2019 Boston
Information Security Forum

#IANSBoston #IANSEvents

November 6 - 7, 2019
Boston Convention and Exhibition Center, 415 Summer Street, Boston, MA

The IANS 2019 Boston Information Security Forum delivers an immersive curriculum with 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers. Attend the two-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise security leaders. Network with peers to benchmark your information security practices and engage with IANS Faculty during interactive sessions.

Let your colleagues know you're coming!

This event has ended.

Check out our other upcoming events!

View All Events

DAY 1

7:30 AM - 8:30 AM

Registration & Breakfast

Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
8:30 AM - 8:45 AM

IANS Welcome and Perspective

Come join us as we welcome you to the Forum.
keith-hillis

Keith Hillis

Sr. Director, IT Risk & Information Security, Akamai Technologies

Phil Gardner

Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

8:45 AM - 9:30 AM

A Keynote Discussion with Akamai’s Keith Hillis: Lessons from Deploying ‘Zero Trust’ and more

with Keith Hillis and Phil Gardner

Join Akamai’s Senior Director of IT Risk & Information Security Keith Hillis and IANS’ CEO Phil Gardner for a keynote discussion on how Keith and his team deployed the ‘Zero Trust’ concept at Akamai and what they learned in the process. Keith will also share how he spends his precious resources – focusing on what’s strategic and avoiding costly distractions.

9:30 AM - 9:50 AM

Tabletop Break

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
9:50 AM - 10:25 AM

Technology Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
davi-ottenheimer

Davi Ottenheimer

IANS Faculty

Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.

10:35 AM - 11:10 AM Morning Roundtable How-To Sessions Improve Infrastructure and Ops

Advances in Network Visibility

with Davi Ottenheimer

Network security and monitoring remains essential in light of increasing volumes of data and an ever-expanding threat landscape, but comprehensive network visibility is hard, and organizations need better guidance. This session aims to provide that by looking at:

  • What organizations are missing and which vendors and techniques can help

Aaron Turner

IANS Faculty

Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

Protect Applications and Data

Advancements in Secure Remote Access

with Aaron Turner

The endpoint continues to grower wider and muddier as professionals access company resources from a growing array of mobile devices. This session looks at:

  • How VPNs are evolving
  • Vendors in the space and how they compare
  • Tools and techniques organizations can use to bolster secure remote access
george-gerchow

George Gerchow

IANS Faculty

As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance, and modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

Improve Infrastructure and Ops

DevSecOps Business Cases

with George Gerchow

Companies still struggle to get developers and security on the same page. They need case studies to show them where and how DevSecOps successes have happened. To that end, this session explores:

  • Case studies of DevSecOps done right
  • How to measure your maturity for DevSecOps -- Phase 1 to Phase 5, for example
  • How to put the “Shift Left” DevSecOps workflow in place
  • How DevSecOps leads to more secure cloud deployments
  • How to use DevSecOps to improve security in IoT technology when they are at the development stage
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.

Protect Applications and Data

Hybrid Web App Pen Testing

with John Strand

Companies do not know whether to do manual or automated web app pen testing, or to go with the hybrid approach. To help find answers, this session will explore:

  • How the hybrid approach marks an improvement over the traditional approach
  • The limits of an automation-only approach
  • What you need in a toolkit -- examples: PortSwigger’s Burp Suite Pro (commercial), OWASP Zed Attack Proxy (open source)
  • The ideal testing methodology
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

Detect, Respond and Recover

Phishing and Social Engineering: New Solutions to an Old Problem

with Dave Kennedy

Phishing is an old social engineering technique and organizations have certainly tried to make employees aware of email links they shouldn’t open. But phishing remains a highly successful technique for the bad guys. So what do we keep doing wrong? This session explores:

  • New phishing security tools that may help
  • What organizations can do to enhance security awareness among employees
11:20 AM - 11:55 AM

Technology Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Carlos Morales

Carlos Morales

Netscout, VP, Cloud and Managed Services

Carlos is the general manager for NETSCOUT’s DDoS Mitigation Services line of business which includes Arbor Cloud. He leads product management, sales, and operations for Arbor Cloud and is responsible for implementing strategy, driving P&L, managing strategic relationships, and running day to day operations for the business.He is also a member of NETSCOUT’s executive cybersecurity committee.Carlos previously was on the executive management team of Arbor, led Arbor’s global pre-sales team for over a decade, and was responsible for the Arbor Security Engineering and Response Team (ASERT), an elite security research organization. He brings more than two decades of experience in deploying security, networkingand access solutions for service provider and enterprise networks. Before joining us in 2004, Carlos held management positions at Nortel Networksand Tiburon Networks, where he served as director of sales engineering. He also held salesengineering roles at Shiva Corporation, Crescent Networks and Hayes Microcomputer.

