Feedback from Attendees

Upcoming  2015 Events

Dec 3, 2015
Business Intelligence/Big Data/Big Data
Info

Dec 10, 2015
Mobile/Cloud/IoT Security
Info

Upcoming  2016 Events

Feb 4, 2016
Enterprise Risk/Security Management
Info
Dallas, TX

Feb 18, 2016
Enterprise Risk/Security Management
Info
Chicago, IL

Feb 29-Mar 1, 2016
IT Portfolio Management
Info
Las Vegas, NV

March 10, 2016
IT Leadership Strategies
Info
Chicago, IL

Mar 17, 2016
Cloud Computing Strategies
Info
Chicago, IL

April 20, 2016
Data Center Management Strategies
Info
Chicago, IL

April 26, 2016
Mobile / Cloud / IoT Security
Info
Chicago, IL

May 19, 2016
Digital Workplace Strategies
Info
Chicago, IL

May 25, 2016
IT Financial, Procurement & Asset Management
Chicago, IL
Info

June 2, 2016
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

June 9, 2016
Enterprise Risk/Security Management
Info
Chicago, IL

June 23-24, 2016
IT Portfolio Management
Info
Chicago, IL

July 20, 2016
IT Infrastructure / Operations  Management
Info
Chicago, IL

Sep 15, 2016
Data Center Management
Info
Chicago, IL

Sep 22, 2016
Enterprise Risk/Security Management
Info
Dallas, TX

Oct 6 , 2016
Enterprise Risk/Security Management
Info
Chicago, IL

Oct 20, 2016
IT Leadership Strategies
Info
Chicago, IL

Oct 27, 2016
Cloud Computing Strategies
Info
Chicago, IL

Nov 2-3, 2016
IT Portfolio Management
Info
Dallas, TX

Nov 17, 2016
IT Financial, Procurement & Asset Management
Chicago, IL
Info

Dec 1, 2016
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

Dec 8, 2016
Mobile/Cloud/IoT Security
Info
Chicago, IL

 

(Click here to add any of our upcoming events to your calendar)

 

 

Conferences that solve current IT challenges

Enterprise Risk / Security Management

Conference location: Donald E. Stephens Convention Center Rosemont (O'Hare) Illinois

Strategies for reducing risk to the enterprise.

October 1, 2015

9:00am-5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Bios

Conference location: Donald E. Stephens Convention Center Rosemont (O'Hare) Illinois

Overview

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

With all of these challenges, how do you make this happen?

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn

In this one day conference attendees will learn:

  • Digital Business & Risk Reduction: How the IT Security Organization Needs to Adapt

  • IT Risk & Social Engineering: Establishing Metrics to Manage the Human Layer

  • Securing Our Future: Lessons From the Human Immune System

  • Uncovering “Unknown Unknowns”: Detecting Compromise Before it Becomes a Crisis

  • Mobile/Cloud/IoT – Securing the Next Generation

  • Operationalizing Security/Risk – Maturing Solution Implementations

  • Cybersecurity and the CISO Action Plan: How Security Executives are Preparing and Responding

Conference Program

8:00am - 9:00am - Registration and Continental Breakfast

Beeskow

9:00am-10:00am

Digital Business & Risk Reduction: How the IT Security Organization Needs to Adapt

John Beeskow, EVP Security Strategy, CBI; former CISO, Flagstar Bank

Digital business includes the processes and technologies an organization leverages to progress. Organizations use these to increase revenue, provide better customer service, focus on innovation, etc. As physical and virtual worlds blur, what is the risk to your business? What should you be doing differently?

In this session attendees will learn how to:

  • Differentiate organization risks from information risks
  • How do we change human behavior
  • Is IT responsible for the data that moves through IoT - or is this some new team?
  • Do we need a Chief Digital Risk Officer?
  • Will IT Security need to be change or morph into something new?
  • How do we involve OT Security and IT Security?








10:00am -10:30am - Refreshment Break

Withrow

10:30am-11:30am

IT Risk & Social Engineering: Establishing Metrics to Manage the Human Layer

Wes Withrow, IT GRC Subject Matter Expert, TraceSecurity

The most damaging information security attacks often use low-tech social-engineering methods to trick users into sharing sensitive information. In spite of the significant money spent on email and web content filtering technologies, organizations ultimately must rely on the generally unreliable “human firewall” to thwart phishing attempts. For such an important class of critical security controls, it is surprisingly rare to formally configure and manage the human layer beyond ad-hoc techniques based on anecdotal, incomplete and inaccurate information.

