Feedback from Attendees

Upcoming  2015 Events

Oct 21, 2015
IT Leadership Strategies

Info

Oct 28, 2015
Cloud Computing Strategies
Info

Nov 4-5, 2015
IT PMO/Portfolio Management
Info

Nov 19, 2015
Software Defined Networking (SDN)
Info

Dec 3, 2015
Business Intelligence/Big Data/Analytics
Info

Dec 10, 2015
Mobile/Cloud/IoT Security
Info

Upcoming  2016 Events

Feb 4, 2016
Enterprise Risk/Security Management
Info
Dallas, TX

Feb 18, 2016
Enterprise Risk/Security Management
Info
Chicago, IL

Feb 29-Mar 1, 2016
IT PMO/Portfolio Management
Info
Las Vegas, NV

March 10, 2016
IT Leadership Strategies
Info
Chicago, IL

March 17, 2016
IT Infrastructure/Operations Management (Data Center)
Info
Chicago, IL

April 20, 2016
Data Governance Strategies
Info
Chicago, IL

April 26, 2016
Mobile/Cloud/IoT Security
Info
Chicago, IL

May 19, 2016
Digital Workplace Strategies
Info
Chicago, IL

May 25, 2016
Software Defined Networking (SDN)
Chicago, IL
Info

June 2, 2016
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

June 9, 2016
Enterprise Risk/Security Management
Info
Chicago, IL

June 23-24, 2016
IT PMO/Portfolio Management
Info
Chicago, IL

Sep 15, 2016
IT Infrastructure/Operations Management (Data Center)
Info
Chicago, IL

Sep 22, 2016
Enterprise Risk/Security Management
Info
Dallas, TX

Oct 6 , 2016
Enterprise Risk/Security Management
Info
Chicago, IL

Oct 20, 2016
IT Leadership Strategies
Info
Chicago, IL

Oct 27, 2016
Data Governance Strategies
Info
Chicago, IL

Nov 2-3, 2016
IT PMO/Portfolio Management
Info
Dallas, TX

Nov 17, 2016
Software Defined Networking (SDN)
Chicago, IL
Info

Dec 1, 2016
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

Dec 8, 2016
Mobile/Cloud/IoT Security
Info
Chicago, IL

 

(Click here to add any of our upcoming events to your calendar)

 

 

Conferences that solve current IT challenges

Enterprise Risk - Security Management

Strategies for adopting a comprehensive IT GRC (Governance/Risk Management/Compliance) approach to managing information adhering to business needs

June 18, 2009

9:00am-5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

   

Conference location: Donald E. Stephens Convention Center Rosemont (O'Hare) Illinois

Overview

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise.  A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources.  It is through a risk management framework that real value to the business can be achieved.

With all of these challenges, how do you make this happen?

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

Who Should Attend:
CIOs/CISOs
VPs/IT Directors
Security Managers/Architects
Network Managers
 

What You Will Learn

In this one day conference attendees will learn:

  • How to take control of your Risk Management Program
  • How to drive Compliance issues instead of letting them drive you
  • How to leverage the core disciplines of Risk Management to design an effective framework
  • How to leverage Your Risk Management Program to reduce cost and risk through effective Prioritization and Processes
  • The convergence of various risk and compliance topics in the context of enterprise risk management
  • How to measure the success of your risk management approach through quantitative metrics
  • How to measure the dollar value of Security & Risk Management
  • How to articulate the value of Security & Risk Management in terms line executives can understand
  • Best practices for managing compliance, security, disaster recovery and high availability
  • How global governance and risk management trends are affecting corporate enterprises

Conference Program

8:00am - 9:00am - Registration and Continental Breakfast

Ju


Tyk

9:00am-10:00am

How to Design and Improve a Holistic IT Risk/Security Management Plan 

Min Ju, Security Strategist, Symantec
Michael Tyk, Senior Lead Principal, Symantec

An effective risk management program takes into account the needs of the extended enterprise in addition to IT.  Technology is involved, but before any purchase decisions are made it is imperative that your organization has policies in place that will lay the foundation for your program. 

In this session attendees will learn how to: 

  • Select IT Risk Assessment Methods
  • Perform and IT Risk analysis
  • Implement Policies and Procedures
  • Involve Risk in Your Governance Framework
  • Involve Compliance, Security, Disaster Recovery and High Availability in Your Risk Management Plan

10:00am -10:30am - Refreshment Break

Pnwani

Reeder

Troyer

Maychruk

Yetnikoff

10:30am-11:30am

How Information Security and Regulatory Risk Management are Affected By the Current Economy

Moderator:Amit Punwani, Business Manager, IBM

Panelists:
Andy Reeder, CISSP, CISA, Director, HIPAA Privacy and Security, Rush University Medical Center
Kurt Troyer, Information Security Officer, Illinois Tool Works
Andrew C. Maychruk, Chief Information Officer, THE PRIVATEBANK

Arlene Yetnikoff, Director of Information Security, DePaul University

The current economic climate has presented many challenges for security and risk leaders. Questions that are being asked may be consistent along technical areas, but much different based on business and specific vertical issues. 

