransomware has evolved in the last 6-12 months
  • What ransomware as a service looks like and why it’s such a problem
  • What vendors are doing to get ahead of the bad guys
teri-radichel

Teri Radichel

IANS Faculty

Teri Radichel was on the original team that helped Capital One, the first major US Bank to use AWS, move production workloads to the cloud. She then architected a SAAS IOT solution for firewalls connecting to the cloud for a security vendor. She also led a cloud team of 30 people and delivered a secure CI/CD pipeline based on her white paper, Balancing Security and Innovation with Event Driven Automation. Now she focuses on training, penetration testing, and cloud security assessments. She also enjoys security research and writing. You can find her articles in publications like Dark Reading, Infosecurity Magazine, and her cloud security blog. Teri has presented on cloud security at conferences like RSA, AWS re:Invent, Countermeasure IT, SANS Networking, SANS Cloud Summit, and BSides. She is an AWS Hero and runs the Seattle AWS Architects and Engineers meetup which has almost 3,000 members. She received the 2017 SANS Differences Makers Award and was on the initial SANS cloud security curriculum advisory board. She now offers training through IANS Summits and other venues. Cybersecurity certifications: GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN

Improve Infrastructure and Ops

Bug Bounties: Do-it-Yourself vs Crowdsourcing

with Teri Radichel

Companies face challenges with how to run an effective bug bounty program and oftentimes don’t know whether to do it in-house or through crowdsourcing. This session addresses ways to move forward by exploring:

  • How bug bounty programs translate into cost savings
  • At what maturity level you should be at before taking on this challenge in-house
  • The fundamentals for putting an internal program together
  • The pros and cons of such outsourced services as those provided by Bugcrowd and HackerOne
mike-rothman

Mike Rothman

IANS Faculty

Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

Detect, Respond and Recover

How to Fill SIEM Gaps with UEBA/SOAR

with Mike Rothman

Organizations want their SIEM to alert them in real time, but that’s not happening. Instead, their SIEM only helps determine how a breach occurred after the fact. Practitioners have heard that UEBA and SOAR can be used to overcome the limits of their current SIEM set up, but they seek concrete answers about how it all works and what kind of training and investments are required. In this session, attendees will learn:

  • The specific actions they must take in order to fully understand where their SIEM is hitting the wall
  • A list of ways to tell if their MSSP is properly goaled/resourced/qualified to correlate and alert in real time
  • A clearer understanding of the small and well-defined situations AI/ML is best suited for
joff-thyer

Joff Thyer

IANS Faculty

Joff has 15+ years of experience in the IT industry in roles such as enterprise network architect and network security defender. He has mentored "Intrusion Detection in Depth" and taught "Python for Penetration Testers" for the SANS Institute. Currently Joff is a Researcher and Penetration Tester with Black Hills Information Security (BHIS). He helps lead the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. Joff holds a B.Sc. in Mathematics, an M.Sc. in Computer Science, and holds the GIAC certifications GPEN, GWAPT, and GXPN. In his free time, he is a host on the Security Weekly podcast and contributes to open-source projects.

Protect Applications and Data

Getting Control of Container Security

with Joff Thyer

Fortune 1000 problem: Companies spin up containers quickly, then set them loose with no security due diligence. It’s a process problem as much as a technology issue. Questions to address:

  • How can a company create a more deliberate process to determine when containers are necessary?
  • What is some specific automation or orchestration tools? (Docker Swarm, Kubernates)
  • How does one optimize such tools as AppArmor and SELinuxbecause to prevents a misconfiguration or bug at the container daemon level?
  • What is Docker Notary and how can it add a layer of trust?
  • What are some of the more recent attacks to exploit unsecured containers?
4:45 PM - 5:45 PM

Networking Reception

Come network with your peers! Hors d'eouvres and cocktails will be served!

DAY 2

mike-saurbaugh

Mike Saurbaugh

IANS Faculty

Mike is the Director of Technical Alliances with Cofense, (formerly, PhishMe). Prior to Cofense, Mike spent nearly two decades in financial services and was the head of information security for 12 years as well as having led IT operations. Mike was involved from the onset with Security Current when it launched and served as the research director leading a number of strategic projects for global security vendors and CISOs. Also, Mike is a mentor with Queen City Fintech, in Charlotte, NC, and has a security consulting LLC where he conducts independent advisory and risk assessment engagements. Mike holds a Master's of Science in Information Assurance from Walsh College and is a member of two college information security curriculum advisory committees. In his free time, he loves to spend time with his wife and two daughters, workout, drive his Jeep Wrangler, and cook for those who love great food and drinks.