12:00 PM - 12:50 PM

Lunch & Sponsor Keynote: Choosing the Right Dentist and DDoS Mitigation Provider

with Carlos Morales Most people don’t think about their dentist too much. Provided the annual cleanings go okay, most folks are probably quite happy with their choice. That all goes away when trouble happens. Broken tooth? Cavity? Infection? Tooth ache?  In those situations, people immediately get to know if they’ve made the right choice. The same holds true for DDoS mitigation services. It’s easy to find a service nowadays.  Most service providers s say the same type of things in their marketing material. It’s easy to fall into the trap of just choosing the cheapest or the one that is already providing me another service. DDoS box checked! Done! Until trouble happens. Companies then realize their mistake as their services are brought down. This presentation will focus on the considerations that can be applied and the questions that can be asked to help you make a sound choice in choosing a DDoS mitigation provider, so that when you do come under attack, you will know what to expect.
davi-ottenheimer

Davi Ottenheimer

IANS Faculty

Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.

1:00 PM - 2:15 PM Afternoon Roundtable Workshop Sessions Improve Infrastructure and Ops

IoT: Who Owns Device Risk Management

with Davi Ottenheimer

There’s no clear consensus on who is responsible for managing risks associated with IoT devices in an organization. This session is designed to clear up that confusion. Attendees will learn:

  • Where all the IOT devices are
  • The breakdown of who should be in charge of security risks related to IOT
  • How to assemble a responsibility tree for who does what if an IOT-related compromise happens

Aaron Turner

IANS Faculty

Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

Advance Your Team

Case Study: Building a Better Security Culture

with Aaron Turner

Companies struggle to find a successful recipe for their security culture and need a concrete example of what another company has done to get it right. This session will offer:

  • A case study for a company that has succeeded in growing a true security culture
  • Three things you can do to change that trajectory and actually make your program effective
  • Ways to expand the team with non-traditional security staff (i.e. ambassadors/champions)
george-gerchow

George Gerchow

IANS Faculty

As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance, and modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

John Visneski

John Visneski

IANS Faculty

As the Director of Information Security and Data Protection Officer at The Pokémon Company International, John Visneski brings over 15 years of information security and operational expertise that spans both the private and public sector. He has practical experience building security teams, architectures and modern Security Operations Centers, as well as aligning security programs to enable business and mission objectives. John is an active board member and sought-after adviser for numerous technology startups. Together these experiences make Mr. Visneski a highly regarded public speaker and panelist on topics spanning cloud security, privacy, operational security and compliance. Prior to his position with Pokémon, John served as a cyberspace operations officer in the US Air Force, culminating as the cybersecurity adviser to the Chief of Staff of the Air Force. Mr. Visneski’s Air Force career spanned multiple deployments supporting operations in Iraq and Afghanistan, operations within the intelligence community, and shaping policy at the Pentagon.

Secure the Cloud

Adapting the SOC to a Cloud Environment

with George Gerchow and John Visneski

Security Operations Centers remain rooted in the same tech, procedures and mindsets that existed before the cloud. They need to adapt to life in the cloud, and this session will explore how to get there. Issues addressed include:

  • How an old-world SOC differs from one in the cloud
  • Changes you need to make with your SOC
  • How to make that transition without dropping the ball in either world
  • Skills that need to be picked up in the new cloud-based SOC
  • Examples of cloud detection and response
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.

Protect Applications and Data

Blockchain: What Your Vendors Have and How to Use It

with John Strand

Companies don’t understand how blockchain works inside their security vendor offerings. This session will arm attendees with a stronger foundation by exploring:

  • The use cases around how blockchain enhances security
  • Blockchain-related products that are actually viable
  • How blockchain increase the efficacy of things like vulnerability management and SIEM
  • What CISOs should tell their exec stakeholders about blockchain
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

Improve Infrastructure and Ops

Bringing Red/Blue/Purple Teaming into Balance

with Dave Kennedy

Your Red Team does one thing, your Blue Team does the other, and they don’t talk. Companies struggle to get them on the same page and achieve the true value of these exercises. What to do? This session will explore:

  • The most valuable KPIs to use for these activities
  • How to use automation testing to test the effectiveness of a response during an exercise
  • How to leverage balanced scorecards for direct tracking of capabilities
Stephen Clark

Major General Stephen Clark

Major General, United States Air Force (Retired)

Stephen recently retired from the Air Force after 32 years of dedicated service. He now serves on the Board of Directors of the Jack and Jill Late Stage Cancer Foundation (JAJF.org) treating the families not the cancer, as well as Education Services of America (ESA), dba EdSouth/Services, a non-profit financial holding company focused on expanding educational opportunities and financial literacy. Stephen also owns his own consulting company (Stephen Clark Consulting LLC) focused on corporate leadership, crisis leadership, strategic planning, national security and public speaking.

