2019 Atlanta Super Symposium
Building a Modern Day SOC & IAM Strategies that Work

#IANSAtlanta #IANSEvents

Tuesday, May 7, 2019 | 10:00 AM - 3:00 PM
The Westin Peachtree Plaza, 210 Peachtree St NW, Atlanta, GA

Select a track to see more information.

Security Operations Centers remain rooted in the same tech, procedures and mindsets that existed before the cloud. With companies doing an ever-increasing amount of business in the cloud, and with more of their resources residing there, the old-school SOC is quickly losing its ability to fulfill its mission.

These SOCs must adapt to life in the cloud and security teams need direction on how to get it done. They must be able to differentiate between an old-world SOC and one in the cloud and make the transition without dropping balls in either world.

This 5-hour symposium, led by IANS Faculty Member George Gerchow, will help practitioners address those issues and return to their organizations with a set of solutions that include:

  • A list of changes necessary to bring the SOC to the cloud, and the order tasks must be carried out,
  • A clear idea of the new skills SOC operators will need for life in the cloud,
  • A training roadmap that will help them acquire those skills, and
  • An understanding of the detection and response tools that are needed.


This symposium is designed with CISOs, security architects and SecOps leaders in mind, but security practitioners and risk managers of all types are welcome.

Facing the cloud and its mobile constituency, investments in end-point protection and next generation firewalls are powerless. In these environments, it is identity that stands between information assets and a world of possible threats. Yet few organizations have prioritized the development of a practical strategy for the planning, execution, operation, and governance of Identity and Access Management (IAM). This under-investment creates an identity debt that will increasingly be paid with inefficiencies and incidents.

But throwing money at the identity problem won’t help without a well-thought-out strategy. It takes a concerted, multi-disciplinary approach to comprehend the many technologies, policies, and processes to create, define, and govern identity and access management – not only today, but across long-term innovation and operation.

If you’re looking for practical approaches to developing an IAM strategy that is effective today and sustainable over the long haul, this symposium is for you.

Led by security innovator and practitioner Aaron Turner, this interactive 5-hour event is designed to give you immediately useful, vendor-agnostic guidance. It combines presentation, discussion, and peer conversation in an environment that is both fast-paced and casual

Topics Include:

  • Scoping the IAM challenge
  • Building a compelling identity business case for establishing holistic Identity Governance
  • Securing the resources (technology, processes, and policies)
  • Identity correlation; privileged account management; federated identities
  • How to deconstruct outdated IAM processes and technologies
  • Moving to OAuth and OIDC from Kerberos and other legacy technologies
  • External influences on IAM strategies (GDPR, PCI, etc.)
  • Bridging the difference between short-term and long-haul requirements
  • Delivering near-term value while building towards your long-term strategy
  • How to make training investments to build the best IAM team you can


Participants will leave with a clear understanding of sustainable IAM strategy including how to build the business case, secure the resources, and execute with effective governance. Success cases will be shared to help attendees build a roadmap to address deficiencies in IAM programs, whether they be technological, procedural, or human. You’ll also leave with new and renewed peer contacts in your area


This Symposium is designed for security architects, senior security pros, CISOs and their lieutenants – anyone responsible for building IAM plans. The topics will be accessible to relative newcomers but will be most useful to those who are already well on their way to surfacing and addressing the challenges.

This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.

Let your colleagues know you're coming!

This event has ended.

Check out our other upcoming events!

View All Events

2019 Atlanta Super Symposium Facilitators


George Gerchow

IANS Faculty

As Sumo Logic's Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines. Mr. Gerchow has years of practical experience in building agile security, compliance and, modern day Security Operation Centers in rapid development organizations. These insights make him a highly regarded speaker, and invited panelist on topics including DevSecOps, cloud secure architecture design, virtualization, compliance, configuration management, and operational security and compliance. George has been on the bleeding edge of public cloud security and privacy since being a co-founder of the VMware Center for Policy & Compliance. Mr. Gerchow is also an active Board Member for several technology start-ups and the co-author of the Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and the MISTI Fundamentals in Cloud Security. He is a Faculty Member for IANS (Institute for Applied Network Security) and Cloud Academy.

Aaron Turner

IANS Faculty
Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices.  Aaron has testified before congress to help set policy for US critical infrastructure protection. He holds a B.A. in Spanish Linguistics from B.Y.U. and attended the SMU School of Law. Outside of work Aaron enjoys culinary arts, travel with his wife and 3 daughters, and rebuilding vintage VW buses.

The Westin Peachtree Plaza

210 Peachtree St NW, Atlanta, GA 30303

Attendee Qualification

This Symposium is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Symposium to any entity or individual. IANS’ receipt of a registration application does not constitute acceptance. Individuals from Information Security Solution Providers (software, hardware, and consulting companies) are not eligible to attend. Symposiums are open to IANS clients that are Credential Holders and qualified Information Security Practitioners identified by IANS.

Attendee Contact


Check out IANS other upcoming events