Enterprise Risk / Security Management: Chicago (Rosemont/O’Hare), Illinois


Strategies for reducing risk to the enterprise.


February 24, 2022




7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded


Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois




In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.


With all of these challenges, how do you make this happen?


In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn


In this one day conference attendees will learn:

  • Managing Risk & Building Resiliency
  • Embedding a Culture of Security to Enable Smart, Secure Decision-Making
  • Keeping Up with the Latest Security and Risk Management Trends
  • Cloud, Control & Security: Critical Security Controls You Should be Using
  • Risk Management – How to Demonstrate Security Program Value to Stakeholders
  • Managing Security Risk at the Speed of Business (CISO Panel Discussion)

Conference Price: $299.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.


9:00am-10:00am:  Quantifying Cyber Risk to Drive Business Decisions


Jason Bowen, Managing Director, Protiviti Chicago

George Quinlan, Senior Manager, Protiviti Chicago




Cyber risk management programs serve a wide array of stakeholders across the organization (executive team members, audit boards, governance committees, and technical teams). One common question that all stakeholders can relate to is “Where do I spend my limited time and budget to reduce risk in the most effective way?” When faced with multiple risks rated as critical or high, determining where to focus your resources can be challenging. Cyber risk quantification can bring a fresh perspective to your cybersecurity program by answering the questions below:

  • How much would a cyber event cost our organization?
  • Which projects or initiatives will reduce the most amount of risk?
  • Are we over or under insured with our current cyber insurance policy?


Bowen                 Quinlan


10:00am-10:30am: Refreshment Break


10:30am-11:30am: Embedding a Culture of Security to Enable Smart, Secure Decision-Making




  • Byron Rashed, Vice President of Marketing, Centripetal




  • Fred Kwong, Ph.D., Vice President, Chief Information Security, DeVry University
  • Keith Conlee, Chief Security Officer, IT, College of DuPage
  • Brian Palmer, Director IT Security & Infrastructure, Ventas
  • Dr. Michael Chahino, CIO, Elgin Community College
  • John Bates, Manager, Cybersecurity, EY
  • Other CISOs sharing experiences, tactics, and lessons learned


With the increased adoption of remote and hybrid work, the cybersecurity framework continues to expand. Security must be a high-priority for every company stakeholder, and CISOs must lead the charge.



Rashed          Kwong         Conlee          Palmer           Chahino              Bates


11:30am-12:30pm: A Floppy Disk, The Internet, and a Threat Hunter


Peter Steyaert, Sr. SE Manager, Gigamon


A brief overview of the history of Ransomware, going from one of the first initial known attacks to modern day. Giving you an understanding how the model has changed from an opportunistic smash and grab method to a low and slow targeted approach, to include ransomware as a service. Discussing assets that are needed by the Threat hunter in the organization to identify and resolve the treat in an environment before and after an organization is targeted by a ransomware organization.



12:30pm-1:30pm: Lunch Break


1:30pm-2:30pm: Achieving Data Privacy via Data Security: The CDSA Credential and Data Security Assessment


David Braun, President & CTO, Indecium


Regardless of an attacker’s entry point into an organization, they’re always after the same two things – credentials and data.

To help shine a light on where you’re most vulnerable, a comprehensive assessment of select data repositories, Active Directory, and Windows infrastructure is required which can allow for;


  • Removing inappropriate data access
  • securing the credentials attackers seek to compromise and exploit,
  • Detecting, preventing, and mitigating advanced threats at the system, directory, and data layers of your environment.



2:30pm-3:00pm: Refreshment Break


3:00pm-4:00pm: SaaS Security: Challenges, Planning & Priorities 


Eliana Vuijsje, Director of Product Marketing and Research, Adaptive Shield

There is no question SaaS has now become the default system of record, and many companies have yet to update the way they monitor their business-critical apps. To understand how teams are currently dealing with their SaaS security posture, and what their main concerns are, we surveyed hundreds of CISOs from across the globe. The SaaS Security Survey Report highlights their perspectives on the SSPM space and the steps they are taking to secure their SaaS app stack.



4:00pm-5:00pm: Stopping Ransomware with Autonomous Response


Mary Bobos, Cybersecurity Director, Darktrace


Stopping Ransomware with Autonomous Response

New strains of ransomware are leaving organizations vulnerable – too often, security teams lack the ability to respond proportionately to an attack, leading to cyber disruption across the organization.

Join Cybersecurity Director, Mary Bobos, as she unpacks some of today’s most advanced ransomware threats. Learn how Self-Learning AI understands the organization to reveal every stage of a ransomware attack – and takes targeted, autonomous action to stop the threat in its tracks.


  • Recent ransomware threat trends, including double extortion and RDP attacks
  • How Autonomous Response takes action to contain an emerging attack, even when security teams are out of office
  • Real-world examples of ransomware detected by AI – including a zero-day and an attack initiated on Christmas Day



Conference Price: $299.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.



As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.