Skip to content

UPCOMING EVENTS

Data Breaches: Defense and Response: Chicago (Rosemont/O’Hare), Illinois

Strategies to help your organization prepare for, defend against and respond to breaches.

March 18, 2026

9:00 a.m. – 5:00 p.m.

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

  

 

Overview

It is not a matter of if, but when your organization will be breached. Against these threats, enterprises try to build higher and more secure walls around their data and networks. This seems to be a never-ending arms race, as even the most sophisticated systems may, before long, present weaknesses that malicious technology can overcome.

What You Will Learn

In this one day conference attendees will learn:

  • How to Build an Effective Threat Investigation and Eradication Capability
  • The Threat Landscape for Enterprises
  • How to Bake Application Security into Your Application Development Environment (Panel Discussion)
  • Value of Investment – Balancing Data Corruption, Disaster Recovery, and Cost
  • Improving Security and Governance through Cloud Management
  • CyberThreats – How CISOs are Responding to Current & Emerging Security Risks (Panel Discussion)
  • Breaches & Ransomware: How to Handle, How to Respond (Panel Discussion)

CONFERENCE AGENDA

8:00 a.m. – 9:00 a.m. : Registration and Continental Breakfast

9:00 a.m. – 10:00 a.m. : Deconstructing the Latest Breach Tactics: What’s Working (and What’s Not) (Fireside Chat)

Moderator: Dan Horwich, Executive Director, CAMP IT Conferences

Panelists:

  • Mitch Christian, Head of Global Information Security & Infrastructure, Synergy Global Housing
  • Mike Neuman, AVP, Security & Compliance, VelocityEHS
  • Ron Zochalski, CISO/CTO, Lake County Government, Indiana

An in-depth look at modern breach techniques used by threat actors and practical defenses that are showing results in 2026. Explore how attackers are evolving their tradecraft and what defenders need to know to stay ahead.

Key takeaways:

  • Understanding breach methodologies with real case examples
  • Defensive controls that are proving effective
  • How to anticipate attacker behavior

       

        Horwich                Christian                Neuman                 Zochalski    

10:00 a.m. – 10:30 a.m. : Sponsor & Networking Break

 

10:30 a.m. – 11:30 a.m.:  Biggest Breach Risk Is Data You’ve Forgotten You Have

EJ Pappas, Field CTO, PKWARE

The most dangerous data in your environment isn’t the data you’re protecting, it’s the data you don’t know exists. Forgotten test environments, unclassified cloud storage, unstructured files sitting on endpoints for years. This session exposes the hidden data liability most organizations are carrying and builds the case for visibility as the first and most critical security control.

Topics covered:

  • The anatomy of forgotten data: where it lives and how it accumulates
  • Structured vs. unstructured data risk, why unstructured is the bigger problem
  • How test/QA environments quietly become your highest-risk exposure zone
  • Cloud storage and SaaS sprawl as invisible breach surfaces
  • Why you can’t protect what you can’t see, and what it costs when you find out the hard way
  • Building a continuous sensitive data inventory as a core security control
  • How visibility reduces blast radius before attackers, or AI , get there first

            Pappas

11:30 a.m. – 12:30 p.m. : How Adopting a Risk Based Mindset Can Improve Resilience

Tim Connolly, Senior Systems Engineer, Illumio

Adopting a risk-based mindset significantly enhances cyber resilience by enabling organizations to prioritize resources on protecting high-value assets, mitigate threats more effectively, and adapt dynamically to an evolving landscape. This strategic approach shifts focus from prevention to containment of breach, ensuring a more agile, efficient, and robust cybersecurity posture capable of minimizing the impact of cyberattacks.

          Connolly

12:30 p.m. – 1:30 p.m. : Lunch & Exhibits

 

1:30 p.m. – 2:30 p.m. : The Insider Isn’t Human Anymore – How AI and the Analytics Gap Are Fueling Insider Risk

John Nowotny, Principal Sales Engineer, Exabeam

Insider threats are now the top security risk, and a new class of insider has arrived: AI agents. Acting as themselves or on behalf of humans, these non-human insiders bring massive productivity gains—and equally massive risks. This session will give security leaders a concrete framework to evolve insider threat programs to detect and defend against them.

           Nowotny

 

 

2:30 p.m. – 3:00 p.m. : Sponsor Break

 

3:00 p.m. – 4:00 p.m. : Data Breaches Connect & Collaborate: Peer-Roundtables

Topics include:

  1. From Breach to Response: The First 24 Hours of an Incident

Focus: Incident response and decision-making under pressure.
Discussion :

  • How to detect a breach quickly
  • Building an effective incident response team
  • Legal, PR, and executive communication in the first day
  • Lessons learned from real breach timelines
  1. Human Error: The #1 Cause of Data Breaches

Focus: Insider risk and employee behavior.
Discussion:

  • Phishing and social engineering trends
  • Misconfigured cloud storage and accidental exposure
  • Security awareness programs that actually work
  • Balancing usability and security
  1. Ransomware in 2026: Prevention, Containment, and Recovery

Focus: Modern ransomware threats and organizational resilience.
Discussion:

  • Current attack techniques and entry points
  • Backup and recovery strategies
  • Zero Trust and network segmentation
  • Whether organizations should ever pay ransoms
  1. Third-Party and Supply Chain Breaches

Focus: Risk coming from vendors and partners.
Discussion:

  • Vendor security assessments and monitoring
  • Lessons from major supply chain attacks
  • Contractual security requirements
  • Continuous risk management for SaaS providers

4:00 p.m. – 5:00 p.m. : Expert Panel: Real-World Defense & Response – Lessons and Pitfalls (Panel Discussion)

 

Moderated by: Johnny Khan, Account Executive, Exabeam

Panelists will include:

  • David Fagan, Director of Cyber Security, Ferrara
  • Corey Hlavacek, Senior Director, Information Security, enVista
  • Victor Hsiang, CISO, GATX
  • Fred Kwong, Vice President & CISO, DeVry University
  • James Mountain, CISO Palmer College of Chiropractic
  • And other CISOs/IT Executives sharing strategies, tactics and lessons learned


A moderated panel featuring seasoned breach responders, CISOs, and security leaders sharing stories from the field — what worked, what didn’t, and how breaches reshaped security programs.

Discussion points:

  • Top breach response errors and how to avoid them
  • Board and executive engagement during crises
  • Post-breach remediation and monitoring priorities

      

           Khan                         Fagan                         Hlavacek                     Hsiang                   Kwong                   Mountain                    

Conference Price: $349.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.