3:30 AM - 4:30 PM Afternoon Roundtable How-To Sessions Advance Your Team

Case Study: Building a Better Security Culture

with Mike Saurbaugh

Companies struggle to find a successful recipe for their security culture and need a concrete example of what another company has done to get it right. This session will offer:

  • A case study for a company that has succeeded in growing a true security culture
  • Three things you can do to change that trajectory and actually make your program effective
  • Ways to expand the team with non-traditional security staff (i.e. ambassadors/champions)
teri-radichel

Teri Radichel

IANS Faculty

Teri Radichel was on the original team that helped Capital One, the first major US Bank to use AWS, move production workloads to the cloud. She then architected a SAAS IOT solution for firewalls connecting to the cloud for a security vendor. She also led a cloud team of 30 people and delivered a secure CI/CD pipeline based on her white paper, Balancing Security and Innovation with Event Driven Automation. Now she focuses on training, penetration testing, and cloud security assessments. She also enjoys security research and writing. You can find her articles in publications like Dark Reading, Infosecurity Magazine, and her cloud security blog. Teri has presented on cloud security at conferences like RSA, AWS re:Invent, Countermeasure IT, SANS Networking, SANS Cloud Summit, and BSides. She is an AWS Hero and runs the Seattle AWS Architects and Engineers meetup which has almost 3,000 members. She received the 2017 SANS Differences Makers Award and was on the initial SANS cloud security curriculum advisory board. She now offers training through IANS Summits and other venues. Cybersecurity certifications: GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN

Secure the Cloud

Security Tools for a Multi-Platform Cloud Environment

with Teri Radichel

It's difficult to choose and implement security tools that scale in an environment where multiple platforms have different settings, features and requirements. This session will address the technical remedies, including:

  • Differences to accounted for between one platform and the next during tool selection
  • Different vendor and tool categories and how do they compare
  • Pros and cons of multi-cloud access brokers?
mike-rothman

Mike Rothman

IANS Faculty

Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

Improve Infrastructure and Ops

Vendor Optimization: Thinning the Herd

with Mike Rothman

There are too many security vendors that have expanded offerings in a way that has created a lot of overlap and complexity within Fortune 1000 companies’ environments. This session will explore:

  • How to do an assessment and logically start pruning your stack
  • How one tool can replace several others without loss of functionality or controls coverage
  • The most important questions to ask your existing and prospective vendors in order to determine where the overlap exists
  • Specific examples of what you can kill?
  • Integrations between products that currently exist but are not being leveraged
bill-dean

Bill Dean

IANS Faculty

Bill is a Senior Manager in LBMC’s Information Security Services division and is responsible for incident response, digital forensics, electronic discovery and overall litigation support. Bill has more than 20 years of information technology experience with a specialty in information security and digital forensics for the past 10 years. Prior to LBMC, he served as the Director of Security Assessments and Digital Forensics for Sword & Shield Enterprise Security Inc. Bill was also the founder of Forensic Discoveries, before merging with Sword & Shield Enterprise Security and served as a senior security analyst responsible for information security for a large healthcare organization. In these roles, he was responsible for digital forensics to support litigation, incident response services, penetration testing, and overall security defense posture. Bill's roles have included delivering penetration testing and incident response services to companies around the world. Additionally, he consults with organizations of all sizes in security topics related to endpoint protection, vulnerability assessments, network forensics, incident response and overall hardening and monitoring of infrastructures. Lastly, Bill conducts digital forensic investigations and electronic discovery services to support litigation efforts. In these roles, he has been qualified as an expert witness in Federal Courts and Tennessee State Courts. Bill is a frequent speaker and published author on the topics of computer security, digital forensics and electronic discovery for numerous legal and technical associations. Additionally, Bill is a Certified Computer Examiner (CCE), GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN) and GIAC Certified Forensic Analyst (GCFA). He is also an active member of the International Society for Forensic Computer Examiners and InfraGard Board member. Bill holds an A.S. in Computer Science from Walters State Community College and a BS in Information Technology from Information Technology.

