Skip to content

UPCOMING EVENTS

Enterprise Risk / Security Management: Chicago (Rosemont/O’Hare), Illinois

Strategies for reducing risk to the enterprise.

February 20, 2025

9:00am – 5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

  

 

Overview

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

With all of these challenges, how do you make this happen?

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn

In this one day conference attendees will learn:

  • Risk Mitigation Strategies – A CISO’s Guide
  • Learning from Risk Management and InfoSec Fails
  • Balancing Risk and Innovation in a Cloud-First AI World
  • Zero Trust in Action: From Concept to Execution
  • Supply Chain Security: Managing Third-Party Risks (Panel Discussion)
  • Balancing Cybersecurity Budgets with Business Needs (Panel Discussion)

Conference Price: $349.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

CONFERENCE AGENDA

8:00am – 9:00am: Registration and Continental Breakfast

9:00am – 10:00am: Learning from Risk Management and InfoSec Fails

Derek Milroy, Security Architect, Arthur J. Gallagher

Learning from common infosec fails.  Implementing controls less complete/pervasive than you think can leave residual risk in your environment that you weren’t aware of.  This talk covers some common controls and potential failure points due to implementation etc.

Milroy

10:00am – 10:30am: Refreshment Break

10:30am – 11:30am: Zero Trust in Action: From Concept to Execution

As cyber threats grow more sophisticated, adopting a Zero Trust architecture is no longer optional—it’s essential. This session will demystify Zero Trust principles and provide a roadmap for implementation across your enterprise. Topics include identity verification, micro-segmentation, and least-privilege access controls. Through case studies and practical examples, attendees will understand how to transform Zero Trust from a buzzword into a robust security strategy that safeguards critical assets.

11:30am – 12:30pm: 2025: The Year of AI Governance. Build a Scalable AI Governance Program with ISO 42001

Dixon Wright, Head of GRC, TrustCloud

Every company is using AI and building AI into their products and services. AI frameworks (ISO 42001, NIST AI RMF, HITRUST AI Security Assessment) and legislation (EU AI Act, Colorado Senate Bill 205, etc.) are being developed and enacted rapidly. AI questionnaires are being sent to vendors with AI products. Whether you are ready or not, AI is the next frontier of security, GRC, and privacy.

What can leaders do now to build an AI governance program that scales? Enter ISO 42001, an AI management system standard that provides a governance structure that can help organizations maintain security, privacy and privacy as technology frameworks, and legislation continue to rapidly change.

This talk will explain how to implement a scalable and integrated AI governance program with ISO 42001. Specifically we will cover efficient and effective ways to:

  • Assess 1st and 3rd Party risks
  • Implement controls
  • Get assessed
  • Share your posture with customers and partners

Wright

12:30am – 1:30pm: Lunch and Exhibit Break

1:30pm – 2:30pm: Risk Mitigation Strategies – A CISO’s Guide

Lori Kevin, Vice President, Enterprise IT & Security, IMO Health

Kevin

2:30pm – 3:00pm: Refreshment Break

3:00pm – 4:00pm: Balancing Cybersecurity Budgets with Business Needs (Panel Discussion)

Security is critical, but budgets are finite. This panel discussion will delve into the complex decision-making process behind prioritizing cybersecurity investments. Experts will share their approaches to balancing financial constraints with the need for robust defenses, addressing topics such as cost-effective tools, ROI on cybersecurity initiatives, and fostering executive buy-in. Attendees will gain insights into how to optimize security spending while aligning with broader business objectives.

Panelists will include:

  • Todd Covert, National General CISO, Allstate
  • Matt Cox, CISO, Mindsight
  • Michael Myint, Vice President Information Security, COTA
  • Ron Zochalski, CTO & CISO, Lake County Government – Indiana
  • Other CISOs/Information Security Executives sharing strategies, tactics and lessons learned.

 

Covert           Cox                 Myint                Zochalski

4:00pm – 5:00pm: Supply Chain Security: Managing Third-Party Risks (Panel Discussion)

The security of your organization is only as strong as the weakest link in your supply chain. This session explores the challenges of third-party risk management and offers solutions to ensure end-to-end security. Learn how to assess vendor risks, implement stringent contract requirements, and monitor ongoing compliance effectively. Case studies will highlight successful strategies for securing supply chains in a rapidly evolving digital world.

Panelists will include:

  • Brian Palmer, Director if IT Security & Infrastructure, Ventas, Inc.  
  • Other CISOs/Information Security Executives sharing strategies, tactics and lessons learned

Palmer

 

Conference Price: $349.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

CONFERENCE SPONSORS

 

https://www.keepersecurity.com/
https://www.recordedfuture.com/
https://www.secureworks.com/
https://www.trustcloud.ai/