Prior to his retirement Stephen was the Director of Programs for the United States Air Force overseeing the development, justification, and consolidation of the Air Forces five year financial plan totaling over $750B in resources and manpower. Previously, he served as the Director of Plans, Programs, Requirements, and Manpower for the United States Special Operations Command where he oversaw the development and consolidation of the Special Operations five year plan integrating the plans of USSOCOM’s five component commands. Stephen also served as the Deputy Commanding General of the Joint Special Operations Command where he helped lead global operations in support of regional commanders. Stephen has commanded at the Squadron, Group and Wing level. During his command of the 27th Special Operations Wing he was responsible for over 4000 Airmen, Civilians and their families, $15B worth of infrastructure and aircraft, a multi year construction program worth $1.5B, the operations of a military base, airfield, training range, and the execution of over 5000 combat hours. He has accumulated years of deployments to combat operations in Bosnia, Somalia, Haiti, Afghanistan and Iraq and participating in some of the nations most time sensitive operations.

Clark earned his bachelor’s degree in Political Science from the University of Tennessee, Masters in Public Administration from Troy State, Masters in National Security from the Naval War College, and was a Defense Fellow at Harvards Weatherhead Center for International Relations. Stephen is a command pilot with over 3300 hours primarily in the AC-130H/U gunship. Stephen is a member of the National Association of Corporate Directors and the Great Falls Rotary Club. He is an avid cyclist, skier, and enjoys fly fishing. Stephen and his wife Cynthia have two grown daughters Shelby and Sydney, and reside in Herndon, Virginia.

Crisis Leadership...It’s About Time

with Major General Stephen Clark

Leaders abound regardless of organization or situation. Nowhere does this manifest itself more than during a crisis where leaders rise to the occasion and informal leaders emerge unexpectedly. A crisis serves as a crucible that brings out the best in leaders or shines a light on their weaknesses. This session will explore how to become the best leader possible when the crush is on.

  • Visualizing how the crisis will evolve and desired outcomes
  • How agreed values and beliefs guide decision making when pressure is extreme
  • How the character, substance and style of leaders impact those around them
  • Remaining calm to slow things down to observe, orient, decide and THEN act
  • The HOTWASH and planning for the next crisis...it’s about saving time
2:25 PM - 3:00 PM

Technology Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
3:00 PM - 3:20 PM

Tabletop Break

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
3:20 PM - 3:55 PM

Technology Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
davi-ottenheimer

Davi Ottenheimer

IANS Faculty

Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.

4:05 PM - 4:40 PM Afternoon Roundtable How-To Sessions Protect Applications and Data

Getting Control of Container Security

with Davi Ottenheimer

Fortune 1000 problem: Companies spin up containers quickly, then set them loose with no security due diligence. It’s a process problem as much as a technology issue. Questions to address:

  • How can a company create a more deliberate process to determine when containers are necessary?
  • What is some specific automation or orchestration tools? (Docker Swarm, Kubernates)
  • How does one optimize such tools as AppArmor and SELinuxbecause to prevents a misconfiguration or bug at the container daemon level?
  • What is Docker Notary and how can it add a layer of trust?
  • What are some of the more recent attacks to exploit unsecured containers?

Aaron Turner

IANS Faculty

Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

Improve Infrastructure and Ops

Mobile Device Management: Case Studies of Success and Failure

with Aaron Turner

Companies still struggle to secure personal devices on the company network. They need examples and case studies of how others have successfully (and unsuccessfully) done it. This session explores:

  • How to develop a threat model for all types of personal devices
  • How to you approach data protections on devices without traditional security controls
  • Who owns the endpoint? Does it matter anymore?
  • The differences between iOS vs. Android
  • Is ZeroTrust enabling secure BYOD procedures or preventing it?
george-gerchow

George Gerchow

IANS Faculty

As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance, and modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

Secure the Cloud

Achieving Cloud Migration

with George Gerchow

Fortune 1000 organizations have a complex legacy of platforms, software and networks, and there’s no single playbook to move it all to a new platform because each piece of infrastructure is so different. But there are ways to achieve success. This session will show you how by addressing:

  • The proper sequence of events?
  • Problems to expect in different industries and from different data types
  • Regulatory considerations
  • Tools of note
  • How Hashicorp and the Shared Responsibility Model can help
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.

Secure the Cloud

Email in the Cloud: Stress Testing Office 365 Apps

with John Strand

Companies struggle with how to secure Office 365 apps that come from multiple online marketplaces, from the MS Store to MS Teams and a variety of third-party app stores. This session will explore:

  • How to confirm the security levels of various apps
  • Specific validation techniques for MS App Store, Teams Store and others
  • Warning signs that an app is problematic and shouldn’t be downloaded
  • Advice the security team can give employees on what to watch out for
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

Detect, Respond and Recover

How to Fill SIEM Gaps with UEBA/SOAR

with Dave Kennedy

Organizations want their SIEM to alert them in real time, but that’s not happening. Instead, their SIEM only helps determine how a breach occurred after the fact. Practitioners have heard that UEBA and SOAR can be used to overcome the limits of their current SIEM set up, but they seek concrete answers about how it all works and what kind of training and investments are required. In this session, attendees will learn:

  • The specific actions they must take in order to fully understand where their SIEM is hitting the wall
  • A list of ways to tell if their MSSP is properly goaled/resourced/qualified to correlate and alert in real time
  • A clearer understanding of the small and well-defined situations AI/ML is best suited for
4:45 PM - 5:45 PM

Networking Reception

Come network with your peers! Hors d'oeuvres and cocktails will be served!