There are now ways to safely use some of the methods employed by attackers to provide objective, understandable and actionable metrics to proactively measure, manage and improve the effectiveness of the last line of defense.

Objectives:

  • Take a real-world look at “configuring” the human firewall in the enterprise beyond generic security awareness training.
  • Define objective, understandable and actionable metrics around social engineering.
  • Discuss stories-from-the-trenches with examples that measured and improved the effectiveness of people, process and technology controls.
  • Help establish an “Information Security Awareness Operational Plan”, where employees thwart unauthorized attempts to obtain sensitive information.








Rogers

11:30am-12:30pm

Securing Our Future: Lessons From the Human Immune System

Ben Rogers, Systems Engineering Manager, Venafi

All signs point to a future world of more complex, harder to detect cyber threats. Our adversaries are exploiting what seems to be our strengths. Intel predicts the next big hacker marketplace to be in the sale of digital certificates ¬ already selling for more than $1000 each on Russian marketplaces. Gartner expects 50% of network attacks to use encrypted SSL/TLS in less than 2 years. What’s to do? The human immune system has evolved to defend and destroy complex and oftentimes overwhelming attacks. What can we learn from it? How can we create a future that’s more resistant as we use more software, more clouds, more apps, and more connected devices.








Penrose


12:30pm - 1:30pm Luncheon Discussion

Uncovering “Unknown Unknowns”: Detecting Compromise Before it Becomes a Crisis

Jim Penrose, EVP Cyber Intelligence, Darktrace; former Technical Director, NSA

Former NSA Technical Director and world renowned expert in innovative approaches to cyber operations, Jim Penrose, will lead a discussion solving complex cyber challenges for enterprises. As thought leader in the intelligence community, Jim will delve into what it takes to discover cyber threats in spite of a cyber security paradigm that has a stunning track record of failure. He will outline how an intelligence driven approach to discovery makes it possible to identify unknown/unknowns in a context that makes them relevant

In this session attendees will learn:

  • Intelligence driven approaches to cyber detection
  • Strategies for quickly identifying "unknown unknowns" in corporate and industrial networks
  • Applied methodologies of cyber attacks using the latest in machine learning technology and advanced mathematics








Muradian

1:30pm-2:30pm

Mobile/Cloud/IoT – Securing the Next Generation

Sevan Muradian, Sr. Sales Engineer, Fortinet

As enterprises embrace new technologies to move the business forward, the security ecosystem faces new threats. To mitigate these these threats the traditional security perimeter must evolve beyond network firewalls to leverage and combine a variety of technologies such as UTM, MDM, WAF, and SIEM in order to protect a business’ assets.

In this session, attendees will learn:

  • What attack vectors these technologies address?
  • How these technologies work?
  • How we combine to best mitigate threats







2:30pm - 3:00pm - Refreshment Break

Milroy

3:00pm-4:00pm

Operationalizing Security/Risk – Maturing Solution Implementations

Derek Milroy, IS Security Architect, US Cellular

Security tools and technologies are only as good as the processes and procedures that are put in place with them. Installing products and tools is not the same as implementing solutions. This presentation will highlight the differences between product installations vs. solution implementations, as well as discuss the use of ITIL-based methodologies to analyze current implementations, and ways to make them more mature. Often, when people hear the “ITIL” acronym, they cringe and think of endless trees being killed in support of all the documents that will be created. The approach detailed in this presentation is one that minimizes extraneous efforts, which includes tips on making documentation and processes focused and relevant vs. creating documents for the sake of having something to point to during an audit…






Stavnitser

Mattern

Germain

Coffing

Covert

Bivian

4:00pm-5:00pm

Cybersecurity and the CISO Action Plan: How Security Executives are Preparing and Responding

Moderator:
Leonid Stavnitser, Sr. Director, Security Solutions, Oracle
Panelists:
Troy Mattern, Deputy Head of Cyber Security, Head of Threat Management, Zurich Insurance Group
John Germain, Vice President, Infrastructure & Security Services, Xylem
Bruce Coffing, Senior Vice President - Global Information Security, Bank of America
Todd Covert, Information Security Officer, Northwest Community Healthcare
Paul Bivian, Chief Information Security Officer, City of Chicago
and other CISOs and Security Executives sharing experiences and lessons learned

Cybersecurity continues to be one of the top concerns of enterprises, even more so due to the complexity and severity of the threats. What steps are CISOs taking to prepare? What is their view on the next generation of cyberattacks?

In this session, attendees will learn from CISOs and other IT Security Executives as to how are managing this head-on.










Conference Price: $289.00 per person


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.