Enterprise Risk / Security Management: Chicago
Strategies and techniques for leading and guiding IT through a business approach during dynamic times.
February 20, 2018
9:00am-5:00pm
7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded
Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois
Overview
In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.
With all of these challenges, how do you make this happen?
In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.
What You Will Learn
In this one day conference attendees will learn:
8:00am – 9:00am: Registration and Continental Breakfast
9:00am – 10:00am: Learning from InfoSec Fails – People, Process, and Technology
Derek Milroy, Information Security, U.S. Cellular
This presentation will highlight some of the reasons why InfoSec either fails or is perceived to fail. People, Process, and Technology issues will be presented with examples. The goal of this talk is to allow people to pick up some pointers for doing things better by analyzing real world failures. This talk makes use of jaded and cynical humor to get some of the lessons learned across.
Milroy
10:00am – 10:30am: Refreshment Break
10:30am – 11:30am: Risk Management – How to Demonstrate Security Program Value to Stakeholders
Keith Rayle, Strategist, Fortinet
Keith Rayle has created risk management programs and fixed ones that were broken. In his 20+ year of experience in consulting and operational security management, he has faced many challenges facing today’s security leaders. Risk management programs can be tough to implement and maintain toward a positive, valuable outcome to the organization. In this presentation Mr. Rayle will explore some common mistakes and how to fix them so your security team’s hard work is not wasted on simply checking off a requirement, but rather provides a strong return for the resource investment and a way to demonstrate security program value to stakeholders.
Rayle
11:30am – 12:30pm: Balancing Act: Ensuring compliance with GDPR and US Regulations
Chris Hoesly, Manager, Sales Engineering, Varonis
GDPR will go into effect in 2018, and will have a significant impact on enterprise cybersecurity and data governance policies and practices beyond the EU. It will significantly impacting global organizations based in the United States that handle data on EU citizens and residents.
Where should you start with this and what kind of plan should you put in place?
Hoesly
12:30pm – 1:30pm Luncheon
1:30pm – 2:30pm: Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)
Moderator:
Frank DePizzo, Major Accounts Manager, Infoblox
Panelists:
Nirav Shah, Head of Information Risk Management, Takeda Pharmaceuticals
Jessica Hendon, Physical & Information Security Officer, Alpine Bank
Justin Metallo, CISO, Beam Suntory
Brad Keller, JD, CTPRP, Sr. Director 3rd Party Strategy, Prevalent
and other CISOs sharing their experiences and lessons learned
Topics that will be covered include:
Shah Hendon Metallo Keller DePizzo
2:30pm – 3:00pm: Refreshment Break
3:00pm – 4:00pm: The Connected Worker and the Enterprise of Things
Chris Hazelton, Director, Enterprise Product Marketing at BlackBerry
The dependency on mobile devices will translate into a majority of enterprise computing outside of traditional PC computing. This will have the greatest impact with on campus (non-office-based) and off campus mobile workers who are becoming increasingly connected by rich real time communications powered by mobile applications running on wearable devices such as smart glasses. The rise of IoT in the enterprise, or the Enterprise of Things, will allow these workers to instantly connect with assets in the field to gain immediate understanding of the situation around them. This session will explore security concerns that come with these new tools and how to best address them.
Hazelton
4:00pm – 5:00pm: Breaches & Ransomware: How to Handle, How to Respond
Moderator:
Annur Sumar, Chief Technical Officer, MaeTech, Microsoft MVP, Former Vice President of IT D&P
Panelists:
Mitch Christian, Sr. IT Security Administrator, American Hotel Register Co.
Mike Boucher, Sr. Director, Information Risk Management, FTD
Henry Beverly, Deputy CIO, Clerk of Circuit Court of Cook County
and other CISOs/IT Executives will share their experiences
In this session, attendees will learn from CISOs and Security Executives as to how they are working through the challenges of Data Breaches and Ransomware.
Attendees will walk away with shared strategies and tactics that other organizations are employing.
Boucher Christian Beverly Sumar
Conference Price: $289.00 per person
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.
Exhibits
As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.