2020 Seattle-Bellevue
Information Security Forum

#IANSSeattle #IANSEvents

May 14, 2020
Seattle Marriott Bellevue, Bellevue, WA

The IANS 2020 Seattle-Bellevue Information Security Forum delivers an immersive curriculum with 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers. Attend the one-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise security leaders. Network with peers to benchmark your information security practices and engage with IANS Faculty during interactive sessions.

Let your colleagues know you're coming!
Register

Day 1

7:30 AM - 8:30 AM

Registration & Continental Breakfast

Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
8:30 AM - 8:45 AM

IANS Welcome & State of the Industry

Come join us as we welcome you to the Forum.
8:45 AM - 9:15 AM

Keynote

More information coming soon.
9:15 AM - 9:30 AM

Tabletop Break

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
9:30 AM - 9:45 AM

Technology Spotlight Sessions Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
9:50 AM - 10:05 AM

Technology Spotlight Sessions Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
10:10 AM - 10:25 AM

Technology Spotlight Sessions Group 3

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Mick Douglas

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

10:35 AM - 11:35 AM Security Architecture

Zero Trust Principles: Making Them Work for You

with Mick Douglas

Security teams need to understand both what zero trust principals are and how to properly implement them across the organization. This session starts with the nuts and bolts that make up zero trust, then delves into:

  • How zero trust architecture lowers the risk of common attacks, including account takeovers, insider threats, web and cloud app risks, and IoT and device compromises
  • Real-world examples of successful zero trust in action
  • Legacy tech that doesn’t play well with zero trust and what to do about it
chris-nickerson

Chris Nickerson

IANS Faculty

Chris is the Co-Founder and CEO of LARES Consulting, an information security consulting firm that leverages a blend of assessment, testing, and coaching. He also serves on the Board of Directors at CREST, an international not-for-profit accreditation and certification body that represents and supports the technical information security market.

Threats & Vulnerabilities

Ransomware: Defense and Recovery Tactics for 2020

with Chris Nickerson

Ransomware continues to be a significant problem for many organizations, and it has shown a ferocious ability to evolve. This session explores:

  • Case studies from the news: What victims did wrong and what they did right
  • Tools and techniques to use if an initial attack is successful
  • A look at how tactics differ for small teams vs. large teams
  • How to account for ransomware attacks in your incident response plan
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.

Security Operations

Using AI/ML to Optimize SecOps

with John Strand

AI/ML technology can help them make more accurate decisions, but only if security teams feed the right data into the machine. This session explains how to grab and input the right data from five primary log data sources:

  • Network (traffic flows)
  • Infrastructure (servers)
  • Database
  • Applications
  • Identity and access management (IAM)/people

From there, we explore what clean, relevant, actionable and business-driven data truly looks like.

11:40 AM - 12:40 AM

Lunch & Keynote Address

More information coming soon.
12:50 PM - 1:05 PM

Technology Spotlight Sessions Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
1:10 PM - 1:25 PM

Technology Spotlight Sessions Group 3

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
1:30 PM - 1:45 PM

Technology Spotlight Sessions Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
1:45 PM - 2:00 PM

Tabletop Break

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.
Mick Douglas

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

2:00 PM - 2:45 PM Security Architecture

IoT in the Enterprise: Minimizing the Risks

with Mick Douglas

There’s no clear consensus on who is responsible for managing risks associated with IoT devices in an organization. Security teams need help clearing up that confusion. This session will review:

  • Where all the IoT devices are
  • Who should be in charge of security risks related to IoT
  • How to assemble a responsibility tree for who does what in the event of an IoT-related compromise
chris-nickerson

Chris Nickerson

IANS Faculty

Chris is the Co-Founder and CEO of LARES Consulting, an information security consulting firm that leverages a blend of assessment, testing, and coaching. He also serves on the Board of Directors at CREST, an international not-for-profit accreditation and certification body that represents and supports the technical information security market.

GRC

Managing Privacy and Risk in the Social Media Age

with Chris Nickerson

Facebook, Twitter and LinkedIn aren’t going anywhere. Security teams need the latest best practices for monitoring and effectively locking down employee social media use to avoid being an easy target for attackers. This session explores:

  • Where current methods of tracking employee social media use fail and how to fix it
  • Tools and techniques to quickly find and eradicate malware injected into company networks via social media usage
  • How well (or not so well) cloud-based email systems interact with social media platforms
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.

