UPCOMING EVENTS

Security Architecture Strategies: Chicago (Rosemont/O’Hare), Illinois

 

Strategies to secure business driven enterprise architecture.

 

October 19, 2023

 

9:00am-5:00pm

 

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

 

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

     


Overview

 

In order to build and run applications securely there are key architectural components that need to be in place. Without infrastructure components like proper encryption, standard authentication methods and logging standards developers are challenged to build secure applications. Without proper pre-production testing and event logging / analysis knowing if an application is under attack and should you worry when it is becomes virtually impossible. With the advent of containers and the ability to scale application across different platforms the problem only gets compounded.

 

This conference will present the key architectural components your company should have in place that will allow you to build, run and monitor applications more securely.


What You Will Learn

 

The C-suite understands that security policies and controls have a direct impact on the ability of organizations to respond to business disruption.

 

In this one day in-person conference, attendees will learn:

  • Security Architecture & Business Resiliency
  • Optimizing Risk Framework Assessments, Controls Assessments, and Risk Registers
  • AI and Potential Security Impact on the Business Architecture
  • Security Architecture Review Process: Trust/IDs/Applications
  • Securing Your DevOps Infrastructure
  • How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion)

 


Conference Price: $299.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.


CONFERENCE AGENDA


8:00am – 9:00am: Registration and Continental Breakfast


9:00am – 10:00am:  Optimizing Risk Framework Assessments, Controls Assessments, and Risk Registers

 

Derek Milroy, Information Security, U.S. Cellular

 

Join us as we kick off the day with information on:

 

  • Risk Register Journey – The journey from saved e-mails, to excel, and beyond!
  • Risk Analysis Basics – Start with Qualitative, add a dash of Quantitative, and maybe some due care and diligence elements?
  • Remediation and Road mapping fun.
  • Reducing BIAS in Analyses, hopefully logical fallacies too.
  • Threat Modeling Primer – Integrating Threat Intel into Risk Analysis processes and procedures.
  • 3rd Party Risk Concerns, 4th Party Risk Concerns, everything’s a party!!!

 

 

Milroy

 


10:00am – 10:30am: Refreshment & Exhibit Break


10:30am – 11:30am: Security Architecture Review Process: Trust/IDs/Applications

 

In this session, attendees will go through five crucial steps for an effective Security Architecture:

 

  1. Assess your current security situation
  2. Analyze security insights (strategic and technical)
  3. Develop the logical security layer of the architecture
  4. Design the EISA implementation
  5. Treat architecture as an ongoing process

 


11:30am – 12:30pm: Securing Your DevOps Infrastructure

 

Brad Wyatt, Solutions Architect, Cloud Solutions Group (CSG), PSM Partners

 

The IT field continues evolve and traditional physical infrastructure deployments are moving to a more automated code-first approach. Automation can provide consistency across different deployments and configuration changes en masse, but with an ever-changing landscape how can you ensure that your code, pipelines, and runbooks remain secure?

 

In this session we will explore some of the ways to keep your secrets, secret. From using secret stores in code-based deployments to encrypting variables in different automation platforms, learn what tools are available to help guarantee that your company won’t suffer a security incident at the expense of efficiency.

 

In 2021, companies leaked more than 6 million passwords, API keys, and other sensitive data types doubling the number from the prior year. On average, 3 out of every 1,000 commits to GitHub leaked a secret with more than half of the secrets consisting of credentials to either data storages, cloud providers, encryption keys, development tools, or messaging platforms. Upon conclusion of this session, you will have the necessary knowledge and tools to secure your DevOps and Automation practices.

 

 

Wyatt

 


12:30pm – 1:30pm: Lunch & Exhibit Break


1:30pm – 2:30pm: AI and Potential Security Impact on the Business Architecture

 

In this session, attendees will learn how to make sure their security architecture aligns with the goals of the business while keeping in mind the potential threats posed by AI.

 


2:30pm – 3:00pm: Refreshment & Exhibit Break


3:00pm – 4:00pm:  Security Architecture & Business Resiliency

 

Security and Infrastructure need to cooperate in order to ensure business resiliency, but many organizations fail to unite the two, leaving them vulnerable. Worse yet, some organizations unwittingly encourage opposition between the two. We will briefly discuss the importance of working together in those areas, and highlight some specific strategies companies can use to keep different areas of the business in alignment for better security, and better continuity of operations.

 


4:00pm – 5:00pm:  How Enterprise IT Security Executives are Bolstering their Architecture (Panel Discussion)

 

In this session, attendees will learn from a panel of executives as to how they are partnering with the business while making sure they are bolstering their architecture.

 

Panelists include:

  • Florentin Zlatea, Enterprise Architect, The Kraft Heinz Company
  • James Mountain, Director of Information Security, Palmer College of Chiropractic
  • Laszlo Gonc, Founder, Next Era Transformation Group
  • Paul Glidden, Security Architect, Procore Technologies
  • Other InfoSec Leaders sharing experiences and lessons learned

 

 

Zlatea                         Mountain                          Gonc                           Glidden

 


Conference Price: $299.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.


CONFERENCE SPONSORS