Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
Come join us as Mike Conley welcomes you to the IANS Minneapolis Information Security Forum.
A growing list of threats and a steady parade of breaches make cybersecurity seem like a never-ending battle. The truth, however, is that we’re now closer than ever to solving the cybersecurity conundrum for good. What will it take to master security in the next half decade? In this keynote, Sounil Yu will detail actions enterprise security professionals need to take – and those to avoid – in order to move toward this state of cybersecurity nirvana.
Presented by: George Gerchow
Cloud Access Security Brokers (CASBs) have emerged in the last several years as a sound security-as-a-service (and on-prem) model for many moving to the cloud. In this session, we’ll explore the types of capabilities these service providers offer (including DLP, encryption and user activity auditing), and also compare the various providers and capabilities in the market today.
Presented by: Bill Dean
We’ve been talking about threat intelligence for years now. What’s really been effective in detecting and preventing attacks and breaches? What standards are emerging or commonly accepted? Are there any vendor feeds that really help? In this session, we’ll focus on practical ways to improve your threat intelligence capabilities, ranging from feed selection to internal data capture and analysis, as well as tools that help teams better manage threat intelligence functions.
Presented by: Marcus Ranum
Over the last 15 years, we've witnessed a constant ebb and flow of network security tools. From the early days of intrusion detection systems (IDS) to today's wide selection of network-based monitoring controls, how should enterprises prioritize their investments in this space? In this session, we’ll provide an overview of the types of network-centric tools available, including a cost/benefit analysis of deception platforms, attack modeling systems and “next-gen IDS” platforms.
Presented by: David Agran
As an information security professional, you make a big promise – to safeguard critical assets. To keep that promise, you must learn to thrive in a turbulent environment where corporate policy, goals and priorities don’t always align across departments. In this session, you will learn to put multiple conflicting forces in perspective and better manage diverse demands by putting big ideas such as emotional intelligence, political intelligence and organizational intelligence into practice.
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space. To view sponsor onsite click here.
Learn how Bitcoin IoT and Darwin have joined forces to inspire anonymous monetization of Cyber-crime. This unique inflection point has evolved hacking into an estimated $500B industry. Learn about the latest threats and how various groups have leveraged Extortion as a Service for financial gain and intellectual property theft. Listen to what leading Enterprises and Service Providers are seeing in their environments today, and what they are doing to address these advancing threats to their business.
Presented by: Dave Shackleford
As organizations consider moving away from traditional SIEM toward a Big Data-oriented setup, a number of challenges confront them, from data security and privacy to the parsing of messages and the hunt for sophisticated attackers. In this session, we’ll explore how user and entity behavior analytics (UEBA), as well as security automation and orchestration, impact the monitoring and attack-detection framework. We also discuss the Top 10 challenges organizations need to overcome before they begin to leverage advanced data analytics.
Presented by: David Etue
Some say “IoT” stands for Internet of Threats, but businesses and consumers are rushing headlong into the adoption of everything from wearables to smart buildings. It's easy to dismiss the impact of the Internet of Things and make edicts to keep connected devices separate from enterprise IT networks, but the reality is not that simple. In this session, we'll examine the risks and collaborate on defensive tactics to build short- and long-term strategies to securely employ IoT technology.
The best way to detect someone climbing into your window is to properly instrument the window. It’s a different way of thinking about the problem of “too many alerts” in your operations center: Narrow the alerts down to activities you don’t expect to see occur. In this session, we’ll discuss how to cut through the noise with targeted alerts and offer tips and tricks to ensure your honeypot management doesn’t become a nightmare.
Day in and day out, information security professionals find themselves negotiating to make a practice or process safer. A prime example of this is negotiations with developers on issues from release plans to testing tools and protocols. In this highly interactive session, we’ll give you practical guidance on how to prepare and successfully negotiate to get what you need to improve the company risk posture.
Come re-live your childhood with giant tabletop games such as Uno, Jenga and Kerplunk while networking with peers! Hors d'eouvres and cocktails will be served!
To view the Full Agenda please click here
Come check in to receive your CPEs while enjoying a complimentary continental breakfast.
At present, the computer security landscape is shifting radically, as enterprises decide what should be done in-house and what should be done in the cloud. Practitioners are scrambling trying to figure out the implications of this shift: what happens to data goverance and vulnerability management? What are the implications for endpoint security? We'll look at how configuration management is one of the secret underlying drivers that is shaping the landscape of computer security.
Security professionals continue to struggle with identity and access management controls as they move to the cloud. Will in-house options continue to work? Are identity-as-a-service (IDaaS) options viable? What controls should we consider when evaluating developer standards, cloud-provider capabilities and vendor products? In this session, we’ll delve into all these areas and more, helping attendees make decisions about IDAM options for current and future cloud deployments.
Today, endpoints are so much more than just Windows workstations. From OSX to iOS and Android and Windows XP to Windows 10, a very broad expanse of territory must be covered from an endpoint security perspective. In this session, we’ll offer recommendations on where to make important investments in endpoint security for the next 24 months as well as tips for evaluating next-gen AV solutions.
When non-infosec people are asked how to solve the current security mess, a common response is “encryption.” If only they knew how complex that answer actually is. Should the data be encrypted at rest? In motion? On mobile devices? When backed up in iCloud? In this session, we’ll discuss how your organization should be re-prioritizing encryption, what investments need to be made in the next few years and how your organization needs to be prepared to pivot its encryption capabilities into environments you may not have focused on before.
Information security professionals sign up for some daunting challenges, and building a toolkit of soft skills alongside your technical expertise can make the difference in meeting many of them. In this highly interactive session, we’ll explore strategies for handling conflict and emotion, getting positive results and building trust throughout your organization.
As the journey to the cloud continues, security professional have more options – and challenges – than ever before when it comes to securing enterprise data and applications. What’s changing, and what security controls are we still struggling with? In this session, we’ll look at frameworks for evaluating cloud providers, security controls in and for the cloud, security-as-a-service options and much more.
When designed correctly, tabletop exercises can help determine how well your people, processes and technologies are prepared for an incident – and improve that preparation over time. In this session, we’ll review the elements of an effective IR tabletop (from the structure to critical participants), and dive into interactive, scenario-based exercises to help you determine how well prepared you are for an attack.
Network-level security was once the only kind of security, and it was pretty much perfect until people started connecting to the internet. Now, after years of saying “network segmentation is too difficult,” many security organizations are starting to realize that it’s effective nonetheless. In this session, we’ll review the inherent security issues with analyzing your network and offer some tools and techniques for implementing network-level controls. We’ll also explore some of the political and technical obstacles to expect as you attempt to understand exactly what’s going on in your network, even if you don’t have full control over its architecture.
Information security professionals must make the most of every chance to influence executives, but making an impression on decision-makers takes facts, trust and self-awareness. In this interactive session, we’ll use discussion, role-play and small group exercises to help you learn how to analyze your audience and the situation, and then develop messaging that resonates with both technology and business leaders. We’ll show you how to prepare for your audience and adapt your presentation so you can confidently make your case to a variety of decision makers.
Don't forget to stay and catch final remarks from the IANS staff and have a chance to win some great prizes!
Two Center Plaza, Suite 500
Boston, MA 02108
© Copyright 2016 IANS.
All rights reserved.
Download our Mobile App for access to:
Build a Custom Agenda