2021 Charlotte/Nashville Virtual
Information Security Forum

#IANSCharlotte #IANSNashville #IANSEvents

Thursday, June 24, 2021 | 9:00 AM - 3:30 PM ET
Web Conference, Charlotte and Nashville Metro Areas

The Charlotte/Nashville Forum is designed for information security practitioners across all industries to dive deep on specific topics, share insights, and network with peers in a virtual environment. This one-day event incorporates breakouts with IANS Faculty, spotlight sessions on emerging technologies, and opportunities to network with your peers. Topics fall into five tracks:

  • Security Operations
  • Security Architecture
  • Threats and Vulnerabilities
  • Governance, Risk Management, and Compliance
  • Leadership and Career Development

IANS Forum content is geared toward the entire security function. Attendees include but are not limited to CISOs, VPs and Managing Directors of Information Security, Information Security Architects, and Information Security Engineers.

 

Let your colleagues know you're coming!

Register Now

* Required Fields
*Receive 1 CPE credit for every hour of attendance at our events.

Agenda

Ed-Skoudis

Ed Skoudis

SANS Instructor and Fellow Founder, Counter Hack

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 20,000 cybersecurity professionals. He is a SANS Faculty Fellow and Instructor. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first experts brought in to provide after-attack analysis on major breaches where credit card and other sensitive financial data is lost.

Ed led the team that built NetWars, the low-cost, widely used cyber training and skills assessment ranges relied upon by military units and corporations with major assets at risk. His team also built CyberCity, the fully authentic urban cyber warfare simulator that was featured on the front page of the Washington Post. He was also the expert called in by the White House to test the security viability of the Trusted Internet Connection (TIC) that now protects US Government networks and lead the team that first publicly demonstrated significant security flaws in virtual machine technology. He has a rare capability of translating advanced technical knowledge into easy-to-master guidance as the popularity of his step-by-step Counter Hack books testifies. Ed earned an M.S. in Information Networking from Carnegie Mellon University, and his B.S. in Electrical Engineering from the University of Michigan, summa cum laude.

9:00 AM - 9:30 AM

From Cybersecurity Practitioner Up to The Board – Gaining Security Alignment Throughout an Organization

with Ed Skoudis

Given the rapidly escalating intensity of ransomware, breaches, and other major cyber attacks, Boards of Directors in many organizations are taking a far more active role in cybersecurity. Cybersecurity practitioners can be vastly more successful if they communicate effectively with their Boards and senior leadership about how they are prepared to defend against real-world attacks. In this lively session, Ed Skoudis will share specifics about:

  • What Boards of Directors are asking their organizations about cybersecurity
  • Strategies and techniques for ensuring that an organization’s cybersecurity practices are in alignment across all levels, from Board to CISO to day-to-day security practitioner
  • Common cybersecurity myths at the Board level and how to counter them with a fresh dose of reality from trenches
  • Techniques and tips security practitioners can use to explain their work effectively to Boards and other senior leaders
9:35 AM - 10:20 AM

Sponsor Tabletops & Technology Spotlight Sessions

Visit the Live Sessions Page to join topic-specific Technology Spotlight Sessions.
Mick Douglas

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

10:20 AM - 11:00 AM Security Architecture

Remedies for Your Azure AD Nightmares

with Mick Douglas

Security teams struggle to solve a raft of Azure AD nightmares: global admin account takeovers, SAML token phishing attacks, lateral movement and privilege escalation. Guidance in this session will include how to:

  • Move beyond Azure AD default settings to better protect themselves
  • Better understand Azure AD red team tools and techniques
  • Better understand Azure AD configuration drift and change detection
  • Incorporate separation of duties and “4 eyeballs principles” into their approach
Bryson Bort

Bryson Bort

IANS Faculty

Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, as well as Co-Founder of ICS Village, a nonprofit advancing awareness of industrial control system security. He is a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute and DHS/CISA. Prior to that, Bryson led an elite offensive capabilities development group. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain.

Security Operations

Embrace the Sysmon Approach to Logging

with Bryson Bort

Security teams are concerned that their logging techniques are outdated, such as the arduous practice of scouring Active Directory to find needles in haystacks. They seek guidance to identify more sophisticated tools they should use, and many of the answers lie in an approach based around Microsoft System Monitoring (Sysmon) and Elasticsearch (ELK stack) tools. This session will provide attendees with a path forward, including:

  • Better understanding what Sysmon is and how it works
  • Identifying/using the high-fidelity logging tools Sysmon offers
  • Advancements in ELK stack that allow for more effective log aggregation and visualization
  • Determining how best to apply these tools in your environment
joff-thyer

Joff Thyer

IANS Faculty

Joff is a Security Analyst and Penetration Testerat Black Hills Information Security (BHIS). He has extensive experience covering intrusion prevention/detection systems, infrastructure defense, vulnerability analysis, defense bypass, source code analysis, and exploit research. He is also an Instructor at the SANS Institute where he primarily teaches the use of Python for information security purposes.

