UPCOMING EVENTS

Enterprise Risk / Security Management: Dallas

Conference Chair: Jim Desmond, Chief Security Officer, Elevate

 

Desmond

 

Strategies for reducing risk to the enterprise.

 

September 18, 2018

 

9:00am-5:00pm

 

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

 

Conference location: Irving Convention Center at Las Colinas

  


Overview

 

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

With all of these challenges, how do you make this happen?

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.


What You Will Learn

 

In this one day conference attendees will learn:

  • A Day in the Life of a CISO
  • Black Swans and White Rabbits—Threat Modeling Tools for Security Leaders
  • Are you Protecting Enough, and Protecting Effectively Enough?
  • OWASP Top 10 in Depth
  • Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)
  • A Risk Adaptive Approach to Data Protection
  • Managing Security Risk at the Speed of Business (panel discussion)

 

Conference Price: $289.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.


Conference Program


8:00am – 9:00am: Registration and Continental Breakfast


9:00am-9:50am: A Day in the Life of a CISO

 

Mark Nagiel, SVP/CISO, PrimeLending

 

 

 


9:50am -10:20am: Refreshment Break


10:20am-11:10am: Black Swans and White Rabbits—Threat Modeling Tools for Security Leaders

 

 

 

Enterprise security leaders struggle with budgeting even when they aren’t short on capital. Staffing, tools, services, and training are just some of the things on your budget to avoid the worst day of your security career. Except, at some point, we know that day will likely come. The secret to surviving that worst-case scenario is to build a healthy enterprise security program – which of course starts with a healthy budget, supported by a realistic threat model aligned to your business. Drawn from hundreds of CISOs and security leaders over the years, the speaker will provide effective knowledge one can leverage right away.

 

Attendees will learn:

  • An overview of threat modeling, focusing on relevant outcomes
  • Tools and techniques to build effective threat models
  • Experienced-based anecdotes

 


11:10am-12:00pm: How Blockchain Technology Will Transform Security

 

James Beecham, CTO & Founder, ALTR

 

Data breaches are worse than ever, yet blockchain technology has rendered the public Bitcoin network virtually invulnerable. How can we apply this new technology to dramatically improve security? This session will describe the underlying technology of blockchain and what makes it so secure, and then take attendees on a journey from how the technology is applied in a public network to how it can be applied in a private network. We’ll talk through various real-world examples of blockchain being used to secure devices, assets, and devices and make some predictions about where it will lead in the coming years.

 


Beecham


12:00pm – 12:50pm: OWASP Top 10 in Depth

 

 

The OWASP Top 10 is a powerful awareness analysis for web application security. It represents a broad consensus about the most critical security risks to web applications. Contributors include a variety of security experts from around the world who have shared their expertise to produce the list. The presentation will cover each vulnerability in detail and mitigation strategies.

 

 


12:50pm – 1:50pm Luncheon


1:50pm-2:40pm: Vendor Risk Management: How to Identify and Decrease Potential Risks When Leveraging 3rd Party Vendors (panel discussion)

 

Panelists:
Gregory Wilson, Head of Information Security, 1st Global
Scot Miller, Vice President, former Chief Information Security Officer, Health Management Systems (HMS)
John Woods, Vice President, Information Security, PDX Inc.
Robert Pace, Vice President, Information Security & Compliance, First American
Mark Houpt, Chief Information Security Officer, Databank
and other enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned

 

Topics that will be covered include:

  • Contract outlining the business relationship between your organization and 3rd party vendor
  • How to monitor vendor performance to ensure that contractual obligations are being met
  • Guidelines regarding which party will have access to what information as part of the agreement
  • How to ensure that 3rd party vendors meet regulatory compliance guidelines for your industry

 

               
Miller       Woods       Houpt        Pace


2:40pm – 3:10pm: Refreshment Break


3:10pm-4:00pm: Putting the Human Back Into Network Security

 

 

Network security technology is shifting from just being a way to keep threats out of your network to providing operational insights that can make your people more effective and your organization more efficient. With the growth of unmanaged devices like phones, tables, appliances and Internet of Things (IoT) gadgets, the network often is the only place where sensing and enforcement can be done consistently. Advances in behavioral monitoring, analytics and machine learning are converging, enabling security to go beyond the old black-and-white, threat-centric approach of separating activities into “good” and “bad.” Now, security is becoming context-based, addressing the fuzzy “gray” area where today’s greatest productivity and greatest risks are found. We’ll discuss how network security products are making it easier to understand people’s intent so that you can take a modern risk-adaptive approach connecting and protecting your people and data.

 

 


4:00pm-5:00pm: Managing Security Risk at the Speed of Business (Panel discussion)

 

Panelists:
Kurt Hagerman, CISO, ARMOR
Paola Saibene, Data Privacy & Data Protection, Business Integrity & Compliance, Flowserve
Peter Tomaszewski, CISO, Pharmaceutical Strategies Group
Sailaja Kotra-Turner, Director, IT Security & Risk Management, Brinker
Randy Potts, Managing Director – InfoSec, Real Time Resolutions
and other enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned

 

As a valued partner to the business, CISOs need to lead with business first execution.

 

In this session, attendees will learn from CISOs/Security Executives as to how they are:

  • Leading a business first mentality
  • Looking at every security risk decision through the lens of business impact
  • How can security and IT operations can work together effectively to identify best cost actions that have the most meaningful impact on exposure to business compromise and impact
  • Understand what Cloud/DevOps/Digital mean for your risk management program

 

            
Hagerman     Saibene     Tomaszewski


Conference Price: $289.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.


CONFERENCE CO-SPONSORS