7:30 AM - 8:45 AM
Registration & Breakfast
Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
8:45 AM - 9:00 AM
IANS Welcome and Perspective
Come join us as we welcome you to the Forum.
9:00 AM - 9:30 AM
A Keynote Discussion with CNB’s Brian Fricke: Getting Real & Tangible Around Risk Management
with
and
Join City National Bank’s CISO Brian Fricke and IANS’ CEO Phil Gardner for a far-ranging keynote conversation that will tackle how to make infosec risk management real and tangible, where to find talent, the importance ‘speaking business’ and Brian’s view on AI’s infosec utility.
9:30 AM - 9:50 AM
Tabletop Break
IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
9:50 AM - 10:25 AM
Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
10:35 AM - 11:10 AM
Morning Roundtable How-To Sessions
Protect Applications and Data
File Security: Tools and Techniques in 2019
with
Attackers continue to find new ways to access, steal and corrupt files. This means organizations need to up their game in protecting them. To that end, this session will explore:
- Advancements vendors in the space have made and what’s right for you
- The latest techniques to ensure files are only being accessed by those whose jobs require it
Protect Applications and Data
Advancements in Secure Remote Access
with
The endpoint continues to grower wider and muddier as professionals access company resources from a growing array of mobile devices. This session looks at:
- How VPNs are evolving
- Vendors in the space and how they compare
- Tools and techniques organizations can use to bolster secure remote access
Improve Infrastructure and Ops
DevSecOps Business Cases
with
Companies still struggle to get developers and security on the same page. They need case studies to show them where and how DevSecOps successes have happened. To that end, this session explores:
- Case studies of DevSecOps done right
- How to measure your maturity for DevSecOps -- Phase 1 to Phase 5, for example
- How to put the “Shift Left” DevSecOps workflow in place
- How DevSecOps leads to more secure cloud deployments
- How to use DevSecOps to improve security in IoT technology when they are at the development stage
Detect, Respond and Recover
The Changing Face of Ransomware
with
Ransomware continues to be a significant problem for many organizations, and it has shown a ferocious ability to evolve. One reason is ransomware as a service, where people with little skill can buy ransomware-making kits online. This session explores:
- Ways ransomware has evolved in the last 6-12 months
- What ransomware as a service looks like and why it’s such a problem
- What vendors are doing to get ahead of the bad guys
Improve Infrastructure and Ops
Bug Bounties: Do-it-Yourself vs Crowdsourcing
with
Companies face challenges with how to run an effective bug bounty program and oftentimes don’t know whether to do it in-house or through crowdsourcing. This session addresses ways to move forward by exploring:
- How bug bounty programs translate into cost savings
- At what maturity level you should be at before taking on this challenge in-house
- The fundamentals for putting an internal program together
- The pros and cons of such outsourced services as those provided by Bugcrowd and HackerOne
11:20 AM - 11:55 AM
Technology Group 1
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
12:00 PM - 12:50 PM
Lunch & Sponsor Keynote: Visibility and Collaboration in the Multicloud
with
ITOps and SecOps have collaborated for years. However, many organizations are now looking at approaches that make the collaboration more formal. Many enterprises are adopting the concept of the “Versatilist” and replacing war room discussions with agile approaches to problem solving. This session will address the increasing complexity of our networks and the need for a common and consistent approach to visibility in the multicloud.
1:00 PM - 2:15 PM
Afternoon Roundtable Workshop Sessions
Secure the Cloud
Choosing a Cloud Provider
with
There are too many vendors, an over-saturated market and confusion over the security requirements that truly matter vs. the vendor fluff. In this session, you’ll learn how cut through the confusion and address:
- What the cloud provider landscape look like
- When to go with a big player as opposed to smaller players
- Questions you should ask internally before looking at potential providers
- The right (or wrong) questions to ask prospective cloud providers
Improve Infrastructure and Ops
Vendor Optimization: Thinning the Herd
with
There are too many security vendors that have expanded offerings in a way that has created a lot of overlap and complexity within Fortune 1000 companies’ environments. This session will explore:
- How to do an assessment and logically start pruning your stack
- How one tool can replace several others without loss of functionality or controls coverage
- The most important questions to ask your existing and prospective vendors in order to determine where the overlap exists
- Specific examples of what you can kill?
