Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
Come join us as Mike Conley welcomes you to the IANS Minneapolis Information Security Forum.
Presented by: George Gerchow
Cloud Access Security Brokers (CASBs) have emerged in the last several years as a sound security-as-a-service (and on-prem) model for many moving to the cloud. In this session, we’ll explore the types of capabilities these service providers offer (including DLP, encryption and user activity auditing), and also compare the various providers and capabilities in the market today.
Presented by: Bill Dean
We’ve been talking about threat intelligence for years now. What’s really been effective in detecting and preventing attacks and breaches? What standards are emerging or commonly accepted? Are there any vendor feeds that really help? In this session, we’ll focus on practical ways to improve your threat intelligence capabilities, ranging from feed selection to internal data capture and analysis, as well as tools that help teams better manage threat intelligence functions.
Presented by: Michael Pinch
Everyone knows you should be doing threat modeling, but it often breaks down in practice. Too little structure can leave people unsure of what to do, while too much structure can make the threat modeling seem bureaucratic. In this session, you'll learn how to model your threats, avoid the most common traps and successfully apply threat modeling techniques in today’s agile/DevOps/cloud world. We’ll offer a simplified approach to threat modeling that’s designed to help you replicate the process each time you examine one of your systems.
Presented by: David Agran
As an information security professional, you make a big promise – to safeguard critical assets. To keep that promise, you must learn to thrive in a turbulent environment where corporate policy, goals and priorities don’t always align across departments. In this session, you will learn to put multiple conflicting forces in perspective and better manage diverse demands by putting big ideas such as emotional intelligence, political intelligence and organizational intelligence into practice.
Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space. To view sponsor onsite click here.
Presented by: Dave Shackleford
Endpoint protection remains the driving issue in security today, and it is going to become even more important as Internet-of-Things devices continue to proliferate. What can you do to measure and quantify the success of your endpoint protection efforts? What’s Plan B, C or even D? In this session, we’ll discuss strategies organizations can take to further enhance their endpoint protection efforts. We’ll also detail some of the tools in the marketplace today that work well (plus those that don’t).
Presented by: David Etue
Some say “IoT” stands for Internet of Threats, but businesses and consumers are rushing headlong into the adoption of everything from wearables to smart buildings. It's easy to dismiss the impact of the Internet of Things and make edicts to keep connected devices separate from enterprise IT networks, but the reality is not that simple. In this session, we'll examine the risks and collaborate on defensive tactics to build short- and long-term strategies to securely employ IoT technology.
The best way to detect someone climbing into your window is to properly instrument the window. It’s a different way of thinking about the problem of “too many alerts” in your operations center: Narrow the alerts down to activities you don’t expect to see occur. In this session, we’ll discuss how to cut through the noise with targeted alerts and offer tips and tricks to ensure your honeypot management doesn’t become a nightmare.
Day in and day out, information security professionals find themselves negotiating to make a practice or process safer. A prime example of this is negotiations with developers on issues from release plans to testing tools and protocols. In this highly interactive session, we’ll give you practical guidance on how to prepare and successfully negotiate to get what you need to improve the company risk posture.
Come re-live your childhood with giant tabletop games such as Uno, Jenga and Kerplunk while networking with peers! Hors d'eouvres and cocktails will be served!
To view the Full Agenda please click here
Come check in to receive your CPEs while enjoying a complimentary continental breakfast.
Security professionals continue to struggle with identity and access management controls as they move to the cloud. Will in-house options continue to work? Are identity-as-a-service (IDaaS) options viable? What controls should we consider when evaluating developer standards, cloud-provider capabilities and vendor products? In this session, we’ll delve into all these areas and more, helping attendees make decisions about IDAM options for current and future cloud deployments.
Today, endpoints are so much more than just Windows workstations. From OSX to iOS and Android and Windows XP to Windows 10, a very broad expanse of territory must be covered from an endpoint security perspective. In this session, we’ll offer recommendations on where to make important investments in endpoint security for the next 24 months as well as tips for evaluating next-gen AV solutions.
When non-infosec people are asked how to solve the current security mess, a common response is “encryption.” If only they knew how complex that answer actually is. Should the data be encrypted at rest? In motion? On mobile devices? When backed up in iCloud? In this session, we’ll discuss how your organization should be re-prioritizing encryption, what investments need to be made in the next few years and how your organization needs to be prepared to pivot its encryption capabilities into environments you may not have focused on before.
Information security professionals sign up for some daunting challenges, and building a toolkit of soft skills alongside your technical expertise can make the difference in meeting many of them. In this highly interactive session, we’ll explore strategies for handling conflict and emotion, getting positive results and building trust throughout your organization.
As the journey to the cloud continues, security professional have more options – and challenges – than ever before when it comes to securing enterprise data and applications. What’s changing, and what security controls are we still struggling with? In this session, we’ll look at frameworks for evaluating cloud providers, security controls in and for the cloud, security-as-a-service options and much more.
When designed correctly, tabletop exercises can help determine how well your people, processes and technologies are prepared for an incident – and improve that preparation over time. In this session, we’ll review the elements of an effective IR tabletop (from the structure to critical participants), and dive into interactive, scenario-based exercises to help you determine how well prepared you are for an attack.
Network-level security was once the only kind of security, and it was pretty much perfect until people started connecting to the internet. Now, after years of saying “network segmentation is too difficult,” many security organizations are starting to realize that it’s effective nonetheless. In this session, we’ll review the inherent security issues with analyzing your network and offer some tools and techniques for implementing network-level controls. We’ll also explore some of the political and technical obstacles to expect as you attempt to understand exactly what’s going on in your network, even if you don’t have full control over its architecture.
Information security professionals must make the most of every chance to influence executives, but making an impression on decision-makers takes facts, trust and self-awareness. In this interactive session, we’ll use discussion, role-play and small group exercises to help you learn how to analyze your audience and the situation, and then develop messaging that resonates with both technology and business leaders. We’ll show you how to prepare for your audience and adapt your presentation so you can confidently make your case to a variety of decision makers.
Don't forget to stay and catch final remarks from the IANS staff and have a chance to win some great prizes!
Two Center Plaza, Suite 500
Boston, MA 02108
© Copyright 2016 IANS.
All rights reserved.
Download our Mobile App for access to:
Build a Custom Agenda