PAST EVENTS

Enterprise Risk / Security Management

 

Strategies for reducing risk to the enterprise.

 

May 30, 2019

 

9:00am-5:00pm

 

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

 

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

      

Overview

 

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

 

With all of these challenges, how do you make this happen?

 

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn

 

In this one day conference attendees will learn:

  • Articulating the Value of InfoSec to Business Units
  • Know Where Your Next Attack is Coming From
    Attack prediction and resource prioritization using community-sourced data
  • Cyber Attacks: How Can You Reduce the Risk?
  • Risk Management – How to Demonstrate Security Program Value to Stakeholders
  • Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)
  • How Security and the CSO Can Build Trust with the Business (Panel)

 

Conference Price: $289.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Conference Program

8:00am – 9:00am: Registration and Continental Breakfast

9:00am-10:00am: The ABC’s of Building a Security Awareness Program

 

Janet Roberts, Global Head of Security Education & Awareness, Zurich Insurance Company Ltd.

 

Building a security awareness program is like building a house. You need a good foundation and framework before you paint the siding and put out the flower boxes. A solid, multi-faceted security awareness program should be designed to meet the needs of multiple types of learners and to reduce the human risk factor. This talk will discuss the building blocks to create a security awareness program, as well as the key skill sets needed in a security awareness leader and team.

 


Roberts

10:00am -10:30am: Refreshment Break

10:30am-11:30am: Know Where Your Next Attack is Coming From
Attack prediction and resource prioritization using community-sourced data

 

Todd Becker, Principal Consultant, Halock Security Labs
Steve Lawn, Senior Consultant, Halock Security Labs

 

With many information sources about emerging threats, how do you turn varying sources of data into comprehensive and meaningful insight?  Evolving compliance requirements, technologies, and business practices require a deep understanding of our industries’ potential risks and how to proactively address them.

 

This session focuses on:

  • Best practices to maximize your information security budget through industry threat index and data.
  • Using data to enhance your security strategy and practical applications for your organization.
  • Leveraging insights to spend your dollars most effectively.

 

     
Becker       Lawn

11:30am-12:30pm: Managing the Modern Attack Service with Cyber Exposure

 

Brian Cook, Security Engineer, Tenable

 

The attack surface for today’s IT landscape is a far cry from the past. Once focused on protecting traditional data centers, cybersecurity professionals are increasingly guarding a complex litany of modern assets like cloud instances, web-based applications, mobile devices, application containers and more. Failure to appropriately manage the unique characteristics of these technologies as a whole can jeopardize the entire risk management program. Join us for a discussion on how companies can reduce their risk and close their overall cyber exposure gap resulting from today’s challenging attack surfaces.

 


Cook

12:30pm – 1:30pm Luncheon

1:30pm-2:30pm: Modernize Your Approach to Data Protection

 

Mark Bennett, Sr. Behavioral Analytics & Insider Threat Specialist, Forcepoint

 

The security landscape is growing increasingly complex by the day: new headlines about large data breaches, increasing data migration to the cloud and, impacted brands. Yet the mission hasn’t changed: Board members as well as the market are demanding assurance of protecting sensitive data. This complexity must be met with a new proactive approach to security: View early warning signs and analyze your security data more effectively, even proactively shifting your posture in high risk situations to protect your data. Easily manage data security across your cloud and entire extended enterprise – including contractors and suppliers. In this session, you will learn how Risk-Adaptive Security can transform your security practice, creative flexibility in tactics and staffing models, and drive a more efficient security posture for your organization.

 


Bennett

2:30pm – 3:00pm: Refreshment Break

3:00pm-4:00pm: Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)

 

Moderator:
Annur Sumar, Chief Technology Officer, MaeTech
Panelists:
Liz Ogunti, Senior Manager IT Security and Compliance, JBT Corp.
Mark Shipman, District Director of Information Security, City Colleges of Chicago
Armando D’Onorio, Executive Director of Information Security Services, Purdue University Northwest
Jim Serr, Executive Director, IT, Joliet Junior College
and other enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned

 

Topics that will be covered include:

  • Contract outlining the business relationship between your organization and 3rd party vendor
  • How to monitor vendor performance to ensure that contractual obligations are being met
  • Guidelines regarding which party will have access to what information as part of the agreement
  • How to ensure that 3rd party vendors meet regulatory compliance guidelines for your industry

 

                    
Shipman    Ogunti         D’Onorio     Serr              Sumar

4:00pm-5:00pm: How Security and the CSO Can Build Trust with the Business (Panel)

 

Moderator:
Byron Rashed, Vice President of Marketing, Centripetal Networks
Panelists:
Jason Stradley, VP Security Technology, Strategy & Governance / Security Services, OCC
John Kellerhals, Information Security Manager, Wheels, Inc.
Larry Hunka, Vice-President, Chief Information Security Officer, Adtalem Global Education
Michael Zachman, Chief Security Officer, Zebra Technologies
and other CISOs/IT Security Executives sharing experiences and lessons learned

 

In this session, attendees will learn from a panel of IT security executives as to the strategies they are leveraging to insure their efforts are in sync with business priorities.

Topics covered:

  • How to identify leverage the following areas of value: reputation, regulation, revenue, resilience, and recession for continued investment and security spending
  • How to assess, understand and define security’s current and future roles in the extended enterprise
  • Where are security investments being made on personnel, processes, and technologies

 

                                        
Stradely          Kellerhals       Hunka              Zachman        Rashed

Conference Price: $289.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

CONFERENCE CO-SPONSORS