DAY 2

8:00 AM - 9:00 AM

Registration & Breakfast

Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.

9:00 AM - 9:30 AM

IANS Faculty Keynote: A Hunting We Must Go.

with John Strand In this presentation, John Strand will cover some of the host and network based techniques that IANS Faculty are using to identify advanced attackers and threats in our customers' networks. 
9:40 AM - 10:15 AM

Technology Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
10:25 AM - 11:00 AM

Technology Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
11:00 AM - 11:20 AM

Tabletop Break

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
davi-ottenheimer

Davi Ottenheimer

IANS Faculty

Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.

11:20 AM - 12:50 PM Detect, Respond and Recover

Breaking a Failed Vulnerability Management Cycle

with Davi Ottenheimer

Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that’s right. This session will explore:

  • Particular tools you should be using to create more automation
  • How to use automation to move through the flaw finding and patching process more quickly
  • Which companies have taken this to the next level
  • What they did to move past the struggle most still find themselves in
  • What the Vulnerability Management Process Workflow is and how will it help
  • How can organizations can ensure data within their SQL Server, DB2 and Oracle databases are secure?
  • Besides Shodan, some other tools that will cast a wider net for vulnerabilities

Aaron Turner

IANS Faculty

Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

Protect Applications and Data

Prioritizing Privilege Management

with Aaron Turner

As IT infrastructure gets more complex and infrastructure-as-a-service (IaaS) becomes a reality, one of the few controls we have left is privileged user management (PUM). But it’s difficult to get it right. To advance in the right direction, this session will explore:

  • How to link privileged access management to change management
  • How to identify what is happening with the use of these credentials
  • How to Identify the appropriate tools to use for privileged access management
  • How to handle insider threats related to privilege abuse/misuse
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

Detect, Respond and Recover

Deception and Honeypots

with Dave Kennedy

Companies struggle enough with basic security tasks and don’t truly know if deception/honeypots are worth trying or if they would provide the adequate ROI. To help them reach a better place, this session will explore:

  • What level of operational maturity one must have for honeypots/deception to make sense?
  • How to find balance when it comes to how many doors to leave open for snoopers and would-be thieves
  • The latest honeypot/deception technologies worth deploying
  • The management/technology overhang associated with them?
  • Buying versus building
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.

Detect, Respond and Recover

Cryptojacking & Cryptocurrency Mining: Defensive Measures

with John Strand

Cryptojacking malware and crypto mining are eating AWS resources, tying up CPU capacity and costing money. This session will help you fight back by exploring:

  • How to tell if cryptomining malware is in the system
  • How to get the malware out of your systems
  • How to keep it out
  • The most prolific cryptocurrency-based attacks targeting companies
  • How this malware differs from others, such as worms, ransomware and Trojans
george-gerchow

George Gerchow

IANS Faculty

As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance, and modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

Secure the Cloud

Multi-Cloud Deployments: People, Process, Technology

with George Gerchow

The process to align controls, capabilities and governance is a mess, with misaligned team reporting structures and central management that fails to span environments. This session will explore:

  • How to compare/contrast controls between multiple PaaS/IaaS environments
  • How to evolve Identity and Access Management for multi-cloud deployments
  • Which controls lend themselves to centralization and multiple cloud environments
  • How to adapt governance, risk assessment and critical security processes for multi-cloud deployments
Chris Calvert

Chris Calvert

Respond Software, VP Products

Respond Software, VP Product Strategy and Co-Founder

Chris has over 30 years of experience in defensive information security: 14 years in the defense and intelligence community and 17 years in the commercial industry. He has worked on the Defense Department Joint Staff and held leadership positions in both large and small companies, including IBM and HPE. He has designed, built and managed global security operations centers and incident response teams for six of the global Fortune-50. As he often says, if you have complaints about today’s security operations model, you can partially blame him. It’s from his first-hand experience in learning the limitations of the man vs. data SecOps model that Chris leads product design and strategy for Respond Software.

12:50 PM - 1:40 PM

Lunch & Sponsor Keynote: The Power of AI to Disrupt Security Ops

with Chris Calvert Many of today’s companies are hesitant to adopt new security technologies – particularly AI.  The truth is AI is successfully disrupting many areas of security operations. Chris will discuss autonomous security driven by AI, probability theory and advanced algorithms: apply reasoning, judgement and experience to identify threats with machines and freeing up our skilled analysts for investigation and response.
1:50 PM - 2:25 PM

Technology Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
2:35 PM - 3:10 PM

Technology Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
davi-ottenheimer

Davi Ottenheimer

IANS Faculty

Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.

