InfoSec & Risk Management Track

The threat of cyber security breaches and compromises has become one of business’ greatest – and most unpredictable – risk factors. Understanding your attackers – their motivations, their methods of operation, and the exploits they create – is crucial to developing the right defenses and to measuring the risk that your organization faces.

The InfoSec and Risk Management Track offers a comprehensive look at the current threats posed by cyber attackers, the security vulnerabilities they exploit, and the potential impact of these attacks on your organization. Attendees will get firsthand descriptions of the latest exploits targeted at the enterprise, and recommendations on how to mitigate them. Attendees will also receive some common-sense guidance on how to quantify and measure the cyber risks they face – and how to use that risk measurement to build an IT security strategy that is both effective and affordable for the business. Attendees will get firsthand descriptions of the latest exploits targeted at the enterprise, and recommendations on how to mitigate them. They will also get a look at potential vulnerabilities and security issues created by today’s newest technologies – including mobile, cloud, and Internet of things – as well as a peek at next-generation security solutions.

Track Sponsors

Featured InfoSec & Risk Management Sessions
Sessions will be announced late fall. Stay tuned on Twitter by following @Interop.
Featured InfoSec & Risk Management Workshops
Go Hack Yourself: Offensive Security Tools for Enterprise Defenders
Offensive security tools aren’t just for penetration testers. Enterprise defenders can take advantage of the same tools and techniques to identify weaknesses in their networks and the humans contained within. Need to find your exposed vulnerabilities and get them fixed before the bad guys exploit them? Want to clean up the low-hanging fruit before a pen test so you can focus on more realistic, targeted threat scenarios? This class is a hands-on immersion in offensive security tools including tools like nmap, Metasploit, Arachni, recon-ng, and Phishing Frenzy. Participants will be provided a virtual machine pre-loaded with tools to use throughout the class. The focus will be on imparting practical skills that students will be able to apply immediately upon returning to work.
Instructor: John Sawyer, Senior Security Analyst, InGuardians

Integrating Risk and Security Into Your Organization’s DNA
Risk management practices and security controls are often perceived of as burdens or roadblocks by end users and executives. The goal of this workshop is to help you change those attitudes so that individuals don’t just comply with risk and security practices, but instinctively integrate them into everyday business activities. Adapting an organization’s DNA to effectively integrate risk and security requires a fundamental shift from authoritative and consequence-oriented approaches to consultative and benefit-oriented ones.  Instead of focusing on protecting the organization and its constituents from themselves, risk and security professionals will learn to empower individuals with information and insights to make business-appropriate decisions. This will ultimately make risk and security a business enabler instead of a roadblock to success. Topics will include information risk profiles, threat and vulnerability analysis, approaches to culture change, and risk and security considerations for the information supply chain.  Interactive discussions, examples, and cross-industry case studies will be presented throughout the workshop.
John Pironti, President, IP Architects, LLC

How to Register

The following passes will get you access to the Interop program:

Track Chair

Photo of John Pironti

John Pironti

President, IP Architects, LLC

John P. Pironti is the President of IP Architects, LLC. He has designed and implemented enterprise wide electronic business solutions, information security and risk management strategy and programs, enterprise resiliency capabilities, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, insurance, energy, government, hospitality, aerospace, healthcare, pharmaceuticals, media and entertainment, and information technology on a global scale. John has a number of industry certifications including Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information System Control (CRISC), Information Systems Security Architecture Professional and (ISSAP) and Information Systems Security Management Professional (ISSMP). John frequently provides briefings and acts as a trusted advisor to senior leaders of numerous organizations on information security and risk management and compliance topics and is also a member of a number of technical advisory boards for technology and services firms. He is also a published author and writer, highly quoted and often interviewed by global media, and an award winning frequent speaker on electronic business and information security and risk management topics at domestic and international industry conferences.

Photo of Tim Wilson

Tim Wilson

Editor-in-Chief and Co-Founder, Dark

Tim Wilson is editor-in-chief and co-founder of Dark, the IT industry’s most widely-read online community for computer security. In this role, Wilson is responsible for managing the site, assigning and editing much of the content, and writing breaking news stories. Wilson also directs the content behind Dark Reading's webcasts, digital issues, and the Dark Reading University program, and is a contributor to UBM’s Black Hat and Interop events. Wilson has been recognized three times as one of the top cybersecurity journalists in the U.S. in voting among his peers held by the SANS Institute. In 2011, Wilson was named one of the 50 Most Powerful Voices in Security in research conducted by SYS-CON Media. Prior to joining Dark, Wilson was the business editor for Network Computing, one of the industry’s leading communities on IT infrastructure and networking. A veteran of the IT industry, Wilson has spent 20 years as a journalist, including eight years as a top editor and reporter for CMP Media’s InternetWeek (originally called Communications Week). As executive editor of DataTrends Publications Inc., a newsletter publisher, Wilson founded four industry newsletters on the subject of data communications, edited several others, and wrote a half-dozen books on the topic. Wilson also has served as an industry analyst with two globally-recognized IT consulting firms: Decisys Inc. (now part of Gartner) and Enterprise Management Associates.


Join the mailing list to get the latest news, promos.