Feedback from
Attendees

Upcoming
Events:

Sep 21, 2010

Enterprise DR/BC -

HA/Resilient Infrastructure

Info

 

Sep 30, 2010

Project and Portfolio

Mgmt

Info

 

Oct 7, 2010

VDI / Desktop Virtualization

Strategies - Implementation

and Management

Info

 

Oct 21, 2010

e-Mail Archiving

Info

 

Nov 4, 2010

The CIO Agenda -

2011 and Beyond

Info

 

Nov 18, 2010

DR/BC
Data Protection

Strategies

Info

 

Dec 9, 2010

Business Intelligence/

Performance Mgmt

Strategies

Info

 

2011 Events

 

Feb 3, 2011

Ent Risk/Security Mgmt

Info

 

Feb 17, 2011

Project and Portfolio Mgmt

Info

 

March 3, 2011

Cloud Computing

Info

 

March 17, 2011

IT Architecture

Info

 

April 7, 2011

Ent DR/BC / Resiliency

Info

 

April 28, 2011

Desktop Virtualization

Strategies

Info

 

May 5, 2011

Business Intelligence and

Analytics

Info

 

May 19, 2011

e-Mail Archiving

Info

 

June 9, 2011

Ent Risk/Security Mgmt-LLM

Info

 

July 14, 2011

IT Leadership Strategies

Info

 

Sep 9, 2011

Enterprise DR/BC / HA

Info

 

Oct 6, 2011

Cloud Computing

Info

 

Oct 20, 2011

Desktop Virtualization

Info

 

Nov 3, 2011

CIO: IT Leadership

Strategies

Info

 

Nov 17, 2011

Ent DR/BC / Data

Protection

Info

 

Dec 8, 2011

Business Intelligence/MDM

Info

 

 

Home  |  Attending   |  Speaking  |  Sponsoring  |  About   |  Contact 

Conferences that solve current IT challenges

Enterprise Risk - Security Management

Strategies for adopting a comprehensive IT GRC (Governance/Risk Management/Compliance) approach to managing information adhering to business needs

June 18, 2009
9:00 a.m. to 5:00 p.m.

CISSP Credits Awarded

Donald E. Stephens Convention Center
Rosemont (O'Hare) Illinois

 Speaker BiographiesRegister
Overview

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise.  A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources.  It is through a risk management framework that real value to the business can be achieved.

With all of these challenges, how do you make this happen?

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

Who Should Attend:
CIOs/CISOs
VPs/IT Directors
Security Managers/Architects
Network Managers 

 

Conference Program

8:00am - 9:00am - Registration and Continental Breakfast

9:00am-10:00am
How to Design and Improve a Holistic IT Risk/Security Management Plan
Min Ju, Security Strategist, Symantec

Michael Tyk, Senior Lead Principal, Symantec


Ju

Tyk

An effective risk management program takes into account the needs of the extended enterprise in addition to IT.  Technology is involved, but before any purchase decisions are made it is imperative that your organization has policies in place that will lay the foundation for your program. 

In this session attendees will learn how to:

  • Select IT Risk Assessment Methods
  • Perform and IT Risk analysis
  • Implement Policies and Procedures
  • Involve Risk in Your Governance Framework
  • Involve Compliance, Security, Disaster Recovery and High Availability in Your Risk Management Plan

Punwani

Reeder

Troyer

Maychruk

Yetnikoff

 

10:00am - 10:30am - Refreshment Break

 

10:30am -11:30am

How Information Security and Regulatory Risk Management are Affected By the Current Economy
 Moderator:Amit Punwani, Business Manager, IBM

Panelists:
Andy Reeder, CISSP, CISA, Director, HIPAA Privacy and Security, Rush University Medical Center
Kurt Troyer, Information Security Officer, Illinois Tool Works
Andrew C. Maychruk, Chief Information Officer, THE PRIVATEBANK

Arlene Yetnikoff, Director of Information Security, DePaul University

The current economic climate has presented many challenges for security and risk leaders. Questions that are being asked may be consistent along technical areas, but much different based on business and specific vertical issues. 

For example:

  • Healthcare - the ARRA will amend HIPAA and cause more attention to regulatory enforcement for privacy and security - what are organizations doing to manage risk?

  • Financial - how has the recovery affected the bottom line and how are resources being managed; what are the major regulatory challenges in managing risk now?

  • Manufacturing - if things have slowed - is risk being managed effectively, and how so?

In this session attendees will learn from a panel of seasoned IT security and risk leaders as to how they are handling these challenges.

 
 
11:30am -12:30pm

Harris
Implementing Effective Metrics: How to Measure Your Security Risks and Make Sense of the Results
 Danny Harris, Manager of Information Security Policy and Awareness, The Aon Corporation

A generally accepted principle is that an activity cannot be managed if it cannot be measured. This principle relates to IT security as well.  By implementing an effective metrics program, security managers can determine the effectiveness of various elements, the security of an individual system, tool, process, and the ability of individuals or teams within an organization to address security issues for which they are responsible.

Security measurements can also help identify the level of risk in not taking a given action, and in help provide guidance in prioritizing corrective actions. Additionally, they may be used to raise the level of security awareness within the organization.

In this session attendees will learn strategies to help determine the following:
  • Are we more secure today than we were yesterday?
  • How do we compare to other organizations?
  • Do we believe we are secure enough to adapt to unforeseen problems?
  • If not, what actions should we take?
 
12:30pm - 1:30pm - Luncheon 
 
1:30pm - 2:30pm

Hawke
How to Manage Endpoints in a Distributed, Cloud-based Environment
Sandy Hawke, Director Product Marketing, BigFix

The evolution of the enterprise network has had its benefits.  From a centralized LAN to today’s distributed WAN and telecommuting trends, to the imminent rise of cloud-based computing, users have had much richer and more ubiquitous access to IT services than ever before.  But how does that impact how IT operations and IT security delivers and validates efficient systems and security management?

In this session, we’ll review the many benefits of cloud computing and cloud-based security services such as: cost reduction; risk transference; speedier remediation than legacy approaches; and a simpler infrastructure.  Unfortunately, what can come with some of these approaches is a significant loss of visibility and control, which highlights the need for effective endpoint security management wherever those endpoints roam.  

You’ll walk away from the session with recommendations on how to:

  • Evolve your endpoint security management to accommodate this type of network architecture
  • Reap the benefits of cloud-based security protection – particularly for roaming assets
  • Maintain the health and security of endpoints through better visibility and continuous control – regardless of your existing network architecture

    Bower


    Rowe

    Guth

    Sullivan

    Gabriel

2:30pm - 3:00pm - Refreshment Break 

3:00pm - 4:00pm

How IT Security Organizations are Protecting Customer Data
Moderator: Mark Bower, VP, Product Management, Voltage Security
Panelists:

Ken Rowe, Director of Enterprise Systems Assurance and Information Security, University of Illinois

Mark Guth, Senior Manager IS Security, Nicor Gas

Steve Sullivan, Director, IT - Information Security Officer, Central DuPage Hospital

Michael Gabriel, CISSP, CISA, Corporate Information Security Officer, Career Education Corporation

 

Customer data is the lifeblood of every business.  Given the current climate protection of this data takes on an event greater importance than ever before.  As organizations are preparing for the economic recovery, what should they be thinking about?   

In this session attendees will learn from a panel of enterprise IT security and risk professionals.

 Topics that will be covered include:

  • Market dynamics
  • PCI and other regulatory drivers
  • The risks of non-compliance
  • How companies are protecting databases and applications

 

 

4:00pm - 5:00pm

Lee

Burke

Holden

Burkard

Rushing

Mitigating Insider Threats: Effective Strategies for Preventing Data Leakage
Moderator: Victor C. Lee, Data Protection Marketing, Trend Micro
Panelists: Tim Burke, Information Security Manager, QBE the Americas
 Alex Holden, CISSP, Chief Information Security Officer, Robert W. Baird & Co., Inc.
Joseph Burkard, Director, Global IT, IT Security and Risk Management, Baxter International Inc.
Richard Rushing, Senior Director of Information Security, Mobile Devices, Motorola


Data leakage can take many forms, and the reality is that it can be much more dangerous to an organization’s well being than the phrase implies. Many times it is unintentional, but, it is often the result of those who are trusted on the inside that for whatever reason may have something to gain by the loss or disposal of company sensitive information. 

 

How do you protect your confidential information?  How do you protect your organization’s reputation?

In this session attendees will learn from a panel of senior enterprise IT professionals as to how they are working through the challenges of mitigating insiders threats and preventing data leakage.

 

 

 

 

 

 

 

What You Will Learn

 

In this one day conference attendees will learn:

  • How to take control of your Risk Management Program

  • How to drive Compliance issues instead of letting them drive you

  • How to leverage the core disciplines of Risk Management to design an effective framework

  • How to leverage Your Risk Management Program to reduce cost and risk through effective Prioritization and Processes

  • The convergence of various risk and compliance topics in the context of enterprise risk management

  • How to measure the success of your risk management approach through quantitative metrics

  • How to measure the dollar value of Security & Risk Management

  • How to articulate the value of Security & Risk Management in terms line executives can understand

  • Best practices for managing compliance, security, disaster recovery and high availability

  • How global governance and risk management trends are affecting corporate enterprises

 

Register

 

Conference Price: $219.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs.  CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

 

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

 

 

CAMP Conferences, Inc., 540 W. Frontage Rd., Ste. 2205, Northfield, IL  60093
Tel: (312) 527-2800  Fax: (847) 881-0747

Copyright © 2010 CAMP Conferences, Inc. All Rights Reserved.
CAMP IT is a registered trademark of
CAMP Conferences, Inc.