Feedback from Attendees

Upcoming  2017 Events

July 12, 2017
Enterprise Architecture Strategies
Info
Chicago, IL

Sept. 7, 2017
IT Infrastructure/Operations Management (Data Center)
Info
Chicago, IL

Sept. 19, 2017
Enterprise Risk/Security Management
Info
Dallas, TX

Oct. 4, 2017
Enterprise Risk/Security Management
Info
Chicago, IL

Oct. 18, 2017
IT Leadership Strategies
Info
Chicago, IL

Oct. 26, 2017
Enterprise Architecture Strategies
Info
Chicago, IL

Nov. 1-2, 2017
IT PMO/Portfolio Management
Info
Dallas, TX

Nov. 15, 2017
DR/BC - Resilient Infrastructure
Info
Chicago, IL

Nov. 30, 2017
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

Dec. 7, 2017
Data Breaches: Preparing and Responding
Info
Chicago, IL

Upcoming  2018 Events

Feb. 1, 2018
Enterprise Risk/Security Management
Info
Dallas, TX

Feb. 20, 2018
Enterprise Risk/Security Management
Info
Chicago, IL

Mar. 1, 2018
IT Leadership Strategies
Info
Chicago, IL

Mar. 7, 2018
Enterprise Architecture Strategies
Info
Chicago, IL

April 12, 2018
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

May 2, 2018
Data Breaches: Preparing and Responding
Info
Chicago, IL

May 15, 2018
IT Infrastructure/Operations Management (Data Center)
Info
Chicago, IL

May 31, 2018
Enterprise Risk/Security Management
Info
Minneapolis, MN

June 7, 2018
Enterprise Risk/Security Management
Info
Chicago, IL

June 20-21, 2018
IT PMO/Portfolio Management
Info
Chicago, IL

July 11, 2018
Enterprise Architecture Strategies
Info
Chicago, IL

Sept. 6, 2018
IT Infrastructure/Operations Management (Data Center)
Info
Chicago, IL

Sept. 18, 2018
Enterprise Risk/Security Management
Info
Dallas, TX

Oct. 3, 2018
Enterprise Risk/Security Management
Info
Chicago, IL

Oct. 17, 2018
IT Leadership Strategies
Info
Chicago, IL

Oct. 25, 2018
Enterprise Architecture Strategies
Info
Chicago, IL

Nov. 1-2, 2018
IT PMO/Portfolio Management
Info
Dallas, TX

Nov. 14, 2018
DR/BC - Resilient Infrastructure
Info
Chicago, IL

Nov. 29, 2018
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

Dec. 6, 2018
Data Breaches: Preparing and Responding
Info
Chicago, IL

(Click here to add any of our upcoming events to your calendar)

 

 

Conferences that solve current IT challenges

Enterprise Risk / Security Management

Strategies for adopting a comprehensive IT GRC (Governance/Risk Management/Compliance) approach to managing information adhering to business needs.

June 19, 2014

9:00am-5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Bios

Conference location: Donald E. Stephens Convention Center Rosemont (O'Hare) Illinois

Overview

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

With all of these challenges, how do you make this happen?

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn

In this one day conference attendees will learn:

  • Preventing the Breach – Don’t Let Your Third Party Vendors Be Your Weakest Link

  • Why Your Policy is Broken and How You Can Fix It: How to Use the Top 20 Critical Controls as a Security/Risk Framework

  • How Security and the CSO Can Provide Business Value (Panel)

  • Malware and APTs; How Do We Defend Against These Modern Threats?

  • Mobile Technology in the Enterprise: How to Manage Security Risks of BYOD (Panel)

  • Cloud Security: How to Manage the Risk When Utilizing Cloud Computing (Panel)

Conference Program

8:00am - 9:00am - Registration and Continental Breakfast

Kurzynski

9:00am-10:00am

Preventing the Breach – Don’t Let Your Third Party Vendors Be Your Weakest Link

Terry Kurzynski, ISO 27001 Auditor, CISSP, CISA, HALOCK Security Labs

HIPAA, GLBA, SOX, ISO 27001, NIST 800-53 and numerous other standards and regulations, both in the US and abroad, require a risk-based third party vendor management program to protect the data you share with service providers and vendors. Beyond the laws and regulations, your organization may have additional business requirements including; uptime, change windows, incident notification, right to audit, and more.

