PAST EVENTS

Security Architecture Strategies: Chicago (Rosemont/O’Hare), Illinois

 

Strategies to secure business driven enterprise architecture.

 

June 6, 2023

 

9:00am-5:00pm

 

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

 

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

    

Overview

 

In order to build and run applications securely there are key architectural components that need to be in place. Without infrastructure components like proper encryption, standard authentication methods and logging standards developers are challenged to build secure applications. Without proper pre-production testing and event logging / analysis knowing if an application is under attack and should you worry when it is becomes virtually impossible. With the advent of containers and the ability to scale application across different platforms the problem only gets compounded.

 

This conference will present the key architectural components your company should have in place that will allow you to build, run and monitor applications more securely.

What You Will Learn

 

The C-suite understands that security policies and controls have a direct impact on the ability of organizations to respond to business disruption.

 

In this one day in-person conference, attendees will learn:

  • Security Architecture and Business Resiliency
  • My Zero Trust Journey – From Conception to Design and Implementation
  • How to Rationalize Tools/Processes and How to Assess Where Your Security Program Maturity is At
  • Securing Your DevOps Infrastructure
  • Stay Awake! API Attacks are Coming Your Way! – The New Attack Frontier
  • How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion)

 

CONFERENCE AGENDA

8:00am – 9:00am: Registration and Continental Breakfast

9:00am – 10:00am:  How to Rationalize Tools/Processes and How to Assess Where Your Security Program Maturity is At

 

Derek Milroy, Information Security, U.S. Cellular

 

This talk will focus on how to rationalize/optimize your security focused tools and gauge your overall Security Program Maturity.

This presentation will also provide suggestions for moving the needle on maturing various areas. No frameworks, just “in the trenches” advise on security tooling and how to gauge overall security program maturity, diving in a bit on some areas/aspects.

 

 

Milroy

 

10:00am – 10:30am: Refreshment and Exhibit Break

10:30am – 11:30am:  AIOps(DevSecOps) How to Gain Insights Into Your Infrastructure Events

 

 

Karthik Kandamuri, Director, Enterprise Architecture, AbbVie

 

 

Kandamuri

 

 

11:30am – 12:30pm: Securing Your DevOps Infrastructure

 

With infrastructure moving more to code-based deployments, security becomes critically important. How to protect sensitive information, accounts and secrets in your deployment code is a challenge for organizations of all size. PSM Partners’ Brad Wyatt will present lessons learned from the field, talk about best practices, and discuss some challenges with automation security.

 

 

Brad Wyatt, Solutions Architect, Cloud Solutions Group (CSG), PSM Partners

 

The IT field continues evolve and traditional physical infrastructure deployments are moving to a more automated code-first approach. Automation can provide consistency across different deployments and configuration changes en masse, but with an ever-changing landscape how can you ensure that your code, pipelines, and runbooks remain secure?

 

In this session we will explore some of the ways to keep your secrets, secret. From using secret stores in code-based deployments to encrypting variables in different automation platforms, learn what tools are available to help guarantee that your company won’t suffer a security incident at the expense of efficiency.

 

In 2021, companies leaked more than 6 million passwords, API keys, and other sensitive data types doubling the number from the prior year. On average, 3 out of every 1,000 commits to GitHub leaked a secret with more than half of the secrets consisting of credentials to either data storages, cloud providers, encryption keys, development tools, or messaging platforms. Upon conclusion of this session, you will have the necessary knowledge and tools to secure your DevOps and Automation practices.

 

 

Wyatt

 

 

12:30pm – 1:30pm: Lunch and Exhibit Break

1:30pm – 2:30pm: Stay Awake! API Attacks are Coming Your Way! – The New Attack Frontier

 

Patrick Mawyer, Sr. Sales Engineer, Traceable

 

 

As the digital landscape continues to evolve rapidly, it is crucial to address the potential vulnerabilities & risks associated with APIs. Enhance your understanding of API security and learn valuable insights and strategies to safeguard your organization’s APIs against potential threats.

 

Key discussion topics of today’s session:

  • Understanding the importance of API security in today’s interconnected world
  • Identifying common API vulnerabilities and their potential impact
  • Best practices for securing APIs and ensuring compliance with industry standards
  • Real-world case studies highlighting successful API security implementations

 

 

Mawyer

 

2:30pm – 3:00pm: Refreshment and Exhibit Break

3:00pm – 4:00pm: How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion) 

 

In this session attendees will learn from Security Architecture executives as to how they are strengthening their architectures

 

Moderated by: Marc Kreppel, Enterprise Account Executive, Zerto

 

 

Panelists will include:

  • Josh Sims, Information Security Manager, ACGME
  • Brandon Daab, Information Security, Foundation Finance Company LLC
  • Dan Krueger, Director of Cybersecurity & BISO, Elevance Health (formerly Anthem)
  • Ron Zochalski, CTO & CISO, Lake County, Indiana Government
  • Zachary Voss, Information Systems Security Engineer, Lucas-Milhaupt Inc.
  • And other InfoSec Leaders sharing experiences and lessons learned

 

 

 

Kreppel                         Sims                   Daab            Krueger            Zochalski               Voss

 

 

Conference Price: $299.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

conference sponsors