PAST EVENTS

Enterprise Risk / Security Management

 

Strategies for reducing risk to the enterprise.

 

July 22, 2020

 

8:30am-3:30pm CST

 

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

 

Conference location: Online

      

Overview

 

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

 

With all of these challenges, how do you make this happen?

 

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn

 

In this one day conference attendees will learn:

  • CISO Leadership During a Pandemic
  • What We End up Doing Anyway
  • CISO Leadership – How to Lead Your Team During Crisis (Panel discussion)
  • Learning from InfoSec Fails – People, Process, and Technology
  • Achieving Governance and Security through Cloud Management
  • How to Build an Effective Threat Investigation and Eradication Capability
  • Cloud, Control & Security: Critical Security Controls You Should be Using
  • Managing Security Risk at the Speed of Business (Panel discussion)

 

Conference Price: $0.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Conference Program

8:00am – 8:30am: Registration and Networking

8:30am-9:15am: CISO Leadership During a Pandemic

 

Ricardo Lafosse, CISO, KraftHeinz

 

In this thought provoking session, attendees will learn advice on how security strategies have been adapted and what to expect post-pandemic.

 


Lafosse

9:15am-10:00am: What We End up Doing Anyway

 

Derek Milroy, Sr Enterprise Security Architect, US Cellular

 

This talk will discuss a dozen security processes we all end up implementing regardless of the Control Frameworks we utilize or any compliance mandates we have to fulfill (PCI, SOX, etc.).

 


Milroy

10:00am – 10:30am: Networking Break

10:30am-11:15am:  Data Protection in Office 365

 

Stephen Frethem, Director of Enablement, Varonis

 

Do you know what really happens behind the scenes when a user creates a new Team in Office 365? (More than you think!) Where do files go when you share them with a Teams channel? (Hint: check SharePoint.) How can an O365 admin see which sensitive files have been shared outside a Team via links? (Do you have an hour?)

 

Let Stephen Frethem from Varonis walk you through the common challenges we see in the field along with some best practices on what to do about it (with or without additional products).

 


Frethem

11:15am – 12:00pm: Adopting Risk-Based Cybersecurity at Your Organization

 

Levi Gundert, Senior Vice President of Global Intelligence, Recorded Future

 

What’s the best approach to enterprise security? The prevailing consensus in the industry has generally been threat-based or compliance-based approaches. However, many organizations that use these approaches struggle to strike the right balance between technical tools and practical outcomes.

 

The answer is to focus on reducing risk.

 

Join us to get an actionable roadmap for success, including:

  • Examining 20 plus years of security paradigms — and learn why many of them fail
  • Explore the increasing risks tied to digital transformation initiatives
  • Understand how security intelligence helps teams make better decisions based on contextual data and metrics
  • Discover a proven, comprehensive framework for cybersecurity that emphasizes risk over threats
  • Learn how to create a persistent information advantage for better security — with a focus on being profitable

 


Gundert

12:00pm – 12:45pm: Lunch break

12:45pm – 1:30pm: Continuous Vulnerability – Striving for a 14 day SLA

 

Chris Goettl, Director, Product Management, Ivanti

 

When threat actors exploit weaknesses in an organization’s IT infrastructure, the consequences can be devastating to productivity, reputation, and financially. Without treating cybersecurity as an ongoing process, hackers can find, weaponize, deploy, and attack your infrastructure faster than your team can patch the vulnerability leaving your infrastructure unprotected. Your systems may be secure today, but next week, a cybersecurity criminal may discover and exploit a critical vulnerability in your environment. Join us as we discuss how continuous vulnerability management can be executed effectively.

 

 


Goettl

1:30pm – 2:15pm:  CISO Leadership – How to Lead Your Team During Crisis (Panel discussion)

 

Moderator:
Galen Emery, Lead Compliance & Security Architect, Chef Software
Panelists:
Eric Hansen, Head, Cyber Defense for the Americas, Siemens
Ron Versetto, Executive Director of Information Technology, University of Illinois at Chicago
and other enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned

 

Every day we are bombarded with more aggressive threats and the pressure on IT becomes more intense. How do we lead and keep up morale in this never ending fight? How do we keep our teams engaged when they are being heavily recruited by your competitors? How will you effectively lead when every day presents another crisis?

 

       
Hansen     Versetto      Emery

2:15pm – 2:45pm: Refreshment Break

2:45pm-3:30pm:  Managing Security Risk at the Speed of Business (Panel discussion)

 

Moderator:
Annur Sumar, Chief Technology Officer, MaeTech
Panelists:
James Mountain, CISO, Palmer College of Chiropractic
John Kellerhals, Manager, Information Security, CF Industries
Mia Boom-Ibes, VP of Security Innovation, Strategy, Analytics, and GRC, Allstate Insurance
and enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned

 

As a valued partner to the business, CISOs need to lead with business first execution.

 

In this session, attendees will learn from CISOs/Security Executives as to how they are:

  • Leading a business first mentality
  • Looking at every security risk decision through the lens of business impact
  • How can security and IT operations can work together effectively to identify best cost actions that have the most meaningful impact on exposure to business compromise and impact
  • Understand what Cloud/DevOps/Digital mean for your risk management program

 

                           
Mountain      Kellerhals      Boom-Ibes      Sumar

 

Conference Price: $0.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

CONFERENCE CO-SPONSORS