InfoSec World Turns 25, Brings Together Cybersecurity Stalwarts for Invigorating Discussions and Knowledge-Sharing

• Conference addresses the most pertinent issues in information security, covering: cryptocurrency and blockchain; behavioral biometrics; social engineering; and more
• Features focused summits on infosec leadership, cloud security and staffing challenges as well as several pre- and post-conference workshops
• Special events in the Expo including old favorites like Capture the Flag and new additions just for the 25th anniversary being announced in the coming months

SOUTHBOUROUGH, Mass., October 18, 2018 – MIS Training Institute (MISTI), the international leader in information security, audit and IT audit training, announces that the 25th edition of InfoSec World, the longest running conference dedicated to the business of information security is scheduled for April 1-3, 2019 at Disney's Contemporary Resort, Lake Buena Vista, Florida. 

InfoSec World 2019 Conference and Expo brings together information security leaders and visionaries to examine the most pressing cybersecurity issues of the day and discuss the best way forward. Topical sessions at the conference focus on biodevice security, cryptocurrency and enterprise blockchain, threat hunting, ethical hacking, cyberlaw, encryption and risk management best practices, machine learning, the latest threat intelligence programs, and more.

“As the value of personal information and data continues to go up on the black market, so does the risk for enterprises,” said, [Jennifer Colligan], [Conference Producer], MISTI. “Information security is no longer just a line item on the agenda. It is a critical business continuity issue that’s top-of-mind at the C-level. At InfoSec World we aim to offer attendees involved in the business of security a chance to get practical tips and tricks and to take a page from the playbook of the best in the industry.” 

The three-day main conference includes stellar keynotes, lively panel discussions and provocative roundtables, and popular tech labs. In addition, attendees have an opportunity to choose from a myriad of pre- and post-conference workshops and summits. Hands-on pre- and post-conference workshops cover topics including: building an effective insider threat program; securing mobile devices and mobile applications; adversarial attacks; detections, and countermeasures; and building incident response playbooks, among others. Day-long summits focus on leadership, staffing challenges and cloud security. To top it all off, InfoSec World 2019 offers attendees unprecedented opportunities to network with more than 1,000 information security professionals from  various backgrounds, industries and countries.  

Can’t-Miss Sessions at InfoSec World 2019 Include:

The conference agenda covers all aspects of cybersecurity, including: cryptocurrency; threat hunting; cyberlaw; cyber intelligence; vulnerability management standards; machine learning algorithms; deception technology and identifying attacks; GDPR, and more. Listed here are the keynote sessions announced thus far. 

Social Engineering: From Attack to Protection
Chris Hadnagy, Chief Human Hacker, Social-Engineer, LLC

The four main vectors of social engineering – phishing, vishing, smshing and impersonation – are used against information security professionals and their companies every day. Is it possible to use those very same vectors to protect, train and educate your staff? This keynote address explains how the very methods used by attackers can also become your strongest protection against them.

Biomedical Device Security: Is There Hope, or Is Someone Going to Die? 
Tracey K. Hughes, Sr. Director of Clinical Engineering, Duke University Health System
Nina Alli, Cybersecurity Researcher, Biohacking Village at DEF CON
Chuck Kesler, Former CISO, Duke University Health System

As networked biomedical devices are increasingly critical to patient care, they are also notoriously insecure. Similar in nature to the problems seen with IoT, biomedical devices can be difficult to lock down, maintain, and monitor. Vendors struggle to provide operating system and software library patches in a timely fashion, and if the patient decides to apply patches on their own, they risk causing the device to malfunction.

Is there hope for securing these devices and protecting patient safety? Join Tracey Hughes and Chuck Kesler from Duke Health and cybersecurity researcher Nina Alli, as they discuss the types of problems that most frequently lead to biomedical device vulnerabilities as well as current and emerging solutions that address the types of issues affecting a wide spectrum of IoT devices.

Session highlights include:

Building Virtual Wireless Security Labs
Presented by: Adam Welle and Eric Azebu, Software Engineering Institute, Carnegie Mellon University

Most wireless security training courses are performed using physical wireless devices that must be purchased by instructors or learners. However, it is possible to conduct wireless security training in a virtual environment without the need for cumbersome physical wireless devices. Cyber security training courses that do not utilize wireless networks are typically trained completely within virtual environments. Wireless security training courses should be no different. In this lab attendees will learn how to leverage the mac80211_hwsim driver to create a Linux-based virtual wireless lab environment. Attendees will create virtual wireless devices and network them together inside of a virtual machine using standard access point and client software. The attendees will use various tools to survey and monitor wireless networks before carrying out several wireless attacks inside of this secure virtual training environment.

  • Create virtualized wireless networks without external hardware
  • Monitor and gather information about wireless networks
  • Perform wireless attacks in a secure virtual environment
  • Gain experience with popular wireless attack tools

Cyber Maturity for Businesses: From Survival to Empowerment
Presented by: Tony Sager, Center for Internet Security

  • How cyberdefense maturity and business maturity go hand-in-hand, and are both essential to the success of a modern enterprise
  • How Enterprises are struggling to integrate the complex risks and dependencies of modern technology into enterprise-level risk decision-making
  • How the CIS Controls help an Enterprise focus on, and make progress against, the most important attacks and risks that enterprises face
  • Broader business decision challenges, and how the CIS Controls are being used to address risk across a wide range of issues like metrics, auditing, insurance, and supply chain assessment

The listed features represent just a few of the highlights of the highly interactive and topical program. For more information on the conference, its detailed agenda as well as logistics, please visit:

To become a part of this vibrant community of global information security experts, register today!

About InfoSec World Conference and Expo

For 25 years security professionals have made InfoSec World the “business of security” conference. Produced by MIS Training Institute (MISTI), InfoSec World assembles information security professionals from every market and field of study, from nations around the world.

About MIS Training Institute

MIS Training Institute ( is the international leader in information security, audit, and IT audit training. MISTI has trained more than 200,000 delegates across five continents, offering conferences, on-site training, and seminars in Information Security, Internal and IT Auditing, SOX Compliance, Network Infrastructures, Operating Environments, and Enterprise Applications, as well as Web-based training.