PAST EVENTS

Security Architecture Strategies: Chicago (Rosemont/O’Hare) Illinois

Security is too important to be left in the hands of just one organization or individual―it should be a top priority for the entire enterprise. Enterprise Security Architecture requires a framework for developing and maintaining a system that is proactive.

May 4, 2022

9:00am-5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois

Overview

In order to build and run applications securely there are key architectural components that need to be in place. Without infrastructure components like proper encryption, standard authentication methods and logging standards developers are challenged to build secure applications. Without proper pre-production testing and event logging / analysis knowing if an application is under attack and should you worry when it is becomes virtually impossible. With the advent of containers and the ability to scale application across different platforms the problem only gets compounded.

This conference will present the key architectural components your company should have in place that will allow you to build, run and monitor applications more securely.

What You Will Learn

The C-suite understands that security policies and controls have a direct impact on the ability of organizations to respond to business disruption.

In this one day conference, attendees will learn:

• How Identity and Access Management Fits into Zero Trust
• Securing Applications from the Inside Out
• Information on the Cyber Threat Landscape
• 5 Steps to Success with Enterprise Information Security Architecture
• API MythBusters: Crushing Five Security Myths that are Crushing Your Safety
• Designing a Business Driven Security Architecture
• How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion)

Conference Price: $299.00 per person

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

Conference Program

9:00am-9:50am: Designing a Business-Driven Security Architecture

Jeff Roseman, Group VP, IT, Marmon Foodservice Technologies

In this session, attendees will learn how to make sure their security architecture aligns with the ever-changing needs of the business.

Roseman

9:50am-10:20am: Refreshment Break

10:20am-11:10am: 5 Steps to Success with Information Security Architecture (Breakout Session)

In this session, attendees will go through five crucial steps for an effective Security Architecture:

• Assess your current security situation.
• Analyze security insights (strategic and technical).
• Develop the logical security layer of the architecture.
• Design the EISA implementation.
• Treat architecture as an ongoing process.

11:10am-12:00pm: The Cyber Threat Landscape

Dmitriy Sandler, Director, Presales Systems Engineering, Arctic Wolf

With the ever-increasing risk of cyber threats, insurance carriers are changing the rules. In this session, we’ll cover the reasons behind these changes and what you should expect to see from insurance carriers going forward. We will also cover how organizations need to adapt their cybersecurity approach and the frameworks behind it all.

Takeaways:

• Insurance carriers are responding to the growing number of security “incidents” with reduced coverage, increased costs, and more stringent requirements
• Traditional tools/approaches are no longer enough to satisfy the carriers’ requirements
• Organizations need to rethink their overall cybersecurity approach, across both infrastructure and personnel
• The NIST Security Operations Framework should be used as a guide to implement better cybersecurity posture, and can lead to better negotiations of cyber insurance

Sandler

12:00pm-12:50pm: Securing Applications from the Inside Out

Bryan Wynns, Senior Solutions Engineer, Contrast Security

The application layer is an increasingly attractive target for cyber criminals. Over 39% of data breaches in the past year have been the result of an application vulnerability. Empowering development teams to find and fix vulnerabilities quickly ensures the timely delivery of secure software into production. Learn how looking at application security from the inside out will help your organization meet software release dates with safer code.

Wynns

12:50pm-1:30pm: Lunch Break

1:30pm-2:30pm: API MythBusters: Crushing Five Security Myths that are Crushing Your Safety 

Adam Fisher, Principal Security Engineer, Salt Security

Digital transformation and application modernization are driving exponential growth in the use of APIs. While APIs are more functional than ever before, organizations are hanging onto old ways of thinking about API security and it’s making them an attractive target to hackers.

Join our session on the top five common industry myths surrounding API security. You’ll learn the pitfalls of some misguided API security approaches, cut through the hype around a few security trends, and get recommendations on how to improve your organization’s API security strategy.

Key takeaways:

• The impact trends such as zero-trust, cloud migration, containerization, and shift-left are having on API security
• The role of traditional security controls in API security – what they deliver and where they fall short
• The value of a full lifecycle approach in grappling with API security
• How to deploy dedicated API security that fits today’s automated, agile, and cloud-first environments

Fisher

2:30pm-3:00pm: Refreshment Break

3:00pm-4:00pm: How Identity and Access Management Fits into Zero Trust

Annur Sumar, Chief Technology Officer, Cloud Unity

In a network that knows no perimeter, understanding exactly who and what is on the network and why they are there is essential to maintaining organizational security.  This is why a robust identity and access management (IAM) policy is fundamental to successfully deploying ZeroTrust.

In this session, attendees will learn how paying attention to IAM will make it easier to move forward with ZeroTrust.

Sumar

4:00pm-5:00pm: How Enterprise IT Security Executives are Bolstering Their Architecture (Panel Discussion)

In this session, learn from a group of Senior Executives as to how they are working through the challenges.

Moderator:

Steve Williams, Director, Google Security

Panelists include:

*Murad Dikeidek, Head of Information Security, University of Illinois Hospital & Health Sciences System

*Patrick Kinard, Senior Server Enterprise Operations Manager, CPS

*Derek Milroy, Information Security, U.S. Cellular

Williams           Dikeidek                   Kinard                Milroy