- Integrations between products that currently exist but are not being leveraged
Detect, Respond and Recover
New Threat Hunting Techniques
with
Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It’s time to get proactive – and that’s where threat hunting comes into play. This session explores the latest techniques
in that area, and how to:
- Position hunt teams to directly increase the overall maturity (and ROI) of their monitoring and detection capabilities
- Detect abnormal patterns of behavior
Improve Infrastructure and Ops
Bringing Red/Blue/Purple Teaming into Balance
with
and
Your Red Team does one thing, your Blue Team does the other, and they don’t talk. Companies struggle to get them on the same page and achieve the true value of these exercises. What to do? This session will explore:
- The most valuable KPIs to use for these activities
- How to use automation testing to test the effectiveness of a response during an exercise
- How to leverage balanced scorecards for direct tracking of capabilities
Secure the Cloud
Adapting the SOC to a Cloud Environment
with
Security Operations Centers remain rooted in the same tech, procedures and mindsets that existed before the cloud. They need to adapt to life in the cloud, and this session will explore how to get there. Issues addressed include:
- How an old-world SOC differs from one in the cloud
- Changes you need to make with your SOC
- How to make that transition without dropping the ball in either world
- Skills that need to be picked up in the new cloud-based SOC
- Examples of cloud detection and response
2:25 PM - 3:00 PM
Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
3:00 PM - 3:30 PM
Tabletop Break
IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
3:30 PM - 4:05 PM
Technology Group 2
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
4:15 PM - 4:50 PM
Afternoon Roundtable How-To Sessions
Protect Applications and Data
Getting Control of Container Security
with
Fortune 1000 problem: Companies spin up containers quickly, then set them loose with no security due diligence. It’s a process problem as much as a technology issue. Questions to address:
- How can a company create a more deliberate process to determine when containers are necessary?
- What is some specific automation or orchestration tools? (Docker Swarm, Kubernates)
- How does one optimize such tools as AppArmor and SELinuxbecause to prevents a misconfiguration or bug at the container daemon level?
- What is Docker Notary and how can it add a layer of trust?
- What are some of the more recent attacks to exploit unsecured containers?
Secure the Cloud
Email in the Cloud: Stress Testing Office 365 Apps
with
Companies struggle with how to secure Office 365 apps that come from multiple online marketplaces, from the MS Store to MS Teams and a variety of third-party app stores. This session will explore:
- How to confirm the security levels of various apps
- Specific validation techniques for MS App Store, Teams Store and others
- Warning signs that an app is problematic and shouldn’t be downloaded
- Advice the security team can give employees on what to watch out for
Detect, Respond and Recover
How to Fill SIEM Gaps with UEBA/SOAR
with
Organizations want their SIEM to alert them in real time, but that’s not happening. Instead, their SIEM only helps determine how a breach occurred after the fact. Practitioners have heard that UEBA and SOAR can be used to overcome the limits of
their current SIEM set up, but they seek concrete answers about how it all works and what kind of training and investments are required. In this session, attendees will learn:
- The specific actions they must take in order to fully understand where their SIEM is hitting the wall
- A list of ways to tell if their MSSP is properly goaled/resourced/qualified to correlate and alert in real time
- A clearer understanding of the small and well-defined situations AI/ML is best suited for
Improve Infrastructure and Ops
Advances in Network Visibility
with
Network security and monitoring remains essential in light of increasing volumes of data and an ever-expanding threat landscape, but comprehensive network visibility is hard, and organizations need better guidance. This session aims to provide that by
looking at:
- What organizations are missing and which vendors and techniques can help
Detect, Respond and Recover
Phishing and Social Engineering: New Solutions to an Old Problem
with
Phishing is an old social engineering technique and organizations have certainly tried to make employees aware of email links they shouldn’t open. But phishing remains a highly successful technique for the bad guys. So what do we keep doing wrong?
This session explores:
- New phishing security tools that may help
- What organizations can do to enhance security awareness among employees
4:50 PM - 5:45 PM
Networking Reception
Come network with your peers! Hors d'oeuvres and cocktails will be served!
*Receive 1 CPE credit for every hour of attendance at our events.