Detect, Respond and Recover

New Threat Hunting Techniques

with Bill Dean

Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It’s time to get proactive – and that’s where threat hunting comes into play. This session explores the latest techniques in that area, and how to:

  • Position hunt teams to directly increase the overall maturity (and ROI) of their monitoring and detection capabilities
  • Detect abnormal patterns of behavior
8:00 AM - 8:45 AM

Registration & Breakfast

Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
Stephen Clark

Major General Stephen Clark

Major General, United States Air Force (Retired)

Stephen recently retired from the Air Force after 32 years of dedicated service. He now serves on the Board of Directors of the Jack and Jill Late Stage Cancer Foundation (JAJF.org) treating the families not the cancer, as well as Education Services of America (ESA), dba EdSouth/Services, a non-profit financial holding company focused on expanding educational opportunities and financial literacy. Stephen also owns his own consulting company (Stephen Clark Consulting LLC) focused on corporate leadership, crisis leadership, strategic planning, national security and public speaking.

Prior to his retirement Stephen was the Director of Programs for the United States Air Force overseeing the development, justification, and consolidation of the Air Forces five year financial plan totaling over $750B in resources and manpower. Previously, he served as the Director of Plans, Programs, Requirements, and Manpower for the United States Special Operations Command where he oversaw the development and consolidation of the Special Operations five year plan integrating the plans of USSOCOM’s five component commands. Stephen also served as the Deputy Commanding General of the Joint Special Operations Command where he helped lead global operations in support of regional commanders. Stephen has commanded at the Squadron, Group and Wing level. During his command of the 27th Special Operations Wing he was responsible for over 4000 Airmen, Civilians and their families, $15B worth of infrastructure and aircraft, a multi year construction program worth $1.5B, the operations of a military base, airfield, training range, and the execution of over 5000 combat hours. He has accumulated years of deployments to combat operations in Bosnia, Somalia, Haiti, Afghanistan and Iraq and participating in some of the nations most time sensitive operations.

Clark earned his bachelor’s degree in Political Science from the University of Tennessee, Masters in Public Administration from Troy State, Masters in National Security from the Naval War College, and was a Defense Fellow at Harvards Weatherhead Center for International Relations. Stephen is a command pilot with over 3300 hours primarily in the AC-130H/U gunship. Stephen is a member of the National Association of Corporate Directors and the Great Falls Rotary Club. He is an avid cyclist, skier, and enjoys fly fishing. Stephen and his wife Cynthia have two grown daughters Shelby and Sydney, and reside in Herndon, Virginia.

8:45 AM - 9:30 AM

Leadership…A Human Endeavor: Observations from 32 Years in the Air Force and Joint Special Operations Community

with Major General Stephen Clark

After an extensive career in military leadership positions, Major General Stephen Clark knows there's a compelling distinction between a quality manager and a high-performing leader. At their extremes, people are compelled to follow managers because they have to, while they willingly follow leaders because they want to.

As such, highly effective leaders understand that true leadership is a human endeavor and requires understanding the aspirations, motivations and abilities of individuals and the development of an empathetic relationship. At the core of servant leadership is the belief that if we take care of our people, they will take care of the business. Key to building relationships is the ability to clearly communicate the vision, values and limitations that we expect our businesses to operate within through actions, words and behavior. Making the transition from manager to leader is a journey of experience, learning, failure and introspection…along with a heavy dose of courage and humility.

9:40 AM - 10:15 AM

Technology Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
10:25 AM - 11:00 AM

Technology Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
11:00 AM - 11:20 AM

Tabletop Break

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
mike-saurbaugh

Mike Saurbaugh

IANS Faculty

Mike is the Director of Technical Alliances with Cofense, (formerly, PhishMe). Prior to Cofense, Mike spent nearly two decades in financial services and was the head of information security for 12 years as well as having led IT operations. Mike was involved from the onset with Security Current when it launched and served as the research director leading a number of strategic projects for global security vendors and CISOs. Also, Mike is a mentor with Queen City Fintech, in Charlotte, NC, and has a security consulting LLC where he conducts independent advisory and risk assessment engagements. Mike holds a Master's of Science in Information Assurance from Walsh College and is a member of two college information security curriculum advisory committees. In his free time, he loves to spend time with his wife and two daughters, workout, drive his Jeep Wrangler, and cook for those who love great food and drinks.

