Data Breaches:  Defending Against and Responding To: Chicago


Strategies to help your organization prepare for, defend against and respond to breaches.


May 2, 2018




7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded


Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois




It is not a matter of if, but when your organization will be breached. Against these threats, enterprises try to build higher and more secure walls around their data and networks. This seems to be a never-ending arms race, as even the most sophisticates systems may, before long, present weaknesses that malicious technology can overcome.

What You Will Learn


In this one day conference these topics will be discussed:

  • Today’s Cyber Threats – What Keeps Me Up at Night
  • You Have Been Breached: Now What?
  • Duty of Care Risk Analysis: “Getting Consensus From Legal, Information Security, and Executive Management.”
  • Something Old, Something New: 2018 Attack Overview
  • Breach Detection & Prevention: Protect Enterprise Data From Insider Threats
  • Breaches & Ransomware: How to Handle, How to Respond

Conference Program

8:00am – 9:00am: Registration and Continental Breakfast

9:00am-10:00am: Today’s Cyber Threats – What Keeps Me Up at Night


Alex Holden, Founder & CISO, Hold Security


Insider look at current events in cyber security and what is in store for the future. What are the most common threats? How to respond to the breaches that seemingly ambush us every day? This technical and insightful overview is a glimpse of hope in an otherwise chaotic cyber world.



10:00am -10:30am: Refreshment Break

10:30am-11:30am: You Have Been Breached: Now What?


Kelly Housman, Senior System Engineer, McAfee


“The story you are about to see is true. Only the names have been changed to protect the innocent” (Dragnet). In this talk will hear about data breaches (not just the big ones that make the 5 O’clock news). We will discuss and go through the steps you should be taking before, during and after a breach. So sit back and grab a chair. Turn off you mobile phone, put down your tablet and hear real world issues facing enterprises every day.



11:30am-12:30pm: Duty of Care Risk Analysis: “Getting consensus from legal, information security, and executive management.” 


Terry Kurzynski, Senior Partner, Halock Security Labs


This service philosophy has evolved into a a process for risk assessments that is best known as Duty of Care Risk Analysis (“D.O.C.R.A.”). This unique process helps organizations develop criteria by which they can prioritize risk and develop consensus on acceptable risk between the business, legal and security. The process, when implemented correctly, allows organizations to defend their decisions to interested 3rd parties, regulators, and the courts. The Duty of Care Risk Analysis process will be adopted by standards bodies in 2018.



12:30pm – 1:30pm Luncheon

1:30pm-2:30pm: Something Old, Something New: 2018 Attack Overview


Jessica Stanford, Director of Product Marketing, Cybereason


So far, the 2018 security threat landscape has yielded a combination of tried and true techniques like ransomware (look at the attack that crippled the city of Atlanta in March) and relatively new methods like supply chain attacks (Delta Airlines, Best Buy, Sears and Kmart all suffered one in April). What other attack methods are adversaries likely to turn to this year? Attend this talk for an overview of the 2018 threat landscape from the perspective of Cybereason’s analysts and learn how organizations can defend against these threats.



2:30pm – 3:00pm: Refreshment Break

3:00pm-4:00pm: Breach Detection & Prevention: Protect Enterprise Data From Insider Threats




To detect and contain data breaches, organizations need to have visibility into who is accessing enterprise data, understand if that access is legitimate and respond immediately if it’s not. To do their jobs, employees, contractors, consultants and vendors must have legitimate access to sensitive and valuable data stored in enterprise databases and file shares. However, when insiders abuse this access, or when insiders are exploited by outside attackers, enterprise data is exposed. Detection and containment of insider threats requires an expert understanding of both users and how they use enterprise data.



4:00pm-5:00pm: Breaches & Ransomware: How to Handle, How to Respond

Kevin Rubin, Managing Partner, Stratosphere Networks

Brian Kobishop, Chief Security Officer, Great Lakes Educational Loan Services, Inc.
Keith Conlee, Chief Security Officer, IT, College of DuPage
Arlene Yetnikoff, Director, Information Security, DePaul University
Dave Gochenaur, Sr. Manager, Information Security, Ensono
Kenneth Townsend, Vice President, Information Security, Federal Reserve Bank of Chicago
and other executives from IT departments


In this session, attendees will learn from CISOs and Security Executives as to how they are working through the challenges of Data Breaches and Ransomware.


Attendees will walk away with shared strategies and tactics that other organizations are employing.


Kobishop     Conlee     Yetnikoff     Townsend

Conference Price: $289.00 per person


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.



As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.