Conferences that solve current IT challenges
Enterprise Risk / Security Management - Governance / Risk / Compliance
Strategies to help leverage full value from your design and implementation of an effective Business Intelligence framework
February 3, 2011
7 CPE / 0.7 CEU / CISSP / 7 PDU Credits AwardedBios
Conference location: Donald E. Stephens Convention Center Rosemont (O'Hare) Illinois
In today’s highly regulatory
environment it is essential that you have a clear understanding of
risk across the enterprise. A risk management framework can
bring visibility to key business and compliance risks and enable a
company to make decisions on where to prioritize its limited
resources. It is through a risk management framework that real
value to the business can be achieved.
With all of these challenges, how do you make this happen?
In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.
What You Will Learn
In this one day conference attendees will learn:
- Risk Reduction: How to Avoid Being the Next Data Breach Headline
- How to Establish Effective Security Policies to Reduce Security Risks
- Strategies for Aligning Security/Risk with the Business
- Consumer Technology in the Enterprise: How to Manage Security Risks while Maximizing Productivity
- Cloud Initiatives: How Will You Need To Adjust Your Security Risk Program?
- How to Modify Your Security Risk Program for Social Networking
8:00am - 9:00am - Registration and Continental Breakfast
Risk Reduction: How to Avoid Being the Next Data Breach Headline
Michael Gabriel, Director Data Protection Practice, Integralis; Former CISO, Career Education Corp.
Data breaches have a huge impact on the economy. Consumers and business get hurt, shareholders lose faith and suppliers question the viability of the company they are doing business with.
How do you protect your organization so that you are not the next data breach headline in the media?
In this session, an experienced CISO, Michael Gabriel will provide you with a framework that answers the following:
- How to determine which types of data pose the most risk
- How to assess your organization's risk of a costly data breach
- How to develop a Data Protection Program to reduce your risk
- How to get executive buy-in for your Data Protection Program
10:00am -10:30am - Refreshment Break
Danny Harris, Manager, Information Security Policy and Awareness, The Aon Corporation
To protect and organization’s information assets, a comprehensive security policy must be designed to addresses the problems of classifying the confidential information and identifying who the users are. To effectively protect this information, a policy must ask the following questions: What information should be protected? Who is going to have access to the information? In this session, attendees will learn effective strategies and tactics from Danny Harris, Manager of Information Security Policy and Awareness as to how he has dealt with these challenges.
Strategies for Aligning Security/Risk with the Business
Karl Wehden, Client Value Consultant, IBM
Panelists will include:
Sarah Buerger, CIPP/IT, Director-Information Security Governance, CNA Insurance, Director, IT Security Risk Management, Baxter International Inc.
Drake Cody, Manager, Risk Management, Allstate
Mark Guth, Sr. Mgr., Info. Security, Nicor Gas
and other enterprise IT risk leaders
Business intelligence can successfully move the
business forward if implemented properly. But
there are pitfalls to be aware of. If these are
not avoided an implementation can have
disastrous consequences for the enterprise.
In this session, attendees will learn from a panel of IT security executives as to the strategies they are leveraging to insure their efforts are in sync with business priorities.
In this session attendees will learn how to:
- How to assess, understand and define security’s current and future roles in the extended enterprise
- Where are security investments being made on personnel, processes, and technologies
- What does security need to specifically achieve for the enterprise in terms of protecting current business processes and enhancing future revenue growth
12:30pm - 1:30pm Luncheon
Elizabeth Martin, Director Security Services, Redlegg
Marcin Budzik, Security; Compliance Manager, Fort Dearborn
John Germain, CISSP, Director, Information Security Architecture, Engineering; Operations, ITT Corporation
Paul Kunas, IT Security Governance, Exelon
Joe Slone, Chief Architect & Sr. Director of Security, 1SYNC
IT risk leaders will share their experiences and lessons learned
2:30pm - 3:00pm - Refreshment Break
Cloud Initiatives: How Will You Need To Adjust Your Security Risk Program?
Arti Raman, Vice President, Products and Alliances, Agiliance
Cloud Computing is yet another disruptive technology that is promising to deliver huge benefits. But with any disruptive technology there are security and risk concerns that need to be addressed.
- Abuse and misuse of cloud
- Insecure APIs/Interfaces
- Insider Threats
- Shared Technology Issues
- Data Loss or Leakage
- Service & Account Hijacking
- Unknown Risks
How to Modify Your Security Risk Program for Social Networking
Moderator: Jay Weber, Manager, Zenith Infotech Panelists will include Chris John, CGEIT, CISM, CISA, Vice President, IT Risk Controls, Marshall Ilsley Corporation / MI Bank David Ogbolumani, Director, Global IT Security, Kellogg Company Steve Sullivan, Director, IT - Information Security Officer, Central DuPage Hospital Stefan Wahe, DoIT Security Officer, University of Wisconsin - Madison and other enterprise IT risk leaders
Social networking seems to be everywhere in our professional and personal lives. It even pervades our offline conversations. But with the widespread appeal comes increased security risks.
How do modify your security risk programs to encompass the threats that social networking poses?
In this session, attendees will learn:
- How to avoid the seven deadly sins of social networking security
- How to protect yourself and individuals inside your organization against identify theft
- How to set effective guidelines with your organization as to an appropriate use of social networking while not minimizing the potential business value
Conference price: $249 per person.
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)˛, Inc.
As is always the case at CAMP IT Conferences events, the talks will not include
product presentations. During the continental breakfast,
coffee breaks, and the luncheon break you will have the opportunity
to informally meet representatives from the following sponsoring
companies, who have solutions in the area of the conference.