Threats & Vulnerabilities

Phishing and Ransomware: Defense and Recovery Tactics for 2021

with Joff Thyer

Ransomware and phishing attack methods continue to evolve, as do protection techniques. Security teams seek updates on what has changed this past year. This session will explore:

  • Case studies from the news: What victims did wrong and what they did right
  • Tools and techniques to use if an initial attack is successful
  • A look at how tactics differ for small teams vs. large teams
  • How to account for ransomware attacks -- including ransomware denial-of-service -- in your incident response plan
11:05 AM - 11:50 AM

Sponsor Tabletops & Technology Spotlight Sessions

Visit the Live Sessions Page to join topic-specific Technology Spotlight Sessions.
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research.

Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

11:50 AM - 12:30 PM Threats & Vulnerabilities

MITRE ATT&CK: New Use Cases for 2021

with Dave Kennedy

This session will provide security teams with fresh MITRE ATT&CK use cases to help them navigate threats and vulnerabilities in 2021, including those that apply to:

  • Holding vendors more accountable
  • Using adversarial simulation to improve coverage mapping
  • Using Atomic Red Team, SCYTHE and others to test what security products do and don’t do and create the coverage map needed to make improvements
  • Building in advancements for threat modeling/hunting and purple team testing
joff-thyer

Joff Thyer

IANS Faculty

Joff is a Security Analyst and Penetration Testerat Black Hills Information Security (BHIS). He has extensive experience covering intrusion prevention/detection systems, infrastructure defense, vulnerability analysis, defense bypass, source code analysis, and exploit research. He is also an Instructor at the SANS Institute where he primarily teaches the use of Python for information security purposes.

Security Architecture

Is Your Migration to the Cloud 'Fast Enough'?

with Joff Thyer

Security teams face mounting pressure from the business to accelerate the move to the cloud. Security teams seek best practices and tools that allow them to maintain security checks and balances without slowing the business down. This session will explore how to:

  • Understand what constitutes a realistic, secure migration plan they can achieve
  • Use industry data on what normal actually looks like in order to instill upper management with confidence
  • Identify situations where it’s ok not to migrate specific technology (for example: mainframes, medical devices, mixed tech stacks)
  • Assess the pros and cons of lift-and-shift vs. the greenfield approach to cloud migration and determine what’s best for you
Mick Douglas

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

Security Operations

Incident Response: Fixing What's Wrong with Crisis Mangement

with Mick Douglas

Security teams are getting better at the technical side of incident response, but crisis management is still a pain point. This session details how to quickly and efficiently manage a crisis when the crush is on. This session explores:

  • Tips to help first responders take charge, including the art of speaking in short sentences and keeping a journal
  • Case study: What we can learn from the SEAL team approach
  • How integrating OODA (observe, orient, decide and act) Loop principals across the culture results in a faster, more effective crisis response
  • How agreed-on values and beliefs guide decision-making when pressure is extreme
  • How leaders’ character, substance and style impact those around them
12:30 PM - 12:55 PM

Networking Lunch

12:55 PM - 1:40 PM

Sponsor Tabletops & Technology Spotlight Sessions

Visit the Live Sessions Page to join topic-specific Technology Spotlight Sessions.
Bryson Bort

Bryson Bort

IANS Faculty

Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, as well as Co-Founder of ICS Village, a nonprofit advancing awareness of industrial control system security. He is a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute and DHS/CISA. Prior to that, Bryson led an elite offensive capabilities development group. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain.

dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research.

Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

Mick Douglas

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

1:40 PM - 2:00 PM

Ask Me Anything

with Bryson Bort, Dave Kennedy, and Mick Douglas Join these topic lounges led by IANS Faculty where you’ll have the opportunity to ask questions on your current GRC, security operations, security architecture, leadership, and threats and vulnerabilities challenges.
2:05 PM - 2:50 PM

Sponsor Tabletops & Technology Spotlight Sessions

Visit the Live Sessions Page to join topic-specific Technology Spotlight Sessions.
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research.

Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

2:50 PM - 3:30 PM Threats & Vulnerabilities

Where Critical Infrastructure is Threatened and How to Fix It

with Dave Kennedy

Nation states have increasingly targeted organizations managing critical infrastructure (utilities, for example) knowing that industrial control systems continue to run on antiquated technology. This session will offer security teams guidance to better determine their weaknesses and how to fix them, including how to:

  • Use adversarial emulation in IT/OT environments to better understand how attackers think when targeting infrastructure
  • Expand purple teaming to include development/operations to find/fix problems across a wider area
  • Better understand the right tools to bolster defenses (products and categories to consider)
  • Better understand which tools they have that can be repurposed
Bryson Bort

Bryson Bort

IANS Faculty

Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, as well as Co-Founder of ICS Village, a nonprofit advancing awareness of industrial control system security. He is a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute and DHS/CISA. Prior to that, Bryson led an elite offensive capabilities development group. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain.

GRC

Bringing Business Units and Third Parties into Your Risk Management Orbit

with Bryson Bort

Legal, human resources and privacy teams tend to be risk averse while the business side is usually pro-risk, leaving infosec stuck in the middle and often blamed for workflow hold-ups. Security teams need to master the mediator role and ensure accountability is spread out among teams. This session will explore how to:

  • Manage internal and external risks under one team
  • Better understand how other organizations quantify vulnerability risk
  • Adopt a per-application view of vulnerability management and bundling it into an application risk rating with an umbrella perspective
joff-thyer

Joff Thyer

IANS Faculty

Joff is a Security Analyst and Penetration Testerat Black Hills Information Security (BHIS). He has extensive experience covering intrusion prevention/detection systems, infrastructure defense, vulnerability analysis, defense bypass, source code analysis, and exploit research. He is also an Instructor at the SANS Institute where he primarily teaches the use of Python for information security purposes.

Threats & Vulnerabilities

Adversarial Emulation: Perfecting a Purple Team Holy Grail

with Joff Thyer

Security teams seek guidance to perfect the art of walking in the enemy’s shoes using the Purple Team Exercise Framework (an open-sourced purple team process), Cyber Threat Intelligence (CTI) research and CTI mapped to Adversary Behaviors/TTPs. This session will explore how to understand and more effectively use:

  • Attack infrastructure
  • Client/Blue Team planning techniques
  • Targeting systems
  • Purple Team exercise Flow
  • Tools that track the exercise and show value to upper management

2021 Charlotte/Nashville Virtual Speakers

Bryson Bort

Bryson Bort

IANS Faculty

Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, as well as Co-Founder of ICS Village, a nonprofit advancing awareness of industrial control system security. He is a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute and DHS/CISA. Prior to that, Bryson led an elite offensive capabilities development group. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain.

Presentations
  • Embrace the Sysmon Approach to LoggingAgenda10:20 AM - 11:00 AM
  • Ask Me AnythingAgenda1:40 PM - 2:00 PM
  • Bringing Business Units and Third Parties into Your Risk Management OrbitAgenda2:50 PM - 3:30 PM
Mick Douglas

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

Presentations
  • Remedies for Your Azure AD NightmaresAgenda10:20 AM - 11:00 AM
  • Incident Response: Fixing What's Wrong with Crisis MangementAgenda11:50 AM - 12:30 PM
  • Ask Me AnythingAgenda1:40 PM - 2:00 PM
dave-kennedy

Dave Kennedy

IANS Faculty

Dave is the Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research.

Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

Presentations
  • MITRE ATT&CK: New Use Cases for 2021Agenda11:50 AM - 12:30 PM
  • Ask Me AnythingAgenda1:40 PM - 2:00 PM
  • Where Critical Infrastructure is Threatened and How to Fix ItAgenda2:50 PM - 3:30 PM
Ed-Skoudis

Ed Skoudis

SANS Instructor and Fellow Founder, Counter Hack

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 20,000 cybersecurity professionals. He is a SANS Faculty Fellow and Instructor. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first experts brought in to provide after-attack analysis on major breaches where credit card and other sensitive financial data is lost.

Ed led the team that built NetWars, the low-cost, widely used cyber training and skills assessment ranges relied upon by military units and corporations with major assets at risk. His team also built CyberCity, the fully authentic urban cyber warfare simulator that was featured on the front page of the Washington Post. He was also the expert called in by the White House to test the security viability of the Trusted Internet Connection (TIC) that now protects US Government networks and lead the team that first publicly demonstrated significant security flaws in virtual machine technology. He has a rare capability of translating advanced technical knowledge into easy-to-master guidance as the popularity of his step-by-step Counter Hack books testifies. Ed earned an M.S. in Information Networking from Carnegie Mellon University, and his B.S. in Electrical Engineering from the University of Michigan, summa cum laude.

