PAST EVENTS

Enterprise Risk / Security Management: Chicago

 

Strategies and techniques for leading and guiding IT through a business approach during dynamic times.

 

February 20, 2018

 

9:00am-5:00pm

 

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

 

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois


Overview

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

 

With all of these challenges, how do you make this happen?

 

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

 

What You Will Learn

 

In this one day conference attendees will learn:

 

  • Learning from InfoSec Fails – People, Process, and Technology
  • Articulating the Value of InfoSec to Business Units
  • Risk Management – How to Demonstrate Security Program Value to Stakeholders
  • Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)
  • Balancing Act: Ensuring compliance with GDPR and US Regulations
  • The Connected Worker and the Enterprise of Things
  • Breaches & Ransomware: How to Handle, How to Respond

Conference Program


8:00am – 9:00am: Registration and Continental Breakfast


9:00am – 10:00am: Learning from InfoSec Fails – People, Process, and Technology

 

Derek Milroy, Information Security, U.S. Cellular

 

This presentation will highlight some of the reasons why InfoSec either fails or is perceived to fail. People, Process, and Technology issues will be presented with examples. The goal of this talk is to allow people to pick up some pointers for doing things better by analyzing real world failures. This talk makes use of jaded and cynical humor to get some of the lessons learned across.

 


Milroy


10:00am – 10:30am: Refreshment Break


10:30am – 11:30am: Risk Management – How to Demonstrate Security Program Value to Stakeholders

 

Keith Rayle, Strategist, Fortinet

 

Keith Rayle has created risk management programs and fixed ones that were broken. In his 20+ year of experience in consulting and operational security management, he has faced many challenges facing today’s security leaders. Risk management programs can be tough to implement and maintain toward a positive, valuable outcome to the organization. In this presentation Mr. Rayle will explore some common mistakes and how to fix them so your security team’s hard work is not wasted on simply checking off a requirement, but rather provides a strong return for the resource investment and a way to demonstrate security program value to stakeholders.

 


Rayle


11:30am – 12:30pm: Balancing Act: Ensuring compliance with GDPR and US Regulations

 

Chris Hoesly, Manager, Sales Engineering, Varonis

 

GDPR will go into effect in 2018, and will have a significant impact on enterprise cybersecurity and data governance policies and practices beyond the EU. It will significantly impacting global organizations based in the United States that handle data on EU citizens and residents.

 

Where should you start with this and what kind of plan should you put in place?

 


Hoesly


12:30pm – 1:30pm Luncheon


1:30pm – 2:30pm: Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)

 

Moderator:
Frank DePizzo, Major Accounts Manager, Infoblox
Panelists:

Nirav Shah, Head of Information Risk Management, Takeda Pharmaceuticals
Jessica Hendon, Physical & Information Security Officer, Alpine Bank
Justin Metallo, CISO, Beam Suntory
Brad Keller, JD, CTPRP, Sr. Director 3rd Party Strategy, Prevalent

and other CISOs sharing their experiences and lessons learned

 

Topics that will be covered include:

  • Contract outlining the business relationship between your organization and 3rd party vendor
  • How to monitor vendor performance to ensure that contractual obligations are being met
  • Guidelines regarding which party will have access to what information as part of the agreement
  • How to ensure that 3rd party vendors meet regulatory compliance guidelines for your industry

 

                    
Shah           Hendon     Metallo       Keller           DePizzo


2:30pm – 3:00pm: Refreshment Break


3:00pm – 4:00pm: The Connected Worker and the Enterprise of Things

 

Chris Hazelton, Director, Enterprise Product Marketing at BlackBerry

 

The dependency on mobile devices will translate into a majority of enterprise computing outside of traditional PC computing. This will have the greatest impact with on campus (non-office-based) and off campus mobile workers who are becoming increasingly connected by rich real time communications powered by mobile applications running on wearable devices such as smart glasses. The rise of IoT in the enterprise, or the Enterprise of Things, will allow these workers to instantly connect with assets in the field to gain immediate understanding of the situation around them. This session will explore security concerns that come with these new tools and how to best address them.

 


Hazelton


4:00pm – 5:00pm: Breaches & Ransomware: How to Handle, How to Respond

 

Moderator:
Annur Sumar, Chief Technical Officer, MaeTech,  Microsoft MVP, Former Vice President of IT D&P
Panelists:

Mitch Christian, Sr. IT Security Administrator, American Hotel Register Co.
Mike Boucher, Sr. Director, Information Risk Management, FTD
Henry Beverly, Deputy CIO, Clerk of Circuit Court of Cook County
and other CISOs/IT Executives will share their experiences

 

In this session, attendees will learn from CISOs and Security Executives as to how they are working through the challenges of Data Breaches and Ransomware.

 

Attendees will walk away with shared strategies and tactics that other organizations are employing.

 

               
Boucher     Christian     Beverly     Sumar


Conference Price: $289.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.


Conference Co-Sponsors