Speaker:
Scott Jones, Head, Canadian Centre for Cyber Security at Communications Security Establishment

When Scott Jones says "I'm from the government, and I'm here to help you," he means it. As head of the Canadian Centre for Cyber Security, he's vested in helping defend the nation's government, citizens, industry and critical infrastructure. In this interview, he addresses:

• The evolving threat landscape and Canada's biggest defensive gaps
• Breaking down the complexity of the technology ecosystem
• Why 'We need to value security more than we do