Skip to content

UPCOMING EVENTS

Data Breaches: Defense and Response: Chicago (Rosemont/O’Hare), Illinois

Strategies to help your organization prepare for, defend against and respond to breaches.

March 13, 2025

9:00am-5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

  

Overview

It is not a matter of if, but when your organization will be breached. Against these threats, enterprises try to build higher and more secure walls around their data and networks. This seems to be a never-ending arms race, as even the most sophisticated systems may, before long, present weaknesses that malicious technology can overcome.

What You Will Learn

In this one day conference attendees will learn:

  • From Crisis to Resilience: A Proactive Approach to Ransomware Recovery
  • Hold the Line: How to Understand, Prepare for, and Respond to Data Breaches
  • Ransomware: Preventing and Responding to One of the Fastest Growing Threats
  • Are You Losing Sleep Yet? Avoiding Artificial Insomnia and Protecting Your Data in the Age of Intelligent Attacks
  • Strategies to Control Breach Spread and Limit Data Loss
  • Preventing the Next Data Breach: Proactive Defense Strategies
  • Responding to a Data Breach – Insights from Industry Leaders (Panel Discussion)

Conference Price: $349.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

CONFERENCE AGENDA

8:00am – 9:00am: Registration and Continental Breakfast

9:00am – 9:50am: Preventing the Next Data Breach: Proactive Defense Strategies

In an era where data breaches are becoming increasingly common, prevention remains the most effective form of defense. This session will explore advanced strategies and tools organizations can implement to minimize the risk of a data breach. Topics include strengthening network defenses, using AI and machine learning for threat detection, zero trust architecture principles, and enhancing employee training to avoid social engineering attacks. Real-world case studies will illustrate how businesses have successfully thwarted potential breaches before they caused harm.

9:50am – 10:20am: Refreshment Break

10:20am – 11:10am: Are You Losing Sleep Yet? Avoiding Artificial Insomnia and Protecting Your Data in the Age of Intelligent Attacks

Jason Fruge, Resident CISO, XM Cyber

The rise of artificial intelligence (AI) has ushered in an era of unprecedented cyber threat sophistication. Organizations struggle with the volume of exposures, while AI empowers attackers to efficiently identify and exploit complex attack paths that were previously difficult to uncover.

This presentation examines the necessary shift to the more holistic approach of exposure management in the face of AI-driven attacks. We delve into the “choke points” concept, where seemingly disparate vulnerabilities converge to open pathways to critical assets. AI amplifies the attacker’s capabilities and changes the nature of attacks, demanding a proactive defense strategy.

We will explore the role of attack path modeling, demonstrating how attackers combine vulnerabilities, misconfigurations, and identity exposures to achieve their objectives. We highlight the importance of prioritizing the few critical exposures on choke points instead of remediating every vulnerability. Finally, we discuss the need for continuous improvement through regular attack path modeling and simulated penetration testing within a digital twin environment, enabling organizations to proactively identify and mitigate risks before AI-powered attacks can exploit them. This approach focuses on understanding the attacker’s perspective, anticipating their moves, and remediating choke points to boost cyber resilience.

Fruge

11:10am – 12:00pm: Hold the Line: How to Understand, Prepare for, and Respond to Data Breaches

Allyn Crowe, Principal Engineer, Nexum

Data breaches are all the rage right now, whether we want them to be or not. But, when someone says “data breach” what do they mean? How should we prepare for them? What’s a good way to respond? This session will take a practical technical and non-technical look at answering those very questions.

Crowe

12:00pm – 12:40pm: Lunch and Exhibit Break

12:40pm – 1:30pm: From Crisis to Resilience: A Proactive Approach to Ransomware Recovery

Randy Lee, Senior Systems Engineer – Enterprise, Veeam Software

Ransomware is no longer just a security threat—it’s a business continuity crisis. Organizations must move beyond reactive defense and embrace resilience, ensuring that backup and recovery strategies serve as frontline safeguards, not afterthoughts. In this session, we’ll walk through a practical, step-by-step framework for securing backups, responding to ransomware attacks, and enabling fast, clean recovery.

Attendees will gain actionable insights on:

  • Proactive measures to take before an attack
  • Effective response strategies during an attack
  • Best practices for rapid recovery after an attack

Join us for a deep dive into ransomware preparedness, incident response, and disaster recovery best practices—all from a backup and recovery perspective. Whether you’re an IT leader, security professional, or backup admin, you’ll leave with the tools, tactics, and mindset needed to minimize downtime and stay ahead of evolving ransomware threats.

Lee

1:30pm – 2:20pm: Strategies to Control Breach Spread and Limit Data Loss

Nathanael Iversen, Chief Evangelist, Zentera, Inc.

In this session, we will focus on the use of chambers, encrypted overlay networking, and OT/legacy systems isolation strategies that virtually eliminate lateral movement and exfiltration opportunities for attackers.  The practical operational and security considerations associated with these mechanisms will be discussed along with use cases and real-world examples.  If you have concern about the five to fifteen most critical systems in your organization, you won’t want to miss this session!

Iversen

2:20pm – 2:50pm: Refreshment Break

2:50pm – 3:40pm: Ransomware: Preventing and Responding to One of the Fastest Growing Threats

Mike Brunetti, Director of Professional Services, Entara

Ransomware attacks have skyrocketed in recent years, leaving organizations scrambling to protect their data and avoid costly payouts. This session will focus on the specifics of ransomware prevention and response. Attendees will learn how to strengthen their defenses against ransomware, develop effective backup and recovery strategies, and respond quickly to minimize damage when an attack occurs. Real-world examples will be used to highlight both successful defenses and lessons learned from ransomware incidents.

Brunetti

3:40pm – 4:30pm: Responding to a Data Breach – Insights from Industry Leaders (Panel Discussion)

In this panel discussion, cybersecurity experts and industry leaders will share their experiences and lessons learned from responding to major data breaches. Panelists will discuss the most common breach response pitfalls, best practices for containment and communication, and strategies for rebuilding trust with customers and stakeholders after a breach. The discussion will cover various industries and attack types, providing attendees with a broad perspective on managing breach response. A Q&A session will allow attendees to engage directly with the panelists.

Panelists will include:

  • Michael Boucher, CISO, JLL
  • Juan Felipe Gonzalez-Gomez, Cybersecurity Services Manager and Product Owner, Motorola Solutions
  • Victor Hsiang, CISO, GATX
  • Amir Javeri, Senior Manager, Cybersecurity and Privacy, Protiviti
  • Jatin Mannepalli, Information Security Officer, IMC Trading
  • Brian Palmer, Director IT Security & Infrastructure, Ventas
  • Other CISO/Data Breach Executives sharing strategies, tactics, and lessons learned

     

Boucher        Gonzalez-Gomez          Hsiang                      Javeri                    Mannepalli              Palmer

 

Conference Price: $349.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

CONFERENCE SPONSORS

 

https://cribl.io/
https://entaracorp.com/
https://www.nexuminc.com/
https://www.exabeam.com/
https://www.veeam.com/
https://xmcyber.com/
https://www.zentera.net/