Threats & Vulnerabilities

Threat Hunting Techniques for 2020

with John Strand

Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It’s time to get proactive – and that’s where threat hunting comes into play. This session explores:

  • Host and network-based techniques for identifying advanced attackers and threats to customer networks
  • How to position hunt teams to directly increase the overall maturity and return on investment (ROI) of their monitoring and detection capabilities
  • Detecting abnormal patterns of behavior
  • Tips to better incorporate threat hunting into purple teaming
2:55 PM - 3:10 PM

Technology Spotlight Sessions Group 3

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
3:15 PM - 3:30 PM

Technology Spotlight Sessions Group 1

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
3:35 PM - 3:50 PM

Technology Spotlight Sessions Group 2

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.
Mick Douglas

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

4:00 PM - 5:00 PM Security Operations

Incident Response: Fixing What’s Wrong with Crisis Management

with Mick Douglas

Security teams are getting better at the technical side of incident response, but crisis management is still a pain point. This session details how to quickly and efficiently manage a crisis when the crush is on. This session explores:

  • Tips to help first responders take charge, including the art of speaking in short sentences and keeping a journal
  • Case study: What we can learn from the SEAL team approach
  • How integrating OODA (observe, orient, decide and act) Loop principals across the culture results in a faster, more effective crisis response
  • How agreed-on values and beliefs guide decision-making when pressure is extreme
  • How leaders’ character, substance and style impact those around them
chris-nickerson

Chris Nickerson

IANS Faculty

Chris is the Co-Founder and CEO of LARES Consulting, an information security consulting firm that leverages a blend of assessment, testing, and coaching. He also serves on the Board of Directors at CREST, an international not-for-profit accreditation and certification body that represents and supports the technical information security market.

GRC

Building a Three-Year Strategic GRC Roadmap

with Chris Nickerson

Security leaders need to know which strategic areas to focus on long term and how to prevent those from being cast aside by day-to-day brush fires. What should they delegate and what are some tips to stay focused on the big picture, whether it concerns risk management or compliance? This session explores:

  • Key information security risks, how they should be determined, what projects are under way to mitigate them and what the timelines should look like
  • A governance process that ensures information security activities – including key risk indicators (KRIs), and compliance checklists – are performed with proper oversight
  • Tips to minimize risk at the outset by making better decisions
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.

Threats & Vulnerabilities

Practical Applications for MITRE ATT&CK

with John Strand

MITRE ATT&CK has enormous potential as a security Swiss Army knife, but security teams need a soup-to-nuts breakdown for how best to apply it in their environments. This session explores how to make MITRE ATT&CK part of your daily security practices, including:

  • Using the framework to identify the most efficient ways to improve adversarial defenses
  • Understanding the framework is NOT technique-driven -- it’s about understanding attack lifecycles and building a defense
  • Leveraging balanced scorecards for direct tracking of capabilities
5:00 PM - 6:00 PM

Networking Reception

Come network with your peers!

2020 Seattle-Bellevue Speakers

Mick Douglas

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

Presentations
  • Zero Trust Principles: Making Them Work for YouDay 110:35 AM - 11:35 AM
  • IoT in the Enterprise: Minimizing the RisksDay 12:00 PM - 2:45 PM
  • Incident Response: Fixing What’s Wrong with Crisis ManagementDay 14:00 PM - 5:00 PM
chris-nickerson

Chris Nickerson

IANS Faculty

Chris is the Co-Founder and CEO of LARES Consulting, an information security consulting firm that leverages a blend of assessment, testing, and coaching. He also serves on the Board of Directors at CREST, an international not-for-profit accreditation and certification body that represents and supports the technical information security market.

Presentations
  • Ransomware: Defense and Recovery Tactics for 2020Day 110:35 AM - 11:35 AM
  • Managing Privacy and Risk in the Social Media AgeDay 12:00 PM - 2:45 PM
  • Building a Three-Year Strategic GRC RoadmapDay 14:00 PM - 5:00 PM
john-strand

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.

Presentations
  • Using AI/ML to Optimize SecOpsDay 110:35 AM - 11:35 AM
  • Threat Hunting Techniques for 2020Day 12:00 PM - 2:45 PM
  • Practical Applications for MITRE ATT&CKDay 14:00 PM - 5:00 PM

Seattle Marriott Bellevue

200 110th Ave NE, Bellevue, WA 98004

Room Rate:

$249

per night plus tax

Coming Soon

More Information Coming Soon

Attendee Contact

ians@iansresearch.com

Who Should Attend?

IANS Forum content is designed for information security practitioners across all industries. Attendees include CISOs, VPs and Managing Directors of Information Security, Information Security Architects, and Information Security Engineers.

Interested in Forum Sponsorship? Learn More.

Check out IANS other upcoming events