11:20 AM - 12:50 PM Morning Roundtable How-To Sessions Detect, Respond and Recover

Breaking a Failed Vulnerability Management Cycle

with Mike Saurbaugh

Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right. This session will explore:

  • Particular tools you should be using to create more automation
  • How to use automation to move through the flaw finding and patching process more quickly
  • Which companies have taken this to the next level
  • What they did to move past the struggle most still find themselves in
  • What the Vulnerability Management Process Workflow is and how will it help
  • How can organizations can ensure data within their SQL Server, DB2 and Oracle databases are secure?
  • Besides Shodan, some other tools that will cast a wider net for vulnerabilities
teri-radichel

Teri Radichel

IANS Faculty

Teri Radichel was on the original team that helped Capital One, the first major US Bank to use AWS, move production workloads to the cloud. She then architected a SAAS IOT solution for firewalls connecting to the cloud for a security vendor. She also led a cloud team of 30 people and delivered a secure CI/CD pipeline based on her white paper, Balancing Security and Innovation with Event Driven Automation. Now she focuses on training, penetration testing, and cloud security assessments. She also enjoys security research and writing. You can find her articles in publications like Dark Reading, Infosecurity Magazine, and her cloud security blog. Teri has presented on cloud security at conferences like RSA, AWS re:Invent, Countermeasure IT, SANS Networking, SANS Cloud Summit, and BSides. She is an AWS Hero and runs the Seattle AWS Architects and Engineers meetup which has almost 3,000 members. She received the 2017 SANS Differences Makers Award and was on the initial SANS cloud security curriculum advisory board. She now offers training through IANS Summits and other venues. Cybersecurity certifications: GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN

Detect, Respond and Recover

Cryptojacking & Cryptocurrency Mining: Defensive Measures

with Teri Radichel

Cryptojacking malware and crypto mining are eating AWS resources, tying up CPU capacity and costing money. This session will help you fight back by exploring:

  • How to tell if cryptomining malware is in the system
  • How to get the malware out of your systems
  • How to keep it out
  • The most prolific cryptocurrency-based attacks targeting companies
  • How this malware differs from others, such as worms, ransomware and Trojans
mike-rothman

Mike Rothman

IANS Faculty

Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

Detect, Respond and Recover

Deception and Honeypots

with Mike Rothman

Companies struggle enough with basic security tasks and don’t truly know if deception/honeypots are worth trying or if they would provide the adequate ROI. To help them reach a better place, this session will explore:

  • What level of operational maturity one must have for honeypots/deception to make sense?
  • How to find balance when it comes to how many doors to leave open for snoopers and would-be thieves
  • The latest honeypot/deception technologies worth deploying
  • The management/technology overhang associated with them?
  • Buying versus building
jason-gillam

Jason Gillam

IANS Faculty

Jason has over 20 years of industry experience including software design, architecture, and security testing. He graduated from Royal Military College of Canada where he earned his Bachelor of Engineering. Jason was the tech lead for Bank of America's Security by Design team for several years, and is currently a Senior Security Consultant at Secure Ideas, LLC. He is author of many extensions for Burp Suite, and is a contributor to several other projects including SamuraiWTF, MobiSec, and Laudanum. Jason has spoken multiple events including BSides and ISSA Charlotte.

Secure the Cloud

Multi-Cloud Deployments: People, Process, Technology

with Jason Gillam

The process to align controls, capabilities and governance is a mess, with misaligned team reporting structures and central management that fails to span environments. This session will explore:

  • How to compare/contrast controls between multiple PaaS/IaaS environments
  • How to evolve Identity and Access Management for multi-cloud deployments
  • Which controls lend themselves to centralization and multiple cloud environments
  • How to adapt governance, risk assessment and critical security processes for multi-cloud deployments
Bruce Hembree

Bruce Hembree

Palto Alto Networks, Cortex Security Architect for North and South America

Bruce Hembreeis the Palo Alto Networks Cortex Security Architect for North and South America. Prior to Palo Alto Networks Bruce has worked extensively with the Department of Defense and served as Security Operations Manager at the Microsoft Digital Crimes Unit (DCU). The DCU works with law enforcement agencies like the FBI, Scotland Yard, Interpol, and foreign and domestic government agencies doing offensive take-downs of global Internet threats, online organized crime, botnets such as Citadel, Conficker, Rustock amongothers, and disruption of child pornography distribution. Bruce is a veteran of the United States Air Force and spent two years deployed to active conflict areas in support of global anti-terrorism efforts.

12:50 PM - 1:40 PM

Lunch & Sponsor Keynote: Hunting and Investigating Advanced Persistent Threats (APTs)

with Bruce Hembree

Sophisticated attackers are responsible for some of the worst information security breaches in history. These Advanced Persistent Threats are the most concerning threats information security professionals can face. This session will:

  • Discuss APT Tools, Techniques and Processes and how to hunt for them
  • Detail best and worst practices while defending against these attackers
  • Provide the ins and outs of the opensource tools you need in your kit, and how to use them
1:50 PM - 2:25 PM

Technology Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
2:35 PM - 3:10 PM

Technology Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
4:20 PM - 4:35 PM

Closing Ceremonies

Join us for closing remarks and the chance to win prizes!