Presentations
  • From Cybersecurity Practitioner Up to The Board – Gaining Security Alignment Throughout an OrganizationAgenda9:00 AM - 9:30 AM
joff-thyer

Joff Thyer

IANS Faculty

Joff is a Security Analyst and Penetration Testerat Black Hills Information Security (BHIS). He has extensive experience covering intrusion prevention/detection systems, infrastructure defense, vulnerability analysis, defense bypass, source code analysis, and exploit research. He is also an Instructor at the SANS Institute where he primarily teaches the use of Python for information security purposes.

Presentations
  • Phishing and Ransomware: Defense and Recovery Tactics for 2021Agenda10:20 AM - 11:00 AM
  • Is Your Migration to the Cloud 'Fast Enough'?Agenda11:50 AM - 12:30 PM
  • Adversarial Emulation: Perfecting a Purple Team Holy GrailAgenda2:50 PM - 3:30 PM

Web Conference

Registrants will receive a logistics email with web conference meeting information one day prior to the event.

Registration Questions

Can I earn continuing education credits for attending the forum?

Attendees may earn up to 6 credits through our partnership with (ISC)2. Attendees will receive a Certificate of Completion one week after the forum concludes for any other certification needs. If you have provided IANS with your CISSP # during the registration process, then we will automatically submit to (ISC)2.

What is the registration fee?

The Forum is complimentary and open to active Information Security Professionals from private and public sector corporations and organizations.

What time does the Forum begin and end?

The Forum opens at 8:30, with the Keynote kicking off at 9:00am.

What's the registration deadline?
You can register for and IANS event up to the day of the event.

Onsite Questions

Are the presentations available for viewing after the Forum?

All IANS Faculty sessions presentation decks will be available after the Forum.

How can I promote my involvement with the event?

Please share your thoughts and excitement using our event hashtags found at the top of this page.

How can I submit my feedback on the Forum?

We encourage you to fill out our general survey located on the lobby page under Resources.

What can I expect when I attend an IANS event?

When attending an IANS Information Security Forum, you will have the opportunity to take part in technical and strategic Roundtable sessions that discuss the latest issues and trends found in the market. These Roundtable discussions are led by IANS Faculty who are also long-time information security practitioners. You will also have the chance to network with industry peers and learn about the newest technologies and services during any one of our Technology Spotlight sessions.

What is the best way to stay updated before and during the Forum?

For all updates please follow us on Twitter.

Will there be opportunities to network with peers and sponsors?

There will be chances to network with your peers throughout the day. Please use the direct messaging feature with the platform to connect with and chat with colleagues

General Information

Cancellations

IANS requests that cancellations please be submitted two weeks prior to a Forum. Reserved seats are limited.

Terms and Conditions

This Forum is produced by IANS, which reserves the right, in its sole discretion, to limit or deny access to the Forum to any entity or individual. Attendance to the Forum is complimentary and open to active information security professionals from private and public-sector corporations and organizations.

Individuals from information security solution providers (software, hardware, and consulting companies) are not eligible to attend unless affiliated with a sponsoring organization.

IANS reserves the right to share attendee contact information with event sponsors and other attendees. IANS will provide on-site opt-out forms that enable you to remove your contact information from being shared as described herein. No contact information will be shared prior to the event.

IANS Code of Conduct

IANS is committed to providing a harassment-free conference experience for all attendees, sponsors, speakers and staff regardless of gender, sexual orientation, disability, physical appearance, national origin, ethnicity, political affliction or religion.

IANS expects all participants to behave in a professional manner. IANS will not condone any form of sexual language and imagery, verbal threats or demands, offensive comments, intimidation, stalking, sustained disruption of session or events, inappropriate physical contract, and unwelcomed sexual attention.

If any form of written, social media, verbal, or physical harassment is reported, participant will be asked to stop and expected to comply immediately. Offender will be subject to expulsion from the conference.

If you are being harassed or notice someone being harassed, please contact the event staff. In the event of an emergency situation, please contact local authorities immediately.

We expect participants to follow these rules at all event venues and event-related social activities.

Attendee Contact

ians@iansresearch.com

Who Should Attend?

IANS Forum content is designed for information security practitioners across all industries. Attendees include CISOs, VPs and Managing Directors of Information Security, Information Security Architects, and Information Security Engineers.

Interested in Forum Sponsorship? Learn More.

Check out IANS other upcoming events