Security Architecture Strategies: Chicago (Rosemont/O’Hare), Illinois

Strategies to secure business driven enterprise architecture.

March 23, 2023

9:00am-5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

Overview

In order to build and run applications securely there are key architectural components that need to be in place. Without infrastructure components like proper encryption, standard authentication methods and logging standards developers are challenged to build secure applications. Without proper pre-production testing and event logging / analysis knowing if an application is under attack and should you worry when it is becomes virtually impossible. With the advent of containers and the ability to scale application across different platforms the problem only gets compounded.

This conference will present the key architectural components your company should have in place that will allow you to build, run and monitor applications more securely.

What You Will Learn

The C-suite understands that security policies and controls have a direct impact on the ability of organizations to respond to business disruption.

In this one day conference, attendees will learn:

• How Identity and Access Management Fits into Zero Trust
• Securing Applications from the Inside Out
• Information on the Cyber Threat Landscape
• 5 Steps to Success with Enterprise Information Security Architecture
• API MythBusters: Crushing Five Security Myths that are Crushing Your Safety
• Designing a Business Driven Security Architecture
• How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion)

Conference Price: $299.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

Overview

In order to build and run applications securely there are key architectural components that need to be in place. Without infrastructure components like proper encryption, standard authentication methods and logging standards developers are challenged to build secure applications. Without proper pre-production testing and event logging / analysis knowing if an application is under attack and should you worry when it is becomes virtually impossible. With the advent of containers and the ability to scale application across different platforms the problem only gets compounded.

This conference will present the key architectural components your company should have in place that will allow you to build, run and monitor applications more securely.

What You Will Learn

The C-suite understands that security policies and controls have a direct impact on the ability of organizations to respond to business disruption.

In this one day conference, attendees will learn:

• How Identity and Access Management Fits into Zero Trust
• Securing Applications from the Inside Out
• Information on the Cyber Threat Landscape
• 5 Steps to Success with Enterprise Information Security Architecture
• API MythBusters: Crushing Five Security Myths that are Crushing Your Safety
• Designing a Business Driven Security Architecture
• How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion)

Conference Price: $299.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Conference Program

9:00am – 10:00am: Designing a Business-Driven Security Architecture

In this session, attendees will learn how to make sure their security architecture aligns with the ever-changing needs of the business.

10:00am – 10:30am:  Refreshment Break

10:30am – 11:30am: 5 Steps to Success with Information Security Architecture (Breakout Session)

In this session, attendees will go through five crucial steps for an effective Security Architecture:

• Assess your current security situation.
• Analyze security insights (strategic and technical).
• Develop the logical security layer of the architecture.
• Design the EISA implementation.
• Treat architecture as an ongoing process.

11:30am – 12:30pm: The Cyber Threat Landscape

With the ever-increasing risk of cyber threats, insurance carriers are changing the rules. In this session, we’ll cover the reasons behind these changes and what you should expect to see from insurance carriers going forward. We will also cover how organizations need to adapt their cybersecurity approach and the frameworks behind it all.

Takeaways:

• Insurance carriers are responding to the growing number of security “incidents” with reduced coverage, increased costs, and more stringent requirements
• Traditional tools/approaches are no longer enough to satisfy the carriers’ requirements
• Organizations need to rethink their overall cybersecurity approach, across both infrastructure and personnel
• The NIST Security Operations Framework should be used as a guide to implement better cybersecurity posture, and can lead to better negotiations of cyber insurance

12:30pm – 1:30pm: Lunch & Exhibit Break

1:30pm – 2:30pm: API MythBusters: Crushing Five Security Myths that are Crushing Your Safety 

Digital transformation and application modernization are driving exponential growth in the use of APIs. While APIs are more functional than ever before, organizations are hanging onto old ways of thinking about API security and it’s making them an attractive target to hackers.

Join our session on the top five common industry myths surrounding API security. You’ll learn the pitfalls of some misguided API security approaches, cut through the hype around a few security trends, and get recommendations on how to improve your organization’s API security strategy.

Key takeaways:

• The impact trends such as zero-trust, cloud migration, containerization, and shift-left are having on API security
• The role of traditional security controls in API security – what they deliver and where they fall short
• The value of a full lifecycle approach in grappling with API security
• How to deploy dedicated API security that fits today’s automated, agile, and cloud-first environments

2:30pm-3:00pm: Refreshment Break

3:00pm-4:00pm: How Identity and Access Management Fits into Zero Trust

In a network that knows no perimeter, understanding exactly who and what is on the network and why they are there is essential to maintaining organizational security.  This is why a robust identity and access management (IAM) policy is fundamental to successfully deploying ZeroTrust.

In this session, attendees will learn how paying attention to IAM will make it easier to move forward with ZeroTrust.

4:00pm-5:00pm: How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion)

In this session, learn from a group of Senior Executives as to how they are working through the challenges.

Panelists include:

• Derek Milroy, Information Security, U.S. Cellular
• Other Security Executives sharing strategies, tactics, and lessons learned

Milroy