2019 Charlotte Speakers

JP Blaho

JP Blaho

Arbor Networks, Market Insights leader

John Paul (JP) Blaho currently leads the Market Insights group for Arbor Networks, and is a seasoned Product and Solutions professional with more than 15 years in the product and services marketing aresin IT.With eight years focused specifically on network security solutions, JP has developed a focus on understanding the buyer journey for Enterprises and identify the unique personas who engage in making complex IT security assessment and purchase decisions. Mr. Blaho has worked for leading security and services organizations such as Sungard Availability Services, Blue Coat Systems, Teradyne, and IBM Security.

JP received his BS degree from Bethany College in Bethany, West Virginia, and received his MBA from Northeastern University’s D’Amore-McKim School of Business in Boston, Massachusetts.

Presentations
  • Lunch & Sponsor Keynote: Visibility Without Borders: Building a Security Posture to Stop Attacks Closer to the SourceDAY 112:00 PM - 12:50 PM
Stephen Clark

Major General Stephen Clark

Major General, United States Air Force (Retired)

Stephen recently retired from the Air Force after 32 years of dedicated service. He now serves on the Board of Directors of the Jack and Jill Late Stage Cancer Foundation (JAJF.org) treating the families not the cancer, as well as Education Services of America (ESA), dba EdSouth/Services, a non-profit financial holding company focused on expanding educational opportunities and financial literacy. Stephen also owns his own consulting company (Stephen Clark Consulting LLC) focused on corporate leadership, crisis leadership, strategic planning, national security and public speaking.

Prior to his retirement Stephen was the Director of Programs for the United States Air Force overseeing the development, justification, and consolidation of the Air Forces five year financial plan totaling over $750B in resources and manpower. Previously, he served as the Director of Plans, Programs, Requirements, and Manpower for the United States Special Operations Command where he oversaw the development and consolidation of the Special Operations five year plan integrating the plans of USSOCOM’s five component commands. Stephen also served as the Deputy Commanding General of the Joint Special Operations Command where he helped lead global operations in support of regional commanders. Stephen has commanded at the Squadron, Group and Wing level. During his command of the 27th Special Operations Wing he was responsible for over 4000 Airmen, Civilians and their families, $15B worth of infrastructure and aircraft, a multi year construction program worth $1.5B, the operations of a military base, airfield, training range, and the execution of over 5000 combat hours. He has accumulated years of deployments to combat operations in Bosnia, Somalia, Haiti, Afghanistan and Iraq and participating in some of the nations most time sensitive operations.

Clark earned his bachelor’s degree in Political Science from the University of Tennessee, Masters in Public Administration from Troy State, Masters in National Security from the Naval War College, and was a Defense Fellow at Harvards Weatherhead Center for International Relations. Stephen is a command pilot with over 3300 hours primarily in the AC-130H/U gunship. Stephen is a member of the National Association of Corporate Directors and the Great Falls Rotary Club. He is an avid cyclist, skier, and enjoys fly fishing. Stephen and his wife Cynthia have two grown daughters Shelby and Sydney, and reside in Herndon, Virginia.

Presentations
  • Leadership…A Human Endeavor: Observations from 32 Years in the Air Force and Joint Special Operations CommunityDAY 28:45 AM - 9:30 AM
bill-dean

Bill Dean

IANS Faculty

Bill is a Senior Manager in LBMC’s Information Security Services division and is responsible for incident response, digital forensics, electronic discovery and overall litigation support. Bill has more than 20 years of information technology experience with a specialty in information security and digital forensics for the past 10 years. Prior to LBMC, he served as the Director of Security Assessments and Digital Forensics for Sword & Shield Enterprise Security Inc. Bill was also the founder of Forensic Discoveries, before merging with Sword & Shield Enterprise Security and served as a senior security analyst responsible for information security for a large healthcare organization. In these roles, he was responsible for digital forensics to support litigation, incident response services, penetration testing, and overall security defense posture. Bill's roles have included delivering penetration testing and incident response services to companies around the world. Additionally, he consults with organizations of all sizes in security topics related to endpoint protection, vulnerability assessments, network forensics, incident response and overall hardening and monitoring of infrastructures. Lastly, Bill conducts digital forensic investigations and electronic discovery services to support litigation efforts. In these roles, he has been qualified as an expert witness in Federal Courts and Tennessee State Courts. Bill is a frequent speaker and published author on the topics of computer security, digital forensics and electronic discovery for numerous legal and technical associations. Additionally, Bill is a Certified Computer Examiner (CCE), GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN) and GIAC Certified Forensic Analyst (GCFA). He is also an active member of the International Society for Forensic Computer Examiners and InfraGard Board member. Bill holds an A.S. in Computer Science from Walters State Community College and a BS in Information Technology from Information Technology.

