2019 Boston Symposium
IAM Strategies that Work: Vendor-Agnostic “How-To” Guidance

#IANSBoston #IANSEvents

Tuesday, March 26, 2019 | 10:00 AM - 3:00 PM
Putnam Investments, 100 Federal Street, Boston, MA

Facing the cloud and its mobile constituency, investments in end-point protection and next generation firewalls are powerless. In these environments, it is identity that stands between information assets and a world of possible threats. Yet few organizations have prioritized the development of a practical strategy for the planning, execution, operation, and governance of Identity and Access Management (IAM). This under-investment creates an identity debt that will increasingly be paid with inefficiencies and incidents.

But throwing money at the identity problem won’t help without a well-thought-out strategy. It takes a concerted, multi-disciplinary approach to comprehend the many technologies, policies, and processes to create, define, and govern identity and access management – not only today, but across long-term innovation and operation.

If you’re looking for practical approaches to developing an IAM strategy that is effective today and sustainable over the long haul, this symposium is for you.

Led by security innovator and practitioner Aaron Turner, this interactive 5-hour event is designed to give you immediately useful, vendor-agnostic guidance. It combines presentation, discussion, and peer conversation in an environment that is both fast-paced and casual.

Topics Include:

  • Scoping the IAM challenge
  • Building a compelling business case for establishing holistic Identity Governance
  • Securing the resources (technology, processes, and policies)
  • Identity correlation; privileged account management; federated identities
  • How to deconstruct outdated IAM processes and technologies
  • Moving to OAuth and OIDC from Kerberos and other legacy technologies
  • External influences on IAM strategies (GDPR, PCI, etc.)
  • Bridging the difference between short-term and long-haul requirements
  • Delivering near-term value while building towards your long-term strategy
  • How to make training investments to build the best IAM team you can


Objective

Participants will leave with a clear understanding of sustainable IAM strategy including how to build the business case, secure the resources, and execute with effective governance. Success cases will be shared to help attendees build a roadmap to address deficiencies in IAM programs, whether they be technological, procedural, or human. You’ll also leave with new and renewed peer contacts in your area.

Audience

This Symposium is designed for security architects, senior security pros, CISOs and their lieutenants – anyone responsible for building IAM plans. The topics will be accessible to relative newcomers but will be most useful to those who are already well on their way to surfacing and addressing the challenges.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.

Let your colleagues know you're coming!

This event has ended.

Check out our other upcoming events!

View All Events

2019 Boston Symposium Facilitators

Aaron Turner

IANS Faculty
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices.  Aaron has testified before congress to help set policy for US critical infrastructure protection. He holds a B.A. in Spanish Linguistics from B.Y.U. and attended the SMU School of Law. Outside of work Aaron enjoys culinary arts, travel with his wife and 3 daughters, and rebuilding vintage VW buses.

Coming Soon

More Information Coming Soon

2019 Boston Symposium Facilitators

Aaron Turner

IANS Faculty
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices.  Aaron has testified before congress to help set policy for US critical infrastructure protection. He holds a B.A. in Spanish Linguistics from B.Y.U. and attended the SMU School of Law. Outside of work Aaron enjoys culinary arts, travel with his wife and 3 daughters, and rebuilding vintage VW buses.

Putnam Investments

100 Federal Street, 2nd Floor, Boston, MA 02110

Attendee Qualification

This Symposium is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Symposium to any entity or individual. IANS’ receipt of a registration application does not constitute acceptance. Individuals from Information Security Solution Providers (software, hardware, and consulting companies) are not eligible to attend. Symposiums are open to IANS clients that are Credential Holders and qualified Information Security Practitioners identified by IANS.

Attendee Contact

ians@iansresearch.com

Check out IANS other upcoming events