|
In today’s highly regulatory environment
it is essential that you have a security
management framework that adheres to the
needs of the business and compliance,
protects your crucial assets and at the
same time provides access to those
parties that are crucial to helping your
business grow.
With all of these challenges, how do you
make this happen?
In this one day conference, attendees
will be provided with a thorough
security management framework that will
help work through these challenges
allowing your organization to stay
focused on the business at hand.
Who Should Attend:
CIOs/CISOs
VPs/IT Directors
Security Managers/Architects
Network Managers |
Conference Program
8:00am - 9:00am Registration and Continental
Breakfast
9:00am-10:00am
How to Build and Manage an Effective Compliance
Program
Neil Witek, Program Manager, Governance and
Strategy Services, PMP, CISSP, CISA, G7799, GHSC,
Halock Security Labs
Compliance is a must for most organizations, but
it can be extremely complicated to administer
and manage. With regular updates to compliance
how do you make sure that your organization is
adhering to the most recent legislation?
In this session your will learn:
-
How to navigate through the various
regulations in terms of your organization's
needs
-
How to assess your IT controls for
compliance-readiness
-
Build a roadmap for filling in your
readiness gaps
-
Various sources of information to help you
work through the inherent challenges
-
How to gain the confidence of upper
management to use compliance as a business
enabler
-
How to understand the technical components
of the compliance process
10:00am - 10:30am - Refreshment and Exhibit
Break
10:30am - 11:30am
Where are You Weak? How to Run an Effective
Security Audit
Mark T. Edmead,
IT Director, Control Solutions International,
MBA, CISSP, CISA,
Shavlik partner
A security audit is really an assessment of how
effectively security policies are being
implemented in an organization. In its best
form it is a thorough examination of the
organization’s written security policies and how
well the organization is adhering to them.
But how do you get started to make sure your
organization is as safe as possible?
In this session, attendees will learn:
-
How to define the organization’s security
objectives
-
A list of questions that security auditors
and IT security professionals must
answer
-
The homework that must be done before an
audit begins
-
How to interpret the results
-
How to prioritize actions & remedies that
must be taken
-
Pitfalls that must be avoided
11:30am - 12:30pm
Identity & Access Management – Defining the
Framework and the Process
|
Mann |
Bilhar Mann, Senior Vice President & General
Manager, Security Management, CA
According to leading analysts, billions of
dollars are lost each year due to breaches of
identity and access management. Implementing
effective Identity and Access Management
Frameworks is imperative, however, it must not
preclude access to the important elements that
help drive your business: employees, customers
and suppliers!
In this session, attendees will learn:
-
What is the Technology and Process for
current and future IAM
-
Ways to
Roll out IAM Frameworks
-
How IAM
Fits into Compliance & Audit
-
How to
Meet Service Level Agreements for
Your Organization
-
ROI
Your Organization Can Expect to Achieve
from IAM
-
Pitfalls to
Avoid
12:30pm - 1:30pm - Luncheon
1:30pm - 2:30pm
From the Source to the Destination: How to
Protect Critical Data Communications
Kevin Kumpf, Senior Engineer, SSH Communications
Because of an increasing number of security
breaches occurring within the perimeter by
employees and other sources, another method of
security is desperately needed.
In this technical session attendees will learn:
-
The inherent restrictions of existing
enterprise security approaches
-
How to combat the next generation of threats
while working in a regulatory environment
-
How to implement a framework that addresses
data integrity and enforcement of policy
2:30pm - 3:00pm - Refreshment and Exhibit Break
3:00pm - 4:00pm
Strategies to Prevent Data Leakage: How to
Secure Your Communications Tools
Kevin Kumpf, Senior Engineer, SSH Communications
Through communication tools such as E-Mail, IM
and overall Unified Communications, it is rather
easy for information to escape into the hands of
those that can cause harm. Through the other
sessions you understand the business
ramifications, of data loss and not adhering to
compliance, but what should you be doing to
secure your communications systems?
In this session attendees will learn:
-
The inherent risks if these communications
methods are not secured
-
How to assess which of your communications
methods are at highest risk
-
A well-designed tactical framework that can
help you secure these communications
vehicles
-
How to pinpoint future potential breaches in
your implemented tools
-
What are the next generation threats in your
systems
|
Berbert |
4:00pm - 5:00pm
Protecting a Moving Target: How to Proactively
Secure Assets Beyond the Network
Moderator: Ken Berbert, Region Director,
Axcess, Inc.
Panelists: Rita Bartolone, Information Risk,
Hospira,
|
Suarez |
Patti Suarez, CISSP,
Sr. Manager - Information Security &
Compliance,
Wm. Wrigley Jr.,
Mark Guth, Director IT Security, Nicor Gas,
Min Ju, Manager of Information Security, CEH,
CISSP, CISA, CDW, Inc.
A panel of enterprise IT security professionals
will discuss best practices in IT protection,
accountability and security for assets,
intellectual property and privacy information to
corporate compliance and federal and state laws.
|
Guth |
|
Ju |
Each attendee will receive a certificate
awarding 7 CPE credits for CISSP continuing
education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of
(ISC)², Inc.
Exhibits
As is always the case at CAMP IT Conferences events, the talks
will not include product presentations. During the
continental breakfast, coffee breaks, and the
luncheon break you will have the opportunity to
informally meet representatives from the
following sponsoring companies, who have
solutions in the area of the conference.