In this session, you will be introduced to a process to design, deploy and operate a risk-based third party vendor management program that is right-sized for your organization. The session will specifically include:

  • Identifying your requirements
  • Classifying vendors
  • Introduction to program components
    • Vendor evaluation process
    • On-boarding process
    • Oversight of vendor compliance
    • Oversight of vendor service changes
    • Audit process
    • Remediation validation
    • Threat intelligence
    • Monitoring Effectiveness of program
    • Continuous improvement of program
  • How-To Guide for Building Your Own Program






10:00am -10:30am - Refreshment Break

Cronin

10:30am-11:30am

Calculating Your Acceptable Level of Risk

Chris Cronin, Principal Consultant, HALOCK Security Labs

With so many potential risks it can be difficult to determine which an enterprise can live with, which it can't, and which it can cope with when reduced to an acceptable level of risk.

Determining an acceptable level of risk needs to be undertaken when there is a significant change in a business' activities within the environment. Examples are updating policies and training or improving security controls and contingency plans, the risks need constant monitoring to ensure the right balance between risk, security and profit.

In this session attendees will learn how to build a framework to define an acceptable level of risk.






Skurko

Williams

Jamieson

Bivian

Winkler

Hunka

11:30am-12:30pm

How Security and the CSO Can Provide Business Value (Panel)

Moderator:
Mike Skurko, Director, Utimaco
Panelists:
Clayton Williams, Jr., PhD, CISO, Director IT Security & Compliance, Heidrick & Struggles,
Dr. Robert Jamieson, Ed.D., Director IT Security & Compliance (Deputy CISO), Underwriters Laboratories
Paul Bivian, Manager, Information Security, City of Chicago
Michael Winkler, Director, Information Security & Risk Management, SGK
Larry Hunka, CISO, Senior Director, Enterprise Infrastructure, Cadence Health
and other CISOs/IT Security Executives

In this session, attendees will learn from a panel of IT security executives as to the strategies they are leveraging to insure their efforts are in sync with business priorities.

Topics covered:

  • How to identify leverage the following areas of value: reputation, regulation, revenue, resilience, and recession for continued investment and security spending
  • How to assess, understand and define security’s current and future roles in the extended enterprise
  • Where are security investments being made on personnel, processes, and technologies
  • What does security need to specifically achieve for the enterprise in terms of protecting current business processes and enhancing future revenue grow













12:30pm - 1:30pm Luncheon

Vibbert 

1:30pm-2:30pm

Malware and APTs; How Do We Defend Against These Modern Threats?

Barbara Vibbert, Sales Engineer, Dell SonicWall

The online world is becoming more troubling every day. The motivations of these attackers can be profit, ideology and nationalism. Beyond the reasons, what can you do to understand these threats and mitigate them before they cause significant damage to your enterprise?

In this session, attendees will learn:

  • Who are the attackers and why
  • What are the most common threats
  • Steps you can take to mitigate their actions
  • How to refine your security risk framework to plan for advanced persistent threats





2:30pm - 3:00pm - Refreshment Break

Brush

Kwong 

Bee

3:00pm-4:00pm

Mobile Technology in the Enterprise: How to Manage Security Risks of BYOD (Panel)

Moderator:
Brian Brush, Technical Account Manager, Qualys
Panelists:
Justin P. Webb, Information Security Officer, IT Services, Marquette University
Fred Kwong, Sr. IS Security Manager, U.S. Cellular
Greg Bee, CISO, Country Financial
and other professionals from IT departments

As employees become increasingly mobile through consumer technologies, IT systems and information become more vulnerable to security risks and breaches. The major challenge becomes how to effectively manage these risks while maximizing employee productivity.

In this session, attendees will learn from a group of seasoned IT security executives as to how they are handling these challenges.





Kwong

Hsiang

Smolenski

4:00pm-5:00pm

Cloud Security: How to Manage the Risk When Utilizing Cloud Computing (Panel)

Moderator:
Brian Dudey, RSM, Imperva
Panelists:
Fred Kwong, Sr. IS Security Manager, U.S. Cellular
Victor Hsiang, CISO, GATX
Nathan J. Smolenski, CISO, Group Information Security, Zurich North America
and other professionals from IT departments

Cloud Computing is yet another disruptive technology that is promising to deliver huge benefits. But with any disruptive technology there are security and risk concerns that need to be addressed.

What questions should you be asking potential cloud providers? How should you modify your own security and risk procedures?

In this session attendees will learn how to adjust their security/risk programs to account for the following areas:

  • Abuse and Misuse of Cloud
  • Insecure APIs/Interfaces
  • Insider Threats
  • Shared Technology Issues
  • Data Loss or Leakage
  • Service & Account Hijacking
  • Unknown Risks
  • Customer information in the cloud
  • Managing Identities and authentication

Conference Price: $279.00 per person


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)˛, Inc.

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.