Security Architecture Strategies: Chicago (Rosemont/O’Hare), Illinois


Strategies to secure business driven enterprise architecture.


June 6, 2023




7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded


Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois




In order to build and run applications securely there are key architectural components that need to be in place. Without infrastructure components like proper encryption, standard authentication methods and logging standards developers are challenged to build secure applications. Without proper pre-production testing and event logging / analysis knowing if an application is under attack and should you worry when it is becomes virtually impossible. With the advent of containers and the ability to scale application across different platforms the problem only gets compounded.


This conference will present the key architectural components your company should have in place that will allow you to build, run and monitor applications more securely.

What You Will Learn


The C-suite understands that security policies and controls have a direct impact on the ability of organizations to respond to business disruption.


In this one day in-person conference, attendees will learn:

  • Security Architecture and Business Resiliency
  • My Zero Trust Journey – From Conception to Design and Implementation
  • How to Rationalize Tools/Processes and How to Assess Where Your Security Program Maturity is At
  • Securing Your DevOps Infrastructure
  • Stay Awake! API Attacks are Coming Your Way! – The New Attack Frontier
  • How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion)



8:00am – 9:00am: Registration and Continental Breakfast

9:00am – 10:00am:  How to Rationalize Tools/Processes and How to Assess Where Your Security Program Maturity is At


Derek Milroy, Information Security, U.S. Cellular


This talk will focus on how to rationalize/optimize your security focused tools and gauge your overall Security Program Maturity.

This presentation will also provide suggestions for moving the needle on maturing various areas. No frameworks, just “in the trenches” advise on security tooling and how to gauge overall security program maturity, diving in a bit on some areas/aspects.





10:00am – 10:30am: Refreshment and Exhibit Break

10:30am – 11:30am:  AIOps(DevSecOps) How to Gain Insights Into Your Infrastructure Events



Karthik Kandamuri, Director, Enterprise Architecture, AbbVie






11:30am – 12:30pm: Securing Your DevOps Infrastructure


With infrastructure moving more to code-based deployments, security becomes critically important. How to protect sensitive information, accounts and secrets in your deployment code is a challenge for organizations of all size. PSM Partners’ Brad Wyatt will present lessons learned from the field, talk about best practices, and discuss some challenges with automation security.



Brad Wyatt, Solutions Architect, Cloud Solutions Group (CSG), PSM Partners


The IT field continues evolve and traditional physical infrastructure deployments are moving to a more automated code-first approach. Automation can provide consistency across different deployments and configuration changes en masse, but with an ever-changing landscape how can you ensure that your code, pipelines, and runbooks remain secure?


In this session we will explore some of the ways to keep your secrets, secret. From using secret stores in code-based deployments to encrypting variables in different automation platforms, learn what tools are available to help guarantee that your company won’t suffer a security incident at the expense of efficiency.


In 2021, companies leaked more than 6 million passwords, API keys, and other sensitive data types doubling the number from the prior year. On average, 3 out of every 1,000 commits to GitHub leaked a secret with more than half of the secrets consisting of credentials to either data storages, cloud providers, encryption keys, development tools, or messaging platforms. Upon conclusion of this session, you will have the necessary knowledge and tools to secure your DevOps and Automation practices.






12:30pm – 1:30pm: Lunch and Exhibit Break

1:30pm – 2:30pm: Stay Awake! API Attacks are Coming Your Way! – The New Attack Frontier


Patrick Mawyer, Sr. Sales Engineer, Traceable



As the digital landscape continues to evolve rapidly, it is crucial to address the potential vulnerabilities & risks associated with APIs. Enhance your understanding of API security and learn valuable insights and strategies to safeguard your organization’s APIs against potential threats.


Key discussion topics of today’s session:

  • Understanding the importance of API security in today’s interconnected world
  • Identifying common API vulnerabilities and their potential impact
  • Best practices for securing APIs and ensuring compliance with industry standards
  • Real-world case studies highlighting successful API security implementations





2:30pm – 3:00pm: Refreshment and Exhibit Break

3:00pm – 4:00pm: How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion) 


In this session attendees will learn from Security Architecture executives as to how they are strengthening their architectures


Moderated by: Marc Kreppel, Enterprise Account Executive, Zerto



Panelists will include:

  • Josh Sims, Information Security Manager, ACGME
  • Brandon Daab, Information Security, Foundation Finance Company LLC
  • Dan Krueger, Director of Cybersecurity & BISO, Elevance Health (formerly Anthem)
  • Ron Zochalski, CTO & CISO, Lake County, Indiana Government
  • Zachary Voss, Information Systems Security Engineer, Lucas-Milhaupt Inc.
  • And other InfoSec Leaders sharing experiences and lessons learned




Kreppel                         Sims                   Daab            Krueger            Zochalski               Voss



Conference Price: $299.00 per person


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.



As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

conference sponsors