home_banner

Events

Join The IANS Peer Community

IANS facilitates and connects clients-to-experts and experts-to-experts. Our Faculty of industry experts provides the breadth and depth of information to guide you on your information security journey. Through a regional delivery model, our events gather all members of the security function.

*CPE credits will be awarded for attending the event.

Forums

Two-day events with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.

CISO Roundtables

One-day roundtables designed exclusively for CISOs and senior level InfoSec executives to learn and share insights in a confidential setting.

Symposiums

Half-day, deep-dive explorations of technical and operational information security topics, free of vendor presence.

Webinars

Hour-long interactive discussions examining hot topics in information security.

January 24

Facing the cloud and its mobile constituency, investments in end-point protection and next generation firewalls are powerless. In these environments, it is identity that stands between information assets and a world of possible threats. Yet few organizations have prioritized the development of a practical strategy for the planning, execution, operation, and governance of Identity and Access Management (IAM). This under-investment creates an identity debt that will increasingly be paid with inefficiencies and incidents.

Speakers:
  • Aaron Turner

    Aaron Turner

    IANS Faculty

    Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

January 30

Securing the cloud is fundamentally different, yet there are very few guidebooks or clear methods to ensure adequate protection. Leading-edge organizations are doing amazing things with cloud-native and DevSecOps approaches, but they’ve matured their security operational capabilities the hard way.

Speakers:
  • Mike Rothman

    Mike Rothman

    IANS Faculty

    Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

January 31

Facing the cloud and its mobile constituency, investments in end-point protection and next generation firewalls are powerless. In these environments, it is identity that stands between information assets and a world of possible threats. Yet few organizations have prioritized the development of a practical strategy for the planning, execution, operation, and governance of Identity and Access Management (IAM). This under-investment creates an identity debt that will increasingly be paid with inefficiencies and incidents.

Speakers:
  • Aaron Turner

    Aaron Turner

    IANS Faculty

    Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

February 5

Securing the cloud is fundamentally different, yet there are very few guidebooks or clear methods to ensure adequate protection. Leading-edge organizations are doing amazing things with cloud-native and DevSecOps approaches, but they’ve matured their security operational capabilities the hard way.

Speakers:
  • Mike Rothman

    Mike Rothman

    IANS Faculty

    Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

February 6

Fortune 1000 companies face myriad challenges when it comes to application security. They don't know how to run an effective bug bounty program. They don't know whether to do manual or automated web app pen testing or go with a more hybrid approach. And they spin up containers quickly, setting them loose with no security due diligence.

Speakers:
  • Shannon Lietz

    Shannon Lietz

    IANS Faculty

    Shannon Lietz is an award-winning security innovator and leader experienced in developing emerging security programs for Fortune 500 companies, including Intuit, ServiceNow, Sony, Sempra, Savvis, Cable & Wireless, 99 Cents Only, Exodus, and Bank of America, among others internationally. She received the Scott Cook Innovation Award in 2014 for developing and cultivating a world-class cloud security program for protecting sensitive data in AWS. Lietz is currently the Director of DevSecOps at Intuit responsible for driving the company’s Cloud Security Strategy and Program in support of corporate innovation. She has previous experience as a Master Security Architect, an Entrepreneur, and often volunteers to educate on security topics. Lietz is a passionate DevSecOps and Rugged Evangelist.

February 12

Securing the cloud is fundamentally different, yet there are very few guidebooks or clear methods to ensure adequate protection. Leading-edge organizations are doing amazing things with cloud-native and DevSecOps approaches, but they’ve matured their security operational capabilities the hard way.

Speakers:
  • Mike Rothman

    Mike Rothman

    IANS Faculty

    Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

February 20

Deception is an effective tool to detect APT adversaries that have already bypassed traditional detection schemes. These attackers will continue to maneuver in the network unchecked unless we put something in the way to entice them to make a mistake. Deception arms organizations that already have a robust security program with a safety net to catch attackers who have already made it inside, or are working their way in.

Speakers:
  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

February 20

Securing the cloud is fundamentally different, yet there are very few guidebooks or clear methods to ensure adequate protection. Leading-edge organizations are doing amazing things with cloud-native and DevSecOps approaches, but they’ve matured their security operational capabilities the hard way.

Speakers:
  • Mike Rothman

    Mike Rothman

    IANS Faculty

    Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

February 21

Deception is an effective tool to detect APT adversaries that have already bypassed traditional detection schemes. These attackers will continue to maneuver in the network unchecked unless we put something in the way to entice them to make a mistake. Deception arms organizations that already have a robust security program with a safety net to catch attackers who have already made it inside, or are working their way in.

Speakers:
  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

February 28

Deception is an effective tool to detect APT adversaries that have already bypassed traditional detection schemes. These attackers will continue to maneuver in the network unchecked unless we put something in the way to entice them to make a mistake. Deception arms organizations that already have a robust security program with a safety net to catch attackers who have already made it inside, or are working their way in.

Speakers:
  • Jake Williams

    Jake Williams

    IANS Faculty

    Jake Williams, the founder of Rendition Infosec, has almost two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding Rendition Infosec, Williams worked with various government agencies in information security and CNO roles. He also works with SANS where he teaches and authors courses in Malware Reverse Engineering, Memory Forensics, Cyber Threat Intelligence, and Advanced Exploit Development. He is the two-time victor of the annual DC3 Forensics Challenge. He has spoken at Blackhat, DEFCON, Shmoocon, CEIC, RSA, EnFuse, and DC3 Conference (among others). His research areas include automating incident response throughout the enterprise, threat modeling and analysis, binary analysis, and malware C2. The primary focus of his work is increasing enterprise security by presenting complex topics in a way that anyone can understand.

March 19

Facing the cloud and its mobile constituency, investments in end-point protection and next generation firewalls are powerless. In these environments, it is identity that stands between information assets and a world of possible threats. Yet few organizations have prioritized the development of a practical strategy for the planning, execution, operation, and governance of Identity and Access Management (IAM). This under-investment creates an identity debt that will increasingly be paid with inefficiencies and incidents.

Speakers:
  • Aaron Turner

    Aaron Turner

    IANS Faculty

    Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

Success! Thanks for filling out our form!

* Required Fields