PAST EVENTS
Enterprise Risk / Security Management: Dallas
Conference Chair: Jim Desmond, Chief Security Officer, Elevate
Strategies for reducing risk to the enterprise.
September 18, 2018
9:00am-5:00pm
7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded
Conference location: Irving Convention Center at Las Colinas
Overview
In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.
With all of these challenges, how do you make this happen?
In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.
What You Will Learn
In this one day conference attendees will learn:
- Strategic Security: Impact or Influence
- Identifying Risk Across an Expanding Attack Surface
- Are you Protecting Enough, and Protecting Effectively Enough?
- Key Steps to Reduce the Risk of Malicious Insiders, Over Privileged-Users and Compromised Third Parties
- Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)
- A Risk Adaptive Approach to Data Protection
- Managing Security Risk at the Speed of Business (panel discussion)
Conference Price: $289.00 per person
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.
Conference Program
8:00am – 9:00am: Registration and Continental Breakfast
9:00am-9:50am: Strategic Security: Impact or Influence
Jim Desmond, CISO, Elevate
Desmond
9:50am -10:20am: Refreshment Break
10:20am-11:10am: Identifying Risk Across an Expanding Attack Surface
Tim Roddy, Vice President of Product Strategy, Fidelis Cybersecurity
With technology advances and threats seemingly coming from every direction, security environments have become more complex. Sensitive data is no longer locked within the corporate walls as the boundaries have expanded from the network to endpoints to the cloud. As new issues arise, new products and capabilities are created. The challenge is that the security bolt-on approach has led to many point security tools managed in silos, creating many blind spots. Visibility is a key challenge for cybersecurity teams and without having a holistic view, it’s nearly impossible to detect threats across every stage of the kill chain.
Join cybersecurity expert, Tim Roddy, as he shines a light on the challenges of attaining complete visibility across your security environment and discuss:
- How to gain visibility across networks, endpoints and cloud environments
- Alternative ways to gain visibility with and without requiring an agent on every system
- Misconceptions around “real-time” visibility and the importance of “looking back”
- The power of threat intelligence when combined with visibility
- How to ensure detection across the entire kill chain – from infiltration to activity to lateral movement to data exfiltration
Roddy
11:10am-12:00pm: How Blockchain Technology Will Transform Security
James Beecham, CTO & Founder, ALTR
Data breaches are worse than ever, yet blockchain technology has rendered the public Bitcoin network virtually invulnerable. How can we apply this new technology to dramatically improve security? This session will describe the underlying technology of blockchain and what makes it so secure, and then take attendees on a journey from how the technology is applied in a public network to how it can be applied in a private network. We’ll talk through various real-world examples of blockchain being used and make some predictions about where it will lead in the coming years.
Beecham
12:00pm – 12:50pm: Key Steps to Reduce the Risk of Malicious Insiders, Over Privileged-Users and Compromised Third Parties
Jim Anthony, VP Cybersecurity, Cyxtera
Business leaders have embraced the concept of allowing employees and third-party contractors to work from remote locations. But remote workforce migration as well as some malicious insiders present new operational and security challenges that must be addressed by IT and Security leaders.
Attend this session and learn:
- Best practices addressing remote worker access using the Software-Defined Perimeter
- Methods of efficiently integrating security with existing business processes and security solutions
- Reducing security complexity while improving the user experience all while saving money and resources
Anthony
12:50pm – 1:50pm Luncheon
1:50pm-2:40pm: Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)
Moderator:
Stephen Bird, Channel Account Executive, Comodo Cybersecurity
Panelists:
Gregory Wilson, Head of Information Security, 1st Global
Scot Miller, SVP, CISO, Mr. Cooper
John Woods, Vice President, Information Security, PDX Inc.
Robert Pace, Vice President, Information Security & Compliance, First American
Mark Houpt, Chief Information Security Officer, Databank
and other enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned
Topics that will be covered include:
- Contract outlining the business relationship between your organization and 3rd party vendor
- How to monitor vendor performance to ensure that contractual obligations are being met
- Guidelines regarding which party will have access to what information as part of the agreement
- How to ensure that 3rd party vendors meet regulatory compliance guidelines for your industry
Wilson Miller Woods Houpt Pace
2:40pm – 3:10pm: Refreshment Break
3:10pm-4:00pm: Putting the Human Back Into Network Security
Chris Morris, Security Specialist, Forcepoint
Network security technology is shifting from just being a way to keep threats out of your network to providing operational insights that can make your people more effective and your organization more efficient. With the growth of unmanaged devices like phones, tables, appliances and Internet of Things (IoT) gadgets, the network often is the only place where sensing and enforcement can be done consistently. Advances in behavioral monitoring, analytics and machine learning are converging, enabling security to go beyond the old black-and-white, threat-centric approach of separating activities into “good” and “bad.” Now, security is becoming context-based, addressing the fuzzy “gray” area where today’s greatest productivity and greatest risks are found. We’ll discuss how network security products are making it easier to understand people’s intent so that you can take a modern risk-adaptive approach connecting and protecting your people and data.
Morris
4:00pm-5:00pm: Managing Security Risk at the Speed of Business (Panel discussion)
Moderator:
Doug Wick, VP Products & Marketing, ALTR
Panelists:
Kurt Hagerman, CISO, ARMOR
Paola Saibene, Data Privacy & Data Protection, Business Integrity & Compliance, Flowserve
Peter Tomaszewski, CISO, Pharmaceutical Strategies Group
Sailaja Kotra-Turner, Director, IT Security & Risk Management, Brinker
Randy Potts, Managing Director – InfoSec, Real Time Resolutions
and other enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned
As a valued partner to the business, CISOs need to lead with business first execution.
In this session, attendees will learn from CISOs/Security Executives as to how they are:
- Leading a business first mentality
- Looking at every security risk decision through the lens of business impact
- How can security and IT operations can work together effectively to identify best cost actions that have the most meaningful impact on exposure to business compromise and impact
- Understand what Cloud/DevOps/Digital mean for your risk management program
Wick Hagerman Saibene Potts Kotra-Tuner Tomaszewski
Conference Price: $289.00 per person
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.
Exhibits
As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.