Presentations
  • Insider ThreatsDAY 11:00 PM - 2:15 PM
  • The Changing Face of RansomwareDAY 14:05 PM - 4:40 PM
  • New Threat Hunting TechniquesDAY 23:30 AM - 4:30 PM
jason-gillam

Jason Gillam

IANS Faculty

Jason has over 20 years of industry experience including software design, architecture, and security testing. He graduated from Royal Military College of Canada where he earned his Bachelor of Engineering. Jason was the tech lead for Bank of America's Security by Design team for several years, and is currently a Senior Security Consultant at Secure Ideas, LLC. He is author of many extensions for Burp Suite, and is a contributor to several other projects including SamuraiWTF, MobiSec, and Laudanum. Jason has spoken multiple events including BSides and ISSA Charlotte.

Presentations
  • DevSecOps Business CasesDAY 110:35 AM - 11:10 AM
  • Choosing a Cloud ProviderDAY 11:00 PM - 2:15 PM
  • Multi-Cloud Deployments: People, Process, TechnologyDAY 211:20 AM - 11:50 PM
Kecia Heidebrecht

Kecia Heidebrecht

Bank of America, Global Information Security (GIS) Cyber Security Technology (CST) Chief Operating Officer (COO)

Ms Heidebrecht joined Bank of America in 2006 (part of LaSalle Bank / ABN AMRO). She worked on the LaSalle Bank transition, Prime Brokerage divestiture, and the Merrill Lynch transition, as an information security project manager. Ms Heidebrecht moved into Global Business Continuity and Recovery (GBCR) in 2009 where she managed business continuity risk and controls, working to establish critical governance oversight and risk routines. In 2012, she joined the newly created Business Controls Monitoring and Readiness (BCMR) organization as the Executive overseeing business continuity, vendor management, change process, data management, and records retention functions. In 2015, Ms Heidebrecht joined Global Compliance as the Horizontal Technology Compliance Executive responsible for technology regulations oversight. She joined GIS in 2018 as COO for the Business Information Security Officer (BISO) organization and as the Chicago Site Executive responsible for the development and growth of the Chicago workforce. In April 2019, she assumed COO responsibility for the Cyber Security Technology (CST) organization and is responsible for running CST operations.

Ms Heidebrecht received her Bachelors of Administration from University of Illinois at Chicago with a degree in Communication and graduated with honors.

Ms Heidebrecht resides in Charlotte, NC.

Presentations
  • Scaling a World-Class, Diverse InfoSec Team: A Keynote Conversation with BofA’s Kecia HeidebrechtDAY 18:45 AM - 9:30 AM
Bruce Hembree

Bruce Hembree

Palto Alto Networks, Cortex Security Architect for North and South America

Bruce Hembreeis the Palo Alto Networks Cortex Security Architect for North and South America. Prior to Palo Alto Networks Bruce has worked extensively with the Department of Defense and served as Security Operations Manager at the Microsoft Digital Crimes Unit (DCU). The DCU works with law enforcement agencies like the FBI, Scotland Yard, Interpol, and foreign and domestic government agencies doing offensive take-downs of global Internet threats, online organized crime, botnets such as Citadel, Conficker, Rustock amongothers, and disruption of child pornography distribution. Bruce is a veteran of the United States Air Force and spent two years deployed to active conflict areas in support of global anti-terrorism efforts.

Presentations
  • Lunch & Sponsor Keynote: Hunting and Investigating Advanced Persistent Threats (APTs)DAY 212:50 PM - 1:40 PM
teri-radichel

Teri Radichel

IANS Faculty

Teri Radichel was on the original team that helped Capital One, the first major US Bank to use AWS, move production workloads to the cloud. She then architected a SAAS IOT solution for firewalls connecting to the cloud for a security vendor. She also led a cloud team of 30 people and delivered a secure CI/CD pipeline based on her white paper, Balancing Security and Innovation with Event Driven Automation. Now she focuses on training, penetration testing, and cloud security assessments. She also enjoys security research and writing. You can find her articles in publications like Dark Reading, Infosecurity Magazine, and her cloud security blog. Teri has presented on cloud security at conferences like RSA, AWS re:Invent, Countermeasure IT, SANS Networking, SANS Cloud Summit, and BSides. She is an AWS Hero and runs the Seattle AWS Architects and Engineers meetup which has almost 3,000 members. She received the 2017 SANS Differences Makers Award and was on the initial SANS cloud security curriculum advisory board. She now offers training through IANS Summits and other venues. Cybersecurity certifications: GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN

Presentations
  • Adapting the SOC to a Cloud EnvironmentDAY 11:00 PM - 2:15 PM
  • Bug Bounties: Do-it-Yourself vs CrowdsourcingDAY 14:05 PM - 4:40 PM
  • Security Tools for a Multi-Platform Cloud EnvironmentDAY 23:30 AM - 4:30 PM
  • Cryptojacking & Cryptocurrency Mining: Defensive MeasuresDAY 211:20 AM - 11:50 PM
mike-rothman

Mike Rothman

IANS Faculty

Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

Presentations
  • IoT: Who Owns Device Risk ManagementDAY 110:35 AM - 11:10 AM
  • How to Fill SIEM Gaps with UEBA/SOARDAY 14:05 PM - 4:40 PM
  • Vendor Optimization: Thinning the HerdDAY 23:30 AM - 4:30 PM
  • Deception and HoneypotsDAY 211:20 AM - 11:50 PM
mike-saurbaugh

Mike Saurbaugh

IANS Faculty

Mike is the Director of Technical Alliances with Cofense, (formerly, PhishMe). Prior to Cofense, Mike spent nearly two decades in financial services and was the head of information security for 12 years as well as having led IT operations. Mike was involved from the onset with Security Current when it launched and served as the research director leading a number of strategic projects for global security vendors and CISOs. Also, Mike is a mentor with Queen City Fintech, in Charlotte, NC, and has a security consulting LLC where he conducts independent advisory and risk assessment engagements. Mike holds a Master's of Science in Information Assurance from Walsh College and is a member of two college information security curriculum advisory committees. In his free time, he loves to spend time with his wife and two daughters, workout, drive his Jeep Wrangler, and cook for those who love great food and drinks.

Presentations
  • Phishing and Social Engineering: New Solutions to an Old ProblemDAY 110:35 AM - 11:10 AM
  • Case Study: Building a Better Security CultureDAY 23:30 AM - 4:30 PM
  • Breaking a Failed Vulnerability Management CycleDAY 211:20 AM - 12:50 PM
joff-thyer

Joff Thyer

IANS Faculty

Joff has 15+ years of experience in the IT industry in roles such as enterprise network architect and network security defender. He has mentored "Intrusion Detection in Depth" and taught "Python for Penetration Testers" for the SANS Institute. Currently Joff is a Researcher and Penetration Tester with Black Hills Information Security (BHIS). He helps lead the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. Joff holds a B.Sc. in Mathematics, an M.Sc. in Computer Science, and holds the GIAC certifications GPEN, GWAPT, and GXPN. In his free time, he is a host on the Security Weekly podcast and contributes to open-source projects.

Presentations
  • Hybrid Web App Pen TestingDAY 110:35 AM - 11:10 AM
  • Bringing Red/Blue/Purple Teaming into BalanceDAY 11:00 PM - 2:15 PM
  • Getting Control of Container SecurityDAY 14:05 PM - 4:40 PM

Event: Charlotte Convention Center

501 South College Street, Charlotte, NC 28202

Hotel: The Westin Charlotte

601 S College St, Charlotte, NC 28202

Room Rate:

$289

per night plus tax

Onsite Questions

Are the presentations available for viewing after the Forum?

All roundtable sessions will be available after the Forum. Many presentations are uploaded to the Mobile App prior to the Forum.

Does IANS provide a Mobile App?

The IANS Information Security Forum App will be available 1 week prior to the event. To download the Mobile App go to the App Store or Google Play Store on your device and search IANS.

How can I promote my involvement with the event?

Please share your thoughts and excitement using our event hashtags found at the top of this page.

How can I submit my feedback on the Forum?

We encourage you to fill out our general survey located in the middle of your program. Please drop off your survey at the registration desk before you leave.

Is there free Wi-Fi onsite?

Free Wi-Fi will be provided throughout the Forum in conference areas.

What can I expect when I attend an IANS event?