3:20 PM - 4:20 PM Improve Infrastructure and Ops

Vendor Optimization: Thinning the Herd

with Davi Ottenheimer

There are too many security vendors that have expanded offerings in a way that has created a lot of overlap and complexity within Fortune 1000 companies’ environments. This session will explore:

  • How to do an assessment and logically start pruning your stack
  • How one tool can replace several others without loss of functionality or controls coverage
  • The most important questions to ask your existing and prospective vendors in order to determine where the overlap exists
  • Specific examples of what you can kill?
  • Integrations between products that currently exist but are not being leveraged

Aaron Turner

IANS Faculty

Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

Improve Infrastructure and Ops

Cutting Through the AI/ML Vendor Hype

with Aaron Turner

Vendors hype the benefits of AI/ML too broadly when it’s really meant for small, well-defined situations. This session will address the following:

  • When we say AI/ML is for small or well-defined situations, what are examples of those?
  • What are specific examples of where AI/ML works, and where it doesn’t?
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

Justine Bone

Justine Bone

IANS Faculty

Justine is a technology and cybersecurity executive with a background in vulnerability research. Justine currently serves as the CEO of Florida-based cybersecurity solutions provider MedSec, a company focused on medical device security management and the delivery of security solutions to Healthcare Delivery Organizations and Medical Device Manufacturing companies. Her previous roles include Global Chief Information Security Officer at Dow Jones, a News Corporation company and publisher of the Wall Street Journal, Global Head of Information and Physical Security at Bloomberg L.P., and CEO of security research firm Immunity Inc. Justine is also a member of HP’s Security Advisory Board, an invited member of the BlackHat USA guest review board, organizer of the security research Pwnie Awards, and an advisor to several other technology startups. She began her career as a vulnerability researcher with Internet Security Systems (now IBM) X-Force and New Zealand’s Government Communications Security Bureau.

Detect, Respond and Recover

Insider Threats

with Dave Kennedy and Justine Bone

Companies are usually unaware that a malicious insider is up to no good in their networks until it’s too late. They need help knowing how to identify early red flags. To that end, this session will explore:

  • Early red flags to look for
  • Security controls you can put in place to detect and prevent insider threat activity
  • Top insider threat monitoring solutions, their strengths and weaknesses
  • Detection tool essentials
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.

Detect, Respond and Recover

New Threat Hunting Techniques

with John Strand

Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It’s time to get proactive – and that’s where threat hunting comes into play. This session explores the latest techniques in that area, and how to:

  • Position hunt teams to directly increase the overall maturity (and ROI) of their monitoring and detection capabilities
  • Detect abnormal patterns of behavior
george-gerchow

George Gerchow

IANS Faculty

As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance, and modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

Secure the Cloud

Choosing a Cloud Provider

with George Gerchow

There are too many vendors, an over-saturated market and confusion over the security requirements that truly matter vs. the vendor fluff. In this session, you’ll learn how cut through the confusion and address:

  • What the cloud provider landscape look like
  • When to go with a big player as opposed to smaller players
  • Questions you should ask internally before looking at potential providers
  • The right (or wrong) questions to ask prospective cloud providers
4:20 PM - 4:35 PM

Closing Ceremonies

Join us for closing remarks and the chance to win prizes!

2019 Boston Speakers

Justine Bone

Justine Bone

IANS Faculty

Justine is a technology and cybersecurity executive with a background in vulnerability research. Justine currently serves as the CEO of Florida-based cybersecurity solutions provider MedSec, a company focused on medical device security management and the delivery of security solutions to Healthcare Delivery Organizations and Medical Device Manufacturing companies. Her previous roles include Global Chief Information Security Officer at Dow Jones, a News Corporation company and publisher of the Wall Street Journal, Global Head of Information and Physical Security at Bloomberg L.P., and CEO of security research firm Immunity Inc. Justine is also a member of HP’s Security Advisory Board, an invited member of the BlackHat USA guest review board, organizer of the security research Pwnie Awards, and an advisor to several other technology startups. She began her career as a vulnerability researcher with Internet Security Systems (now IBM) X-Force and New Zealand’s Government Communications Security Bureau.

Presentations
  • Insider ThreatsDAY 23:20 PM - 4:20 PM
Chris Calvert

Chris Calvert

Respond Software, VP Products

Respond Software, VP Product Strategy and Co-Founder

Chris has over 30 years of experience in defensive information security: 14 years in the defense and intelligence community and 17 years in the commercial industry. He has worked on the Defense Department Joint Staff and held leadership positions in both large and small companies, including IBM and HPE. He has designed, built and managed global security operations centers and incident response teams for six of the global Fortune-50. As he often says, if you have complaints about today’s security operations model, you can partially blame him. It’s from his first-hand experience in learning the limitations of the man vs. data SecOps model that Chris leads product design and strategy for Respond Software.

Presentations
  • Lunch & Sponsor Keynote: The Power of AI to Disrupt Security OpsDAY 212:50 PM - 1:40 PM
Stephen Clark

Major General Stephen Clark

Major General, United States Air Force (Retired)

Stephen recently retired from the Air Force after 32 years of dedicated service. He now serves on the Board of Directors of the Jack and Jill Late Stage Cancer Foundation (JAJF.org) treating the families not the cancer, as well as Education Services of America (ESA), dba EdSouth/Services, a non-profit financial holding company focused on expanding educational opportunities and financial literacy. Stephen also owns his own consulting company (Stephen Clark Consulting LLC) focused on corporate leadership, crisis leadership, strategic planning, national security and public speaking.

