Skip to content

PAST EVENTS


Enterprise Risk / Security Management: Chicago (Rosemont/O’Hare), Illinois

Strategies for reducing risk to the enterprise.

May 4, 2023

9:00am-5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

    


Overview

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

With all of these challenges, how do you make this happen?

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.


What You Will Learn

Join us as we cover:

  • How to Ensure Your Suppliers are Meeting Your Security Requirements
  • Embedding a Culture of Security to Enable Smart, Secure Decision-Making (Panel Discussion)
  • Keeping Up with the Latest Security and Risk Management Trends
  • How to Build an Insider Threat Program
  • The Last Step in Moving to the Cloud – Network and Security as a Service
  • Managing Security Risk at the Speed of Business (Panel Discussion)

Conference Price: $299.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.


CONFERENCE AGENDA


8:00am – 9:00am: Registration and Continental Breakfast


9:00am – 9:50am: Keeping Up with the Latest Security and Risk Management Trends

Dmitriy Ayrapetov, VP, Product Management, Delinea

What’s the best approach to enterprise security? The prevailing consensus in the industry has generally been threat-based or compliance-based approaches. However, many organizations that use these approaches struggle to strike the right balance between technical tools and practical outcomes.

The answer is to focus on reducing risk.

Join us to get an actionable roadmap for success, including:

  • Examining 20 plus years of security paradigms — and learn why many of them fail
  • Explore the increasing risks tied to digital transformation initiatives
  • Understand how security intelligence helps teams make better decisions based on contextual data and metrics
  • Discover a proven, comprehensive framework for cybersecurity that emphasizes risk over threats
  • Learn how to create a persistent information advantage for better security — with a focus on being profitable

 

Ayrapetov


9:50am – 10:20am: Refreshment & Exhibit Break


10:20am – 11:10am: How to Build an Insider Threat Program

Ben Burkholder, Sr. Sales Engineer, Exabeam

Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything changes so quickly. Insider threat initiatives require a new, more focused approach.

This presentation will explore:

  • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
  • Four attributes of a successful insider threat program
  • How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster

 

 

Burkholder

 


11:10am – 12:00pm: Fireside Chat: Cyber Security Hiring Strategies

Hosted by: Zach Bastarache, Vice President of Business Development – Technology, inSpring

Cyber Security attacks are constantly evolving as is the technology and resources needed to counter them. Yet the US is facing a shortage in cyber security resources. In our fireside chat we will explore the following topics.

  • How can companies identify, hire, and retain the right talent to grow their cyber teams?
  • What technical and professional qualities in candidates lead to fantastic employees?
  • The gap between higher education and workplace readiness
  • Hiring trends in the cyber space

Panelist will include:

  • Victor Hsiang, CISO, GATX
  • Liz Ogunti, CISO, JBT Corporation
  • Trent Ridgway, Head of Cloud Infrastructure & Security / Senior IT Project Manager, Anning-Johnson Company
  • Other InfoSec executives

Bastarache                 Hsiang                 Ogunti              Ridgeway


12:00pm – 12:40pm:  Lunch & Exhibit Break


12:40pm – 1:30pm: Managing Security Risk at the Speed of Business (Panel Discussion)

As a valued partner to the business, CISOs need to lead with business first execution.

In this session, attendees will learn from CISOs/Security Executives as to how they are:

  • Leading a business first mentality
  • Looking at every security risk decision through the lens of business impact
  • How can security and IT operations can work together effectively to identify best cost actions that have the most meaningful impact on exposure to business compromise and impact
  • Understand what Cloud/DevOps/Digital mean for your risk management program

Moderated by: Michael Corvo, Regional Sales Director, Pentera

Panelists include:

  • Christopher Clai, Director, Information Security, Green Thumb Industries
  • Raum Sandoval, CISO, Entara 
  • Nicholas Opas, VP, Information Security Officer, Peoples Bank
  • Stella Danso, Global Senior Director – Security Governance, Risk, Compliance, and Privacy, Expedia Group
  • Jeffrey Deakins, CISO, Marmon Holdings, Inc.
  • Other CISOs and IT Security Leaders experiences, tactics, and lessons learned

  

Corvo                              Clai                    Sandoval                  Opas                        Danso                           Deakins

 


1:30pm – 2:20pm: Encryption: The Hard Way

Chris Gruel, Senior Solutions Architect, Akeyless

In this presentation, we will provide an overview of encryption key management from a DevOps perspective and highlight the best practices for ensuring the security of encryption keys. We will explore three real-world scenarios that DevOps professionals must navigate for encryption key management. We will stress the importance of using secure random number generators, storing keys in secure locations, encrypting keys, regularly rotating keys, implementing version control for keys, and synchronizing keys between organizations.

By the end of this lecture, you will understand the criticality of encryption key management and know how to implement best practices in your own work. With practical guidance and real-world scenarios, this seminar will equip you with the knowledge to ensure data privacy and security in your organization. As a member of the DevOps team, you cannot afford to overlook encryption key management in modern cybersecurity. Join this presentation to learn the best practices for managing encryption keys effectively and ensure your organization’s data privacy and security.

 

Gruel


2:20pm – 2:50pm: Refreshment & Exhibit Break


2:50pm – 3:40pm: The Last Step in Moving to the Cloud – Network and Security as a Service

Michael Kaunitz, Sr. SASE Solutions Specialist, Cloudflare

Your users and application have moved to the cloud but what comes next? How can you move your network and security infrastructure to the cloud as well while still maintaining the same level of visibility and control that you have traditional on premise solutions? In this session we will discuss the benefits of this architectural shift and explore how to get started with the least amount of risk to the business.

Kaunitz

 


3:40pm – 4:30pm: Embedding a Culture of Security to Enable Smart, Secure Decision-Making (Panel Discussion)

With the increased adoption of remote and hybrid work, the cybersecurity framework continues to expand. Security must be a high-priority for every company stakeholder, and CISOs must lead the charge.

Moderated by: Tim Poffenbarger, Director of Solutions Architecture, GitLab

Panelists include:

  • Derek Milroy, Information Security, U.S. Cellular
  • MJ McSheehy, Director of Information Security/CISO, Addison Group
  • Christina Payton, Vice President Information Technology & Security, Huse Culinary, Inc.
  • Kyle Joerger, AVP, Information Security Risk Manager, ABN AMRO Clearing USA LLC
  • Other CISOs and IT Security Leaders experiences, tactics, and lessons learned

 

   

Poffenbarger         Milroy              McSheehy                 Payton                  Joerger


Conference Price: $299.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.


Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.


Conference Sponsors