When attending an IANS Information Security Forum, you will have the opportunity to take part in technical and strategic Roundtable sessions that discuss the latest issues and trends found in the market. These Roundtable discussions are led by IANS Faculty who are also long-time information security practitioners. You will also have the chance to network with industry peers and learn about the newest technologies and services during any one of our Technology Spotlight sessions.

What is the best way to stay updated before and during the Forum?

For all updates please download the IANS Mobile App or follow us on Twitter.

Where do I pick up my badge and registration material?

Your badge and registration materials will be available to pick-up at the registration desk. Registration starts at 7:30am.

Will there be opportunities to network with peers and sponsors?

There will be chances to network with your peers during the lunches, breaks and the networking reception at the end of day one.

Sponsorship Questions

Are there still sponsorship opportunities?

Please contact Eric Bartczak at sponsorships@iansresearch.com for more information.

Will there be opportunities to network with peers and sponsors?

IANS offers a Silver, Gold and Platinum level sponsorship. Please visit the Event Sponsors Page for more information.

Registration Questions

Can I earn continuing education credits for attending the forum?

Attendees may earn up to 16 credits through our partnership with (ISC)2. Attendees must check in at registration each morning to receive their 8 credits for Day 1 and Day 2. Attendees will receive a Certificate of Completion one week after the forum concludes for any other certification needs. If you have provided IANS with your CISSP # during the registration process then we will automatically submit to (ISC)2.

What is the registration fee?

The Forum is complimentary and open to active Information Security Professionals from private and public sector corporations and organizations.

What time does the Forum begin and end?

The Forum officially begins on Day 1 at 7:30am and ends on Day 2 at 4:40pm.

What's the registration deadline?
You can register for and IANS event up to the day of the event.

General Information

Cancellations

IANS requests that cancellations please be submitted two weeks prior to a Forum. Reserved seats are limited.

Hotel Cancellations

If you have booked a hotel room with IANS during the registration process or you have reached out to an IANS team member regarding booking a room, please note our venues have a cancellation policy of 48 hours. If you do not cancel your reservation through your online registration or in writing to IANS, you will be charged for the night(s) in which you have failed to cancel.

Terms and Conditions

This Forum is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Forum to any entity or individual. Attendance to the Forum is complimentary and open to active information security professionals from private and public-sector corporations and organizations.

Individuals from information security solution providers (software, hardware, and consulting companies) are not eligible to attend unless affiliated with a sponsoring organization.

IANS reserves the right to share attendee contact information with event sponsors and other attendees. IANS will provide on-site opt-out forms that enable you to remove your contact information from being shared as described herein. No contact information will be shared prior to the event.

Photography, Audio & Video Recording

IANS Forums are held in a public venue; therefore, IANS does not prohibit participants, sponsors, or other companies from photographing or taking videos. IANS reserves the right to use images taken at IANS Forums with your photograph and/or likeness in marketing materials.

IANS Code of Conducts

IANS is committed to providing a harassment-free conference experience for all attendees, sponsors, speakers and staff regardless of gender, sexual orientation, disability, physical appearance, national origin, ethnicity, political affliction or religion.

IANS expects all participants to behave in a professional manner. IANS will not condone any form of sexual language and imagery, verbal threats or demands, offensive comments, intimidation, stalking, sustained disruption of session or events, inappropriate physical contract, and unwelcomed sexual attention.

If any form of written, social media, verbal, or physical harassment is reported, participant will be asked to stop and expected to comply immediately. Offender will be subject to expulsion from the conference.

If you are being harassed or notice someone being harassed, please contact the event staff. In the event of an emergency situation, please contact local authorities immediately.

We expect participants to follow these rules at all event venues and event-related social activities.

Housing & Travel Questions

How can I book a hotel room?

All hotel requests must be made through the registration site.

How can I cancel my hotel reservation?

Most of our hotel venues have a 72 hour cancellation policy. You must cancel by contacting one of the IANS team members or through the online registration. If you fail to do so you will be charged for the night(s) in which you have failed to cancel.

Is parking provided?

IANS does not cover any parking.

What hotel accommodations are available during the Forum?

IANS provides a room block for forum events. There will be a limited number of rooms available at the discounted rate.

Will I receive a hotel confirmation number?

You will receive a hotel confirmation number 2 weeks prior to the Forum.

Attendee Contact

ians@iansresearch.com

Who Should Attend?

IANS Forum content is designed for information security practitioners across all industries. Attendees include CISOs, VPs and Managing Directors of Information Security, Information Security Architects, and Information Security Engineers.

Interested in Forum Sponsorship? Learn More.

Check out IANS other upcoming events