Enterprise Risk / Security Management
Strategies for reducing risk to the enterprise.
May 27, 2021
9:00am-5:00pm CST; 10:00am-6:00pm EST
7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded
Conference location: ONLINE
Overview
In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.
With all of these challenges, how do you make this happen?
In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.
What You Will Learn
In this one day conference attendees will learn:
Conference Price: $0.00 per person
Attendance is limited to enterprise IT executives, management and staff in companies with at least 25 employees. Registrants cannot be sales/marketing/business development professionals, nor executives, of companies that provide IT products or services to enterprises.
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.
9:00am-10:00am: Ransomware Threats and the Cost of Defense – Is XDR/EDR Actually Worth It?
Bruce Hembree, Cortex Field CTO, Palo Alto Networks
Join us as we discuss the average street prices of EDR and XDR defensive systems vs the actual ransom amounts we have seen demanded by threat actors in the wild. Then you can make the call on if it makes sense for your enterprise.
Hembree
10:00am -10:30am: Networking Break
10:30am-11:30am: Attendee Networking Breakout Sessions
Best Practices for Justifying Your Security Investments
Building Strong Cyber Security Teams- Skills Needed; Learned or Taught?
How are You Planning for Return for Work?
How IT Security Can Best Partner with the Business?
Strategies Governance, Security & Cloud
11:30am-12:30pm: Disaster Recovery as Part of Your Security Plans
Chad Stanfield, Practice Director of Modern Datacenter, Redapt
When a security disaster strikes, what’s your course of action? How will you notify your staff? How will you keep your lights on to ensure revenue doesn’t plummet far and fast?
Disaster recovery has become an even more critical part of security with the recent popularity of ransomware. For network administrators, a disaster recovery plan is essential.
Without a disaster recovery plan, organizations usually never recover from a disaster.
In this session, we’ll cover:
Stanfield
12:30pm – 1:30pm Lunch Break
1:30pm-2:30pm: Making SOC Economics Work In Your Favor
Gal Shafir, Global Director of Engineering, Siemplify
No matter the size or industry, company leaders recognize that minimizing external threats are of paramount importance. As a result, companies value their SOCs and consider them critical to their cybersecurity strategy, however, it is not always easy to quantify the ROI of these investments. In this session you will not only learn how to capture the ROI, but to improve it as well.
1. Understand the 1-10-60 rule and why it matters and how to measure against it
2. You will learn what is impacting overall ROI
3. Actionable tactics you can take to improve ROI
4. ROI isn’t only about money, but other factors impact the bottom line
Shafir
2:30pm – 3:00pm: Networking Break
3:00pm-4:00pm: CISO Perspective: How to Get Privileged Access Management Right
Moderator:
Christopher Hills, Deputy CTO, BeyondTrust
Panelists:
Brian Schrock, Information Security Officer/VP, CISSP / CISM, Premier Bank
Billy Heiser, Manager IT Security, The Lincoln Electric Company
Ken M. Shaurette, Director InfoSec and Audit, FIPCO
and other CISOs and IT Security Executives sharing strategies, tactics and lessons learned
Areas that will be covered include:
When you think of PAM as part of your security program, what does that mean to you and your organization?
How do you feel PAM has evolved over the last several decades, and why do you think PAM is important now?
We break PAM into 3 primary pillars, Privileged Password and Session Management, Endpoint Privileged Management, and Secure Remote Access. What is important to consider with:
• Privileged Password and Session Management
• Endpoint Privilege Management
• Secure Remote Access
As organization embrace remote working, what is important in regard to endpoint security, and why is it important to ensure you have complete endpoint security in place?
Is the traditional approach to endpoint security enough, aka Antivirus or NGAV?
How do you handle 3rd Party and Vendor access into your organization? Is it appropriate to still use technologies like VPN, have you considered some of the security implications for 3rd party and vendor access using VPN’s?
What are some parting thoughts for those that are new to PAM or just starting their journey with PAM?
Heiser
4:00pm-5:00pm: Managing Security Risk at the Speed of Business (Panel discussion)
Moderator:
Annur Sumar, CTO, Maetech
Panelists:
Jonathan Kimmitt, CISO, University of Tulsa
Patrick Kinard, Sr. Enterprise Server Operations Manager, Chicago Public Schools
Mark Kaplan, Former Director of Technology, Barbri
and other enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned
As a valued partner to the business, CISOs need to lead with business first execution.
In this session, attendees will learn from CISOs/Security Executives as to how they are:
Kimmitt Kinard Kaplan Sumar
Conference Price: $0.00 per person
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.
Exhibits
As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the breaks, you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.