Enterprise Risk / Security Management


Strategies for reducing risk to the enterprise.


May 27, 2021


9:00am-5:00pm CST; 10:00am-6:00pm EST


7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded


Conference location: ONLINE





In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.


With all of these challenges, how do you make this happen?


In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn


In this one day conference attendees will learn:

  • 2021 and Beyond: Security and Risk Management Trends
  • Data Protection in Office 365
  • Security and Risk Management Trends / Protecting your Data During a Pandemic
  • The Cybersecurity Department: Making Cybersecurity a Business Competency Through Key Risk Indicators
  • CISO Leadership – How to Lead Your Team During Crisis (Panel discussion)
  • Managing Security Risk at the Speed of Business (Panel discussion)


Conference Price: $0.00 per person


Attendance is limited to enterprise IT executives, management and staff in companies with at least 25 employees. Registrants cannot be sales/marketing/business development professionals, nor executives, of companies that provide IT products or services to enterprises.


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.

9:00am-10:00am: Ransomware Threats and the Cost of Defense – Is XDR/EDR Actually Worth It?



Bruce Embree, Cortex Field CTO, Palo Alto Networks


Join us as we discuss the average street prices of EDR and XDR defensive systems vs the actual ransom amounts we have seen demanded by threat actors in the wild. Then you can make the call on if it makes sense for your enterprise.



10:00am -10:30am: Networking Break

10:30am-11:30am: 2021 and Beyond: Security and Risk Management Trends




This presentation will describe the most significant trends in cybersecurity and how your organization needs to take advantage of these trends.


Key areas that will be covered include:

  • The next generation of threats
  • Trends in creating a top notch security organization
  • Strategic trends that will influence security strategy



11:30am-12:30pm:  Protecting your Data During and After a Pandemic  




Topics that will be covered during this session will include:

  • Pandemic has forced us to look forward for both existing assessment method and for the future
  • Remote methods of observation and other assurances have been largely successful in the last six months
  • New standards emerging to drive better security and offer more latitude
  • PCI SSF and PCI DSS 4.0 allow more focus on objectives vs. prescriptive requirements



12:30pm – 1:30pm Lunch Break

1:30pm-2:30pm: Making SOC Economics Work In Your Favor



Gal Shafir, Global Director of Engineering, Siemplify


No matter the size or industry, company leaders recognize that minimizing external threats are of paramount importance. As a result, companies value their SOCs and consider them critical to their cybersecurity strategy, however, it is not always easy to quantify the ROI of these investments. In this session you will not only learn how to capture the ROI, but to improve it as well.

1. Understand the 1-10-60 rule and why it matters and how to measure against it
2. You will learn what is impacting overall ROI
3. Actionable tactics you can take to improve ROI
4. ROI isn’t only about money, but other factors impact the bottom line




2:30pm – 3:00pm: Networking Break

3:00pm-4:00pm: CISO Perspective: How to Get Privileged Access Management Right

Christopher Hills, Deputy CTO, BeyondTrust
Panelists will include:
Brian Schrock, Information Security Officer/VP, CISSP / CISM, Premier Bank
Billy Heiser, Manager IT Security, The Lincoln Electric Company
Ken M. Shaurette, Director InfoSec and Audit, FIPCO
And other CISOs and IT Security Executives sharing strategies, tactics and lessons learned


Areas that will be covered include:


When you think of PAM as part of your security program, what does that mean to you and your organization?


How do you feel PAM has evolved over the last several decades, and why do you think PAM is important now?


We break PAM into 3 primary pillars, Privileged Password and Session Management, Endpoint Privileged Management, and Secure Remote Access. What is important to consider with:


• Privileged Password and Session Management
• Endpoint Privilege Management
• Secure Remote Access


As organization embrace remote working, what is important in regard to endpoint security, and why is it important to ensure you have complete endpoint security in place?


Is the traditional approach to endpoint security enough, aka Antivirus or NGAV?


How do you handle 3rd Party and Vendor access into your organization? Is it appropriate to still use technologies like VPN, have you considered some of the security implications for 3rd party and vendor access using VPN’s?


What are some parting thoughts for those that are new to PAM or just starting their journey with PAM?



4:00pm-5:00pm:  Managing Security Risk at the Speed of Business (Panel discussion)


Panelists will include enterprise CISOs and IT Security Executives sharing strategies, tactics and lessons learned


As a valued partner to the business, CISOs need to lead with business first execution.


In this session, attendees will learn from CISOs/Security Executives as to how they are:

  • Leading a business first mentality
  • Looking at every security risk decision through the lens of business impact
  • How can security and IT operations can work together effectively to identify best cost actions that have the most meaningful impact on exposure to business compromise and impact
  • Understand what Cloud/DevOps/Digital mean for your risk management program


Conference Price: $0.00 per person


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.



As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the breaks, you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.