Prior to his retirement Stephen was the Director of Programs for the United States Air Force overseeing the development, justification, and consolidation of the Air Forces five year financial plan totaling over $750B in resources and manpower. Previously, he served as the Director of Plans, Programs, Requirements, and Manpower for the United States Special Operations Command where he oversaw the development and consolidation of the Special Operations five year plan integrating the plans of USSOCOM’s five component commands. Stephen also served as the Deputy Commanding General of the Joint Special Operations Command where he helped lead global operations in support of regional commanders. Stephen has commanded at the Squadron, Group and Wing level. During his command of the 27th Special Operations Wing he was responsible for over 4000 Airmen, Civilians and their families, $15B worth of infrastructure and aircraft, a multi year construction program worth $1.5B, the operations of a military base, airfield, training range, and the execution of over 5000 combat hours. He has accumulated years of deployments to combat operations in Bosnia, Somalia, Haiti, Afghanistan and Iraq and participating in some of the nations most time sensitive operations.

Clark earned his bachelor’s degree in Political Science from the University of Tennessee, Masters in Public Administration from Troy State, Masters in National Security from the Naval War College, and was a Defense Fellow at Harvards Weatherhead Center for International Relations. Stephen is a command pilot with over 3300 hours primarily in the AC-130H/U gunship. Stephen is a member of the National Association of Corporate Directors and the Great Falls Rotary Club. He is an avid cyclist, skier, and enjoys fly fishing. Stephen and his wife Cynthia have two grown daughters Shelby and Sydney, and reside in Herndon, Virginia.

Presentations
  • Crisis Leadership...It’s About TimeDAY 11:00 PM - 2:15 PM
george-gerchow

George Gerchow

IANS Faculty

As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance, and modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

Presentations
  • DevSecOps Business CasesDAY 110:35 AM - 11:10 AM
  • Adapting the SOC to a Cloud EnvironmentDAY 11:00 PM - 2:15 PM
  • Achieving Cloud MigrationDAY 14:05 PM - 4:40 PM
  • Multi-Cloud Deployments: People, Process, TechnologyDAY 211:20 AM - 12:50 PM
  • Choosing a Cloud ProviderDAY 23:20 PM - 4:20 PM
keith-hillis

Keith Hillis

Sr. Director, IT Risk & Information Security, Akamai Technologies

Presentations
  • A Keynote Discussion with Akamai’s Keith Hillis: Lessons from Deploying ‘Zero Trust’ and moreDAY 18:45 AM - 9:30 AM
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the President and CEO of TrustedSec, an information security consulting company. David was a Chief Security Officer for an international Fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. He is considered a thought leader in the security field and has presented at many conferences worldwide and had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the Founder of DerbyCon, a large-scale security conference in Louisville, KY. He also authored Metasploit: The Penetration Testers Guide, which was number one on Amazon.com in security for over 6 months. David is a founding member of the "Penetration Testing Execution Standard (PTES)," the industry leading methodologies and guidelines for performing penetration tests. Dave received a BA of Arts from Malone University in Ohio. Dave has many certifications including OSCE, QSA, OSCP, CISSP, ISO 27001, GSEC, and MCSE. Dave also served in the Marines for five years working on intelligence related missions. He enjoys scuba diving, handy work, Destiny, fine bourbons and getting away to the country without cell reception.

Presentations
  • Phishing and Social Engineering: New Solutions to an Old ProblemDAY 110:35 AM - 11:10 AM
  • Bringing Red/Blue/Purple Teaming into BalanceDAY 11:00 PM - 2:15 PM
  • How to Fill SIEM Gaps with UEBA/SOARDAY 14:05 PM - 4:40 PM
  • Deception and HoneypotsDAY 211:20 AM - 12:50 PM
  • Insider ThreatsDAY 23:20 PM - 4:20 PM
Carlos Morales

Carlos Morales

Netscout, VP, Cloud and Managed Services

Carlos is the general manager for NETSCOUT’s DDoS Mitigation Services line of business which includes Arbor Cloud. He leads product management, sales, and operations for Arbor Cloud and is responsible for implementing strategy, driving P&L, managing strategic relationships, and running day to day operations for the business.He is also a member of NETSCOUT’s executive cybersecurity committee.Carlos previously was on the executive management team of Arbor, led Arbor’s global pre-sales team for over a decade, and was responsible for the Arbor Security Engineering and Response Team (ASERT), an elite security research organization. He brings more than two decades of experience in deploying security, networkingand access solutions for service provider and enterprise networks. Before joining us in 2004, Carlos held management positions at Nortel Networksand Tiburon Networks, where he served as director of sales engineering. He also held salesengineering roles at Shiva Corporation, Crescent Networks and Hayes Microcomputer.

Presentations
  • Lunch & Sponsor Keynote: Choosing the Right Dentist and DDoS Mitigation ProviderDAY 112:00 PM - 12:50 PM
davi-ottenheimer

Davi Ottenheimer

IANS Faculty

Davi Ottenheimer is a security executive, board member and founder who has led global teams in developing and managing secure systems for more than twenty years. Currently he is working on product security at mongoDB making big data secure, IoT safe and AI trusted. Davi is also a recognized strategist and author specializing in cyber defense ethics and safely navigating the cultural disruptions of emerging technology. He co-authored in 2012 a cloud security book “Securing the Virtual Environment: How to Defend the Enterprise Against Attack” and is author of the upcoming book "Realities of Securing Big Data". Davi is a frequent top-rated public speaker and in 2018 he established the Excellence in Humanitarian Service Award at the RSA Conference; inaugural award was for building and managing resilient encryption systems that were instrumental to ending South African Apartheid. While serving as a Dedicated Paranoid at Yahoo! and responsible for managing security for hundreds of millions of mobile, broadband and digital home products, he invented an ephemeral authentication system for IoT that is in ubiquitous use today. An expert in governance, assessments, audit and compliance leadership Davi was a qualified PCI DSS and PA-DSS assessor (QSA and PA-QSA) for 7 years, and former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP. He received his postgraduate academic Master of Science degree in International History from the London School of Economics.

Presentations
  • Advances in Network VisibilityDAY 110:35 AM - 11:10 AM
  • IoT: Who Owns Device Risk ManagementDAY 11:00 PM - 2:15 PM
  • Getting Control of Container SecurityDAY 14:05 PM - 4:40 PM
  • Breaking a Failed Vulnerability Management CycleDAY 211:20 AM - 12:50 PM
  • Vendor Optimization: Thinning the HerdDAY 23:20 PM - 4:20 PM
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS), and has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. John is also an instructor and course author of BlackHat's "Active Defense, Offensive Countermeasures, and Hacking Back" and the SANS Institute's "Hacker Tools, Techniques, Exploits and Incident Handling" classes. John is co-author of the" Offensive Countermeasures: The Art of Active Defense" book and is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development at BHIS. He is a dynamic speaker at conferences worldwide. In his spare time, he co-hosts the Hack Naked TV and Security Weekly podcasts.

Presentations
  • Hybrid Web App Pen TestingDAY 110:35 AM - 11:10 AM
  • Blockchain: What Your Vendors Have and How to Use ItDAY 11:00 PM - 2:15 PM
  • Email in the Cloud: Stress Testing Office 365 AppsDAY 14:05 PM - 4:40 PM
  • IANS Faculty Keynote: A Hunting We Must Go.DAY 29:00 AM - 9:30 AM
  • Cryptojacking & Cryptocurrency Mining: Defensive MeasuresDAY 211:20 AM - 12:50 PM
  • New Threat Hunting TechniquesDAY 23:20 PM - 4:20 PM

Aaron Turner

IANS Faculty

Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

Presentations
  • Advancements in Secure Remote AccessDAY 110:35 AM - 11:10 AM
  • Case Study: Building a Better Security CultureDAY 11:00 PM - 2:15 PM
  • Mobile Device Management: Case Studies of Success and FailureDAY 14:05 PM - 4:40 PM
  • Prioritizing Privilege ManagementDAY 211:20 AM - 12:50 PM
  • Cutting Through the AI/ML Vendor HypeDAY 23:20 PM - 4:20 PM
John Visneski

John Visneski

IANS Faculty

As the Director of Information Security and Data Protection Officer at The Pokémon Company International, John Visneski brings over 15 years of information security and operational expertise that spans both the private and public sector. He has practical experience building security teams, architectures and modern Security Operations Centers, as well as aligning security programs to enable business and mission objectives. John is an active board member and sought-after adviser for numerous technology startups. Together these experiences make Mr. Visneski a highly regarded public speaker and panelist on topics spanning cloud security, privacy, operational security and compliance. Prior to his position with Pokémon, John served as a cyberspace operations officer in the US Air Force, culminating as the cybersecurity adviser to the Chief of Staff of the Air Force. Mr. Visneski’s Air Force career spanned multiple deployments supporting operations in Iraq and Afghanistan, operations within the intelligence community, and shaping policy at the Pentagon.

Presentations
  • Adapting the SOC to a Cloud EnvironmentDAY 11:00 PM - 2:15 PM

Event: Boston Convention and Exhibition Center

415 Summer St, Boston, MA 02210

Hotel: Aloft Boston Seaport

401-403 D St, Boston, MA 02210

Room Rate:

$209

per night plus tax

Onsite Questions

Are the presentations available for viewing after the Forum?

All roundtable sessions will be available after the Forum. Many presentations are uploaded to the Mobile App prior to the Forum.

Does IANS provide a Mobile App?

The IANS Information Security Forum App will be available 1 week prior to the event. To download the Mobile App go to the App Store or Google Play Store on your device and search IANS.

How can I promote my involvement with the event?

Please share your thoughts and excitement using our event hashtags found at the top of this page.

How can I submit my feedback on the Forum?

We encourage you to fill out our general survey located in the middle of your program. Please drop off your survey at the registration desk before you leave.

Is there free Wi-Fi onsite?

Free Wi-Fi will be provided throughout the Forum in conference areas.

What can I expect when I attend an IANS event?

When attending an IANS Information Security Forum, you will have the opportunity to take part in technical and strategic Roundtable sessions that discuss the latest issues and trends found in the market. These Roundtable discussions are led by IANS Faculty who are also long-time information security practitioners. You will also have the chance to network with industry peers and learn about the newest technologies and services during any one of our Technology Spotlight sessions.

What is the best way to stay updated before and during the Forum?

For all updates please download the IANS Mobile App or follow us on Twitter.

Where do I pick up my badge and registration material?

Your badge and registration materials will be available to pick-up at the registration desk. Registration starts at 7:30am.

Will there be opportunities to network with peers and sponsors?

There will be chances to network with your peers during the lunches, breaks and the networking reception at the end of day one.

Sponsorship Questions

Are there still sponsorship opportunities?

Please contact Eric Bartczak at sponsorships@iansresearch.com for more information.

Will there be opportunities to network with peers and sponsors?

IANS offers a Silver, Gold and Platinum level sponsorship. Please visit the Event Sponsors Page for more information.

Registration Questions

Can I earn continuing education credits for attending the forum?

Attendees may earn up to 16 credits through our partnership with (ISC)2. Attendees must check in at registration each morning to receive their 8 credits for Day 1 and Day 2. Attendees will receive a Certificate of Completion one week after the forum concludes for any other certification needs. If you have provided IANS with your CISSP # during the registration process then we will automatically submit to (ISC)2.

What is the registration fee?

The Forum is complimentary and open to active Information Security Professionals from private and public sector corporations and organizations.

What time does the Forum begin and end?

The Forum officially begins on Day 1 at 7:30am and ends on Day 2 at 4:40pm.

What's the registration deadline?
You can register for and IANS event up to the day of the event.

General Information

Cancellations

IANS requests that cancellations please be submitted two weeks prior to a Forum. Reserved seats are limited.

Hotel Cancellations

If you have booked a hotel room with IANS during the registration process or you have reached out to an IANS team member regarding booking a room, please note our venues have a cancellation policy of 48 hours. If you do not cancel your reservation through your online registration or in writing to IANS, you will be charged for the night(s) in which you have failed to cancel.

Terms and Conditions

This Forum is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Forum to any entity or individual. Attendance to the Forum is complimentary and open to active information security professionals from private and public-sector corporations and organizations.

Individuals from information security solution providers (software, hardware, and consulting companies) are not eligible to attend unless affiliated with a sponsoring organization.

IANS reserves the right to share attendee contact information with event sponsors and other attendees. IANS will provide on-site opt-out forms that enable you to remove your contact information from being shared as described herein. No contact information will be shared prior to the event.

Photography, Audio & Video Recording

IANS Forums are held in a public venue; therefore, IANS does not prohibit participants, sponsors, or other companies from photographing or taking videos. IANS reserves the right to use images taken at IANS Forums with your photograph and/or likeness in marketing materials.

IANS Code of Conduct

IANS is committed to providing a harassment-free conference experience for all attendees, sponsors, speakers and staff regardless of gender, sexual orientation, disability, physical appearance, national origin, ethnicity, political affliction or religion.

IANS expects all participants to behave in a professional manner. IANS will not condone any form of sexual language and imagery, verbal threats or demands, offensive comments, intimidation, stalking, sustained disruption of session or events, inappropriate physical contract, and unwelcomed sexual attention.

If any form of written, social media, verbal, or physical harassment is reported, participant will be asked to stop and expected to comply immediately. Offender will be subject to expulsion from the conference.

If you are being harassed or notice someone being harassed, please contact the event staff. In the event of an emergency situation, please contact local authorities immediately.

We expect participants to follow these rules at all event venues and event-related social activities.

Housing & Travel Questions

How can I book a hotel room?

All hotel requests must be made through the registration site.

How can I cancel my hotel reservation?

Most of our hotel venues have a 72 hour cancellation policy. You must cancel by contacting one of the IANS team members or through the online registration. If you fail to do so you will be charged for the night(s) in which you have failed to cancel.

Is parking provided?

IANS does not cover any parking.

What hotel accommodations are available during the Forum?

IANS provides a room block for forum events. There will be a limited number of rooms available at the discounted rate.

Will I receive a hotel confirmation number?

You will receive a hotel confirmation number 2 weeks prior to the Forum.

Attendee Contact

ians@iansresearch.com

Who Should Attend?

IANS Forum content is designed for information security practitioners across all industries. Attendees include CISOs, VPs and Managing Directors of Information Security, Information Security Architects, and Information Security Engineers.

Interested in Forum Sponsorship? Learn More.

Check out IANS other upcoming events