Careers & People

6/5/2018
10:30 AM
50%
50%

Dark Reading Launches Second INsecurity Conference

To be held in Chicago Oct. 23-25, defense-focused conference will feature closed-door discussions, co-resident Black Hat Training sessions

Late last year, Dark Reading launched a new, different sort of cybersecurity conference: INsecurity, a live event devoted to practical online defense, and presented by the security practitioners themselves.

This year, we’re doing it again – only better.

INsecurity 2018, https://insecurity.com/, which will take place Oct. 23-25 at the Sheraton Grand Chicago, promises to be an even more useful, comprehensive, and fun event than our inaugural conference in November. Our goal: to make your cyber defenses more effective by enabling you to meet and learn from your peers.

Our INsecurity 2018 event will return with many of the activities and features that made last year’s conference so well received. We will offer two full days of sessions focused exclusively on the practice of cyber defense – the tasks and processes that you do every day – and how to improve on them. We will present three keynote sessions led by security practitioners from companies you know. We will open up a Business Hall that gives technology vendors a chance to show you the latest developments in defensive tools. Best of all, we will provide a full slate of group discussions – what we call Hot Topics and Roundtables – that allow security pros to safely talk to each other about real problems and solutions anonymously, under the Chatham House Rule.

But this year, we aren’t stopping there. On the two days preceding INsecurity, Oct. 21-22, we will feature two days of security training courses from our sister organization, Black Hat. The Black Hat Training sessions https://www.blackhat.com/tr-18/, which are among the most comprehensive and hands-on courses in the industry, will offer half-day and full-day technical instruction on some of the latest security issues and challenges, taught by some of the smartest experts in security.

At INsecurity, our goal is to get beyond the everyday cyber conference - and those dark rooms lit only by the glow of PowerPoint slides. In fact, more than half of the sessions at INsecurity are either expert-moderated group discussions that let peers exchange ideas or live demonstrations of common threats and practices such as ransomware attacks or breach response. Even in INsecurity’s general sessions taught by a single speaker, we encourage the audience to interact with the speaker and with each other to improve the learning experience.

The concept behind INsecurity is that security professionals need to talk more to each other. To that end, we offer food and drink all day, with areas for casual discussion among small groups of attendees. We offer moderated Roundtables that focus on specific topics, and larger Hot Topics discussions that enable attendees to ask specific questions and interact with colleagues as well as with an expert moderator. And of course, we provide opportunities for social interaction (enhanced, as needed, with proper lubricants).

If you check out the INsecurity website today, you’ll see that we’ve already selected some excellent topics and speakers from our call for speakers that closed in May. In the coming weeks, we’ll be adding more names and more topics to the site, and even asking attendees what they’d like to talk about in our Roundtable sessions. We’ll be adding the names of keynoters from enterprises that you know, and the logos of technology vendors who will be speaking and demonstrating real-life solutions in the Business Hall.

Our first INsecurity conference closed with rave reviews, and we plan to build on that momentum this fall in Chicago. We hope you’ll be among those who join us for a different kind of security conference – and the opportunity to really make a difference in your enterprise’s cyber defense.

Related links

 

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
No SOPA
50%
50%
No SOPA,
User Rank: Ninja
7/9/2018 | 7:42:55 PM
Non-Lethal Active Defense for Enterprises
Shlomo Hershkop's Non-Lethal Active Defense for Enterprises: A Better Alternative to "Hacking Back" is going to be great.  I've read loads of his pubs stretching back the early 00's.  This is a great topic considering some in the industry want to be able to attack back with strength, but most laws currently forbid such tactics.  Shlomo's defense and decoy tactics are legit.
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
2019 Attacker Playbook
Ericka Chickowski, Contributing Writer, Dark Reading,  12/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
[Sponsored Content] The State of Encryption and How to Improve It
[Sponsored Content] The State of Encryption and How to Improve It
Encryption and access controls are considered to be the ultimate safeguards to ensure the security and confidentiality of data, which is why they're mandated in so many compliance and regulatory standards. While the cybersecurity market boasts a wide variety of encryption technologies, many data breaches reveal that sensitive and personal data has often been left unencrypted and, therefore, vulnerable.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-1265
PUBLISHED: 2018-12-17
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) techniques. IBM X-Force ID: 124740.
CVE-2017-1272
PUBLISHED: 2018-12-17
IBM Security Guardium 10.0 and 10.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 124747. IBM X-Force ID: 124747.
CVE-2017-1597
PUBLISHED: 2018-12-17
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132610.
CVE-2018-1889
PUBLISHED: 2018-12-17
IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152080.
CVE-2018-1891
PUBLISHED: 2018-12-17
IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152082.