PAST EVENTS

Enterprise Risk / Security Management

 

Strategies for reducing risk to the enterprise.

 

October 3, 2019

 

8:30am-5:00pm

 

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

 

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

      

Overview

 

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

 

With all of these challenges, how do you make this happen?

 

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn

 

In this one day conference attendees will learn:

  • 2019 and Beyond: Security and Risk Management Trends
  • Strategies for Protecting Your Key Asset: Your Data
  • Reducing Through Insider Threat Through Effective Response
  • Cloud, Control & Security: Critical Security Controls You Should be Using
  • Managing Customers Identify in the Era of CCPA and Others
  • Zero Trust & Security Segmentation: Strategies for Ensuring Consistent Security Across Environments
  • CISO Leadership: How Can Security and Risk management Leaders Ensure Roles and Responsibilities are Clear? (Panel Discussion)
  • How to Integrate Security Planning into Digital Transformation Efforts (Panel Discussion)

Conference Program

8:00am – 8:30am: Registration and Continental Breakfast

8:30am-9:20am: 2019 and Beyond: Security and Risk Management Trends  

 

Ray Hicks, Founder & CEO, 5th Column

 

This presentation will describe the most significant trends in cybersecurity and how your organization needs to take advantage of these trends.

 

Key areas that will be covered include:

  • The next generation of threats
  • Trends in creating a top notch security organization
  • Strategic trends that will influence security strategy

 


Hicks

9:20am-10:10am: Protecting Your Key Asset: Your Data

 

Raul Gutierrez, Manager, Security Technologies Architects, Trustwave

 

Databases are a key target for hackers because of all the confidential and financial information stored there. In this session, attendees will learn:

  • Today’s Top Database Security Challenges
  • A strong Database Security Methodology
  • Database Security in the cloud
  • 10 Principals of Database Security Program design

 


Gutierrez

10:10am -10:40am: Refreshment Break

10:40am-11:30am: Zero Trust: Not Quite “Zero Risk”, But a Big Step Forward

 

Jason Garbis, VP of Products a Co-Chair of the CSA Software Defined Perimeter Working Group, Cyxtera

 

Traditional security architectures have failed to meet today’s security, risk, and compliance needs. There’s a growing recognition that a new “Zero Trust” approach is needed, but many questions about what exactly this approach looks like, and how to achieve it. In this session, we’ll define Zero Trust, and explain how a modern, open security architecture – the Software-Defined Perimeter – achieves its goals. We’ll then look at the benefits of this architecture through a risk management lens, including:

  • Reducing the risk of employee and third-party access for remote and on-premises users
  • Safely adopting new technologies, such as Cloud, without increasing risk
  • Ways to efficiently integrate security with existing business processes and security solutions

 

 


Garbis

11:30am-12:20pm: Cloud, Control & Security: Critical Security Controls You Should be Using

 

Dave Klein, Senior Director, Engineering & Architecture, GuardiCore

 

At a minimum, cloud computing breaks into 3 primary layers: SaaS, PaaS and IaaS. This presentation will explain the 3 primary security controls for each of these layers: CASB, CSPM and CWPP respectively.

 

No matter who is responsible for the security of the cloud workloads, the organization is ultimately responsible for what happens to their data.

 

Organizations must incorporate following security measures to ensure their cloud environments, applications, and data protected from unauthorized access.

  1. Know what you are responsible for
  2. Control Access
  3. Protect the data
  4. Secure credentials
  5. Security hygiene
  6. Improve visibility

 

 


Klein

12:20pm – 1:10pm Luncheon

1:10pm-2:00pm: Managing Customers Identify in the Era of CCPA and Others

 

Patrick Sullivan, CTO, Advanced Technology Group(Security), Akamai

 

Privacy regulations around the world continue to evolve.  In this presentation, Patrick Sullivan will cover the three common threats to customer privacy observed and provide actionable suggestions to combat these risks.

 

 


Sullivan

2:00pm-2:50pm: Zero Trust & Security Segmentation: Strategies for Ensuring Consistent Security Across Environments

 

Katey Wood, Senior Product Manager, Illumio

 

Enterprises struggling with increasingly complex infrastructure are turning to Zero Trust as a common security model for ensuring consistent security across environments. In fact, Forrester recently concluded that organizations using Zero Trust can mitigate risk by 37% and reduce security costs by more than 30%, potentially saving millions in their overall IT security budgets. Learn more about What is Zero Trust, what is security segmentation, and why traditional network architecture approaches fall short.

 


Wood

2:50pm – 3:20pm: Refreshment Break

3:20pm-4:10pm: CISO Leadership: How Can Security and Risk Management Leaders Ensure Roles and Responsibilities are Clear? (Panel discussion)

 

Moderator:
Bob Wolff, Director of Strategic Accounts, Tanium
Panelists:
Joseph Burkard, Chief Security Officer, Alight Solutions
Al Zieba, Director, Network and Security, IDEX Corporation
Riad Amro, Global CISO, Chief Information Security Officer, Grant Thornton International Ltd.
Victor Hsiang, CISO,  GATX
and other CISOs/Security Executives sharing strategies, tactics and lessons learned

 

The moment something bad happens the CISO is maligned for not properly protecting business information. How can security and risk management leaders ensure roles and responsibilities are clear? What can be done to ensure ownership of risk is well articulated? How much risk should the CISO actually own?

 

                   
Burkard      Zieba          Amro         Hsiang          Wolff

4:10pm-5:00pm: How to Integrate Security Planning into Digital Transformation Efforts (Panel discussion)

 

Moderator:
Annur Sumar, Chief Technology Officer, MaeTech
Panelists:
Eric Hansen, Head, Cyber Defense – Americas, Siemens
Fred Kwong, CISO, Delta Dental
Victor Hsiang, CISO,  GATX
and other CISOs/Security Executives sharing strategies, tactics and lessons learned

 

Digital transformation initiatives continue to question conventional information risk and security management. It requires a focused digital security program based on a clear vision and strategy.

 

In this session attendees will learn how to:

  • articulate a compelling vision for security and risk management.
  • identify the key ‘digital differences’ that must be integrated into the security program.

 

               
Hansen      Kwong        Hsiang         Sumar

Conference Price: $289.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

CONFERENCE CO-SPONSORS