For example:

  • Healthcare - the ARRA will amend HIPAA and cause more attention to regulatory enforcement for privacy and security - what are organizations doing to manage risk?
  • Financial - how has the recovery affected the bottom line and how are resources being managed; what are the major regulatory challenges in managing risk now?
  • Manufacturing - if things have slowed - is risk being managed effectively, and how so?

    In this session attendees will learn from a panel of seasoned IT security and risk leaders as to how they are handling these challenges.

Harris

11:30am-12:30pm

Implementing Effective Metrics: How to Measure Your Security Risks and Make Sense of the Results

Danny Harris, Manager of Information Security Policy and Awareness, The Aon Corporation

A generally accepted principle is that an activity cannot be managed if it cannot be measured. This principle relates to IT security as well.  By implementing an effective metrics program, security managers can determine the effectiveness of various elements, the security of an individual system, tool, process, and the ability of individuals or teams within an organization to address security issues for which they are responsible.

Security measurements can also help identify the level of risk in not taking a given action, and in help provide guidance in prioritizing corrective actions. Additionally, they may be used to raise the level of security awareness within the organization.

In this session attendees will learn strategies to help determine the following:
  • Are we more secure today than we were yesterday?
  • How do we compare to other organizations?
  • Do we believe we are secure enough to adapt to unforeseen problems?
  • If not, what actions should we take?

12:30pm - 1:30pm Luncheon

Hawke

1:30pm-2:30pm

How to Manage Endpoints in a Distributed, Cloud-based Environment

Sandy Hawke, Director Product Marketing, BigFix

The evolution of the enterprise network has had its benefits.  From a centralized LAN to today’s distributed WAN and telecommuting trends, to the imminent rise of cloud-based computing, users have had much richer and more ubiquitous access to IT services than ever before.  But how does that impact how IT operations and IT security delivers and validates efficient systems and security management?

In this session, we’ll review the many benefits of cloud computing and cloud-based security services such as: cost reduction; risk transference; speedier remediation than legacy approaches; and a simpler infrastructure.  Unfortunately, what can come with some of these approaches is a significant loss of visibility and control, which highlights the need for effective endpoint security management wherever those endpoints roam.  

You’ll walk away from the session with recommendations on how to:

  • Evolve your endpoint security management to accommodate this type of network architecture
  • Reap the benefits of cloud-based security protection – particularly for roaming assets
  • Maintain the health and security of endpoints through better visibility and continuous control – regardless of your existing network architecture

2:30pm - 3:00pm - Refreshment Break

Bower

Bower

Guth

Sullivan

Gabriel

3:00pm-4:00pm

How IT Security Organizations are Protecting Customer Data

Moderator: Mark Bower, VP, Product Management, Voltage Security
Panelists:

Ken Rowe, Director of Enterprise Systems Assurance and Information Security, University of Illinois

Mark Guth, Senior Manager IS Security, Nicor Gas

Steve Sullivan, Director, IT - Information Security Officer, Central DuPage Hospital

Michael Gabriel, CISSP, CISA, Corporate Information Security Officer, Career Education Corporation

Customer data is the lifeblood of every business.  Given the current climate protection of this data takes on an event greater importance than ever before.  As organizations are preparing for the economic recovery, what should they be thinking about?   

In this session attendees will learn from a panel of enterprise IT security and risk professionals.

 Topics that will be covered include:

  • Market dynamics
  • PCI and other regulatory drivers
  • The risks of non-compliance
  • How companies are protecting databases and applications


Lee

Burke

Holden

Burkard

Rushing

4:00pm-5:00pm

Mitigating Insider Threats: Effective Strategies for Preventing Data Leakage

Moderator: Victor C. Lee, Data Protection Marketing, Trend Micro
Panelists: Tim Burke, Information Security Manager, QBE the Americas
Alex Holden, CISSP, Chief Information Security Officer, Robert W. Baird & Co., Inc.
Joseph Burkard, 
Director, Global IT, IT Security and Risk Management, Baxter International Inc. 
Richard Rushing, Senior Director of Information Security, Mobile Devices, Motorola

Data leakage can take many forms, and the reality is that it can be much more dangerous to an organization’s well being than the phrase implies. Many times it is unintentional, but, it is often the result of those who are trusted on the inside that for whatever reason may have something to gain by the loss or disposal of company sensitive information. 

 

How do you protect your confidential information?  How do you protect your organization’s reputation?

In this session attendees will learn from a panel of senior enterprise IT professionals as to how they are working through the challenges of mitigating insiders threats and preventing data leakage.


Conference price: $249 per person.


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.