AI is putting legacy data governance processes under a microscope. In response, a number of key frameworks are emerging to provide a foundation for orgs to use as a starting point. This session dives into the strategic and tactical steps to take to improve AI governance, regardless of which framework you choose, and provides a rundown of some of the most prominent AI governance frameworks.

Large enterprise CISOs are managing multimillion-dollar security budgets while navigating increasingly complex roles. Despite high compensation many CISOs report low job satisfaction—leading a majority to remain open to new opportunities.

In February 2025, we discussed how the CISO role is shifting based on data from the IANS and Artico CISO Compensation and Budget survey. We focused on scope creep and how CISOs are reporting to the board. In this sequel to that conversation, IANS Faculty Steve Martano and Senior Research Director Nick Kakolowski will use benchmarking data to cover: CISO reporting lines and leveling within the organization, strategies to influence and manage perception cross-functionally, and ways the market is evolving and advice on how to adapt to changing expectations

IANS Senior Directors of Research Nick Kakolowski and Gina Glendening reflect on key infosec takeaways and trends they saw at RSAC Conference 2025.

This document outlines a framework for establishing an application pen testing program. It serves as a guide for application security managers, highlighting the essential components and documentation required to develop an effective program.

This free guide builds on CISA’s Zero Trust Maturity Model (ZTMM), offering practical controls, maturity objectives, and evidence aligned with NIST 800-171 to help you implement, evaluate and mature zero trust capabilities.  

Choosing a security vendor isn’t just a purchase—it’s a strategic move. CISOs who set clear expectations, run smart PoCs, and demand transparency build stronger, long-term security partnerships.

IANS Faculty Jake Williams will discuss Coinbase’s recent disclosure of a data breach, in which hackers stole customer data & are demanding a $20m ransom to not leak it. Coinbase – which stated it has not paid the ransom – said the stolen data includes customer names, addresses, phone numbers, email addresses, masked SSNs, govt IDs and passports. Jake will discuss what we know about the breach, what steps to take and what CISOs should be communicating to their executives.

This PAM Tech Essentials guide helps you understand core PAM product categories and management strategies, assess your organization's need for privileged access management, and determine the right level of investment based on your size and maturity.

This cybersecurity strategy template helps organizations align daily security efforts with long-term goals. It offers strategic guidance, clear direction, stakeholder alignment, and a customizable format to support a mature and focused cybersecurity program.