PAST EVENTS
Cloud Security Strategies: Chicago (Rosemont/O’Hare)
A framework for developing a robust cloud security strategy.
November 14, 2024
9:00am-5:00pm
7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded
Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois
Overview
Independent analysts show that through 2023, 95% of cloud security failures will be the fault of the end-user customer.
In this one day conference, attendees will learn tips, strategies and tactics for developing a robust cloud security strategy.
What You Will Learn
In this one-day conference, content that will be covered includes:
- It’s Time to Rethink Network Security for Cloud
- Securing Cloud Infrastructures: Navigating Compliance, Governance, and Automation for Resilient IT
- How to Build a Cloud Security Program from the Ground Up at a Large Enterprise
- Threats and Vulnerabilities in Cloud Environments
- From Reactive to Proactive: Digital Twins and the Future of Security
- How IT Executives are Refining their Cloud Security Programs (Panel Discussion)
Conference Price: $299.00 per person
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.
CONFERENCE AGENDA
9:00am – 10:00am: How to Build a Cloud Security Program from the Ground Up at a Large Enterprise
Viraj Jani, Head of Cloud Cybersecurity, Cummins
This session will kick off the conference with a comprehensive overview of the current cloud security landscape. It will cover the key cloud service models (IaaS, PaaS, SaaS), the shared responsibility model, and the most common security challenges faced by organizations today. Attendees will gain a solid foundation in cloud security principles, which will be essential for the more in-depth sessions later in the day.
Jani
10:00am – 10:30am: Refreshment & Exhibit Break
10:30am – 11:30am: Threats and Vulnerabilities in Cloud Environments
Will Phinney, Director, Infrastructure and Cloud Security/Technology Consulting Services, AccessIT Group
Tony Sabaj, Head of Channel Security Engineering for the Americas, Check Point Software
This session delves into the specific threats and vulnerabilities unique to cloud environments. The discussion will cover common attack vectors such as misconfigurations, data breaches, and insider threats. Real-world case studies will illustrate how these threats have impacted organizations and what lessons can be learned from past incidents.
Phinney Sabaj
11:30am – 12:30pm: It’s Time to Rethink Network Security for Cloud
Jeff Duke, Solutions Engineer, Aviatrix
Cloud architects, CIOs and CISOs will learn how their peers are reducing the complexity and costs of network security in the cloud. We will show exactly how enterprises are saving tens of thousands to millions of dollars annually by removing expensive licenses, compute, cloud data processing costs tied to using “Last Generation Firewall” architecture in the cloud. In addition to cost benefits, find out how the convergence of cloud networking and security brings policy inspection and enforcement into the natural path of traffic to improve performance, strengthen compliance, boost cyber resiliency, and accelerate cloud infrastructure automation projects.
Duke
12:30pm – 1:30pm: Lunch & Exhibit Break
1:30pm – 2:30pm: From Reactive to Proactive: Digital Twins and the Future of Security
Jason Fruge, Resident CISO, XM Cyber
Traditional vulnerability management is dead. Today’s complex hybrid environments demand a new approach to security. This session explores the evolution of vulnerability management and introduces Continuous Threat Exposure Management (CTEM). Learn how to gain complete visibility into your attack surface using Digital Twin technology and systemic risk mitigation strategies to defend against modern threats proactively, whether on-premise, in the cloud, or across your entire infrastructure.
Fruge
2:30pm – 3:00pm: Refreshment & Exhibit Break
3:00pm – 4:00pm: Securing Cloud Infrastructures: Navigating Compliance, Governance, and Automation for Resilient IT
Cooper Melgreen, Staff Solutions Engineer, HashiCorp
As organizations accelerate their shift to the cloud, maintaining compliance with regulations like GDPR and HIPAA has become mission-critical. This session dives into the complexities of building secure and compliant cloud infrastructures, exploring how cyber attacks impact business resilience and why governance frameworks are essential to safeguard against these threats. We’ll discuss the role of compliance standards as targets that guide security efforts across cloud services and emphasize how automation can reduce the error rates often introduced by manual processes. Attendees will gain insight into the challenges organizations face when building secure platforms, including the structural limitations posed by Conway’s Law, the persistent skills gap, and the overwhelming number of cloud tools (e.g., CNCF’s extensive landscape). By examining the bell curve of team sophistication, we’ll outline practical steps for meeting organizations where they are in their security maturity. Starting with Infrastructure as Code (IaC) and guardrails, this session offers a roadmap for establishing robust governance and compliance within evolving cloud environments.
Melgreen
4:00pm – 5:00pm: How IT Executives are Refining their Cloud Security Programs (Panel Discussion)
Moderated by: Phil Smith, Senior Account Executive, Puppet by Perforce
Panelists will include:
- Justin Greenblatt, Sr. Director of Architecture & Engineering- Vulnerability Response & Patch Mgmt., Arthur J. Gallagher
- Amir Javeri, Senior Manager, Cloud Security, Protiviti Cloud Security
- Dan Krueger, Senior Manager, Information Security, W.W. Grainger, Inc.
- Mike Neuman, AVP, Security & Compliance, VelocityEHS
- Brittany Vercillo, AVP, Manager – Information Security, Federal Home Loan Bank of Chicago
- Other Cloud Security executives sharing strategies, tactics, and lessons learned
Smith Greenblatt Javeri Krueger Neuman Vercillo
Conference Price: $299.00 per person
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.
Exhibits
As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.