Conference Program

8:00am - 9:00am Registration and Continental Breakfast

9:00am-10:00am
How to Build and Manage an Effective Compliance Program

Neil Witek, Program Manager, Governance and Strategy Services, PMP, CISSP, CISA, G7799, GHSC, Halock Security Labs

Compliance is a must for most organizations, but it can be extremely complicated to administer and manage.  With regular updates to compliance how do you make sure that your organization is adhering to the most recent legislation?

 In this session your will learn: 

• How to navigate through the various regulations in terms of your organization's needs

• How to assess your IT controls for compliance-readiness

• Build a roadmap for filling in your readiness gaps

• Various sources of information to help you work through the inherent challenges

• How to gain the confidence of upper management to use compliance as a business enabler

• How to understand the technical components of the compliance process

10:00am - 10:30am - Refreshment and Exhibit Break

10:30am - 11:30am
Where are You Weak?  How to Run an Effective Security Audit

Mark T. Edmead, IT Director, Control Solutions International, MBA, CISSP, CISA, Shavlik partner

A security audit is really an assessment of how effectively security policies are being implemented in an organization.  In its best form it is a thorough examination of the organization’s written security policies and how well the organization is adhering to them.

But how do you get started to make sure your organization is as safe as possible? 

In this session, attendees will learn: 

• How to define the organization’s security objectives

• A list of questions that security auditors and IT security professionals must answer

• The homework that must be done before an audit begins

• How to interpret the results

• How to prioritize actions & remedies that must be taken

• Pitfalls that must be avoided

11:30am - 12:30pm
Identity & Access Management – Defining the Framework and the Process

Bilhar Mann, Senior Vice President & General Manager, Security Management, CA

According to leading analysts, billions of dollars are lost each year due to breaches of identity and access management.  Implementing effective Identity and Access Management Frameworks is imperative, however, it must not preclude access to the important elements that help drive your business: employees, customers and suppliers!

In this session, attendees will learn:

• What is the Technology and Process for current and future IAM
• Ways to Roll out IAM Frameworks
• How IAM Fits into Compliance & Audit
• How to Meet Service Level Agreements for Your Organization
• ROI Your Organization Can Expect to Achieve from IAM
• Pitfalls to Avoid

12:30pm - 1:30pm - Luncheon

1:30pm - 2:30pm
From the Source to the Destination: How to Protect Critical Data Communications

Kevin Kumpf, Senior Engineer, SSH Communications

Because of an increasing number of security breaches occurring within the perimeter by employees and other sources, another method of security is desperately needed.

In this technical session attendees will learn:

• The inherent restrictions of existing enterprise security approaches
• How to combat the next generation of threats while working in a regulatory environment
• How to implement a framework that addresses data integrity and enforcement of policy

2:30pm - 3:00pm - Refreshment and Exhibit Break

3:00pm - 4:00pm 
Strategies to Prevent Data Leakage: How to Secure Your Communications Tools

Kevin Kumpf, Senior Engineer, SSH Communications

Through communication tools such as E-Mail, IM and overall Unified Communications, it is rather easy for information to escape into the hands of those that can cause harm.  Through the other sessions you understand the business ramifications, of data loss and not adhering to compliance, but what should you be doing to secure your communications systems?

In this session attendees will learn: 

• The inherent risks if these communications methods are not secured

• How to assess which of your communications methods are at highest risk

• A well-designed tactical framework that can help you secure these communications vehicles

• How to pinpoint future potential breaches in your implemented tools

• What are the next generation threats in your systems

4:00pm - 5:00pm

Protecting a Moving Target:  How to Proactively Secure Assets Beyond the Network

Moderator: Ken Berbert, Region Director, Axcess, Inc.

Panelists: Rita Bartolone, Information Risk, Hospira,
Patti Suarez, CISSP, Sr. Manager - Information Security & Compliance,  Wm. Wrigley Jr.,

Mark Guth, Director IT Security, Nicor Gas,

Min Ju, Manager of Information Security, CEH, CISSP, CISA, CDW, Inc.

A panel of enterprise IT security professionals will discuss best practices in IT protection,

accountability and security for assets, intellectual property and privacy information to

corporate compliance and federal and state laws.