Enterprise Risk / Security Management


Strategies and techniques for leading and guiding a business driven risk/security approach during dynamic times.


March 25, 2021


9:00am-5:00pm CST; 10:00am-6:00pm EST


7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded


Conference location: ONLINE




In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.


With all of these challenges, how do you make this happen?


In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn


In this one day conference attendees will learn:

  • SolarWinds – What’s Coming Next
  • Security and Risk Management Trends / Protecting your Data During a Pandemic
  • Adopting Risk-Based Cybersecurity at Your Organization
  • Achieving Governance and Security through Cloud Management
  • How CISOs are Building Successful Cyber Security Teams (CISO Panel Discussion)
  • Managing Security Risk at the Speed of Business (CISO Panel Discussion)

Conference Price: $0.00 per person


Attendance is limited to enterprise IT executives, management and staff in companies with at least 25 employees. Registrants cannot be sales/marketing/business development professionals, nor executives, of companies that provide IT products or services to enterprises.


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Conference Program

9:00am-10:00am: SolarWinds – What’s Coming Next 


Morgan Wright, Chief Security Advisor, SentinelOne


Not everyone was a victim of the SolarWinds attack, but everyone will be impacted by it. The recent Senate Select Intelligence Committee hearings gave insight as to what’s coming next in regulations and legislation. Will there be MANDATED BREACH REPORTING? Will immediate THREAT SHARING BE REQUIRED? See what’s coming next and how it will impact you.



10:00am -10:30am: Networking Break

10:30am-11:30am: CISO Fireside Chat


Victor Hsiang, CISO, GATX




11:30am-12:30pm: Keeping Up with the Latest Security and Risk Management Trends


Mark Sangster, VP, Industry Security Strategist, Chief Evangelist, eSentire


What’s the best approach to enterprise security? The prevailing consensus in the industry has generally been threat-based or compliance-based approaches. However, many organizations that use these approaches struggle to strike the right balance between technical tools and practical outcomes.


The answer is to focus on reducing risk.


Join us to get an actionable roadmap for success, including:

  • Examining 20 plus years of security paradigms — and learn why many of them fail
  • Explore the increasing risks tied to digital transformation initiatives
  • Understand how security intelligence helps teams make better decisions based on contextual data and metrics
  • Discover a proven, comprehensive framework for cybersecurity that emphasizes risk over threats
  • Learn how to create a persistent information advantage for better security — with a focus on being profitable



12:30pm – 1:30pm Lunch Break

1:30pm-2:30pm: Information Asymmetry, The Affect Heuristic, and Risk Perception: Why It’s So Hard to Move the Needle


Edward Marchewka, VP, IT and Quality Services, & Strategic Planning, Gift of Hope


In this session, Edward will discuss how to:

  • Understand decision making
  • Overcome listlessness
  • Answer the question, “WIIFM?”
  • Get to a place of action, investment or acceptance



2:30pm – 3:00pm: Networking Break

3:00pm-4:00pm: How CISOs are Building Successful Cyber Security Teams (CISO Panel Discussion)


Annur Sumar, CTO, Maetech
Leon Ravenna, CISO, KAR Global
Jim Kastle, CISO, Conagra Brands
Mitch Parker, CISO, Indiana University Health
Fred Kwong, CISO, Delta Dental
and other CISOs sharing experiences and lessons learned


In this session, CISOs will share how they build culture, drive effective cross-team communication, leverage non-traditional hiring practices and programs to find extraordinary talent from across generations, geographies and genders.


Ravenna     Kastle       Parker       Kwong      Sumar

4:00pm-5:00pm: Managing Security Risk at the Speed of Business (Panel discussion)


Pat Walsh, CMO, Tufin
Bob Turner, CISO and Director, Office of Cybersecurity, University of Wisconsin-Madison
Greg Bee, CISO, Pekin Insurance
Phil Burnett, EVP, Security Operations and CISO, High Wire Networks
Keith Conlee, CSO, College of DuPage
and other enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned


As a valued partner to the business, CISOs need to lead with business first execution.


In this session, attendees will learn from CISOs/Security Executives as to how they are:

  • Leading a business first mentality
  • Looking at every security risk decision through the lens of business impact
  • How can security and IT operations can work together effectively to identify best cost actions that have the most meaningful impact on exposure to business compromise and impact
  • Understand what Cloud/DevOps/Digital mean for your risk management program


Turner      Bee             Burnett      Conlee       Walsh

Conference Price: $0.00 per person


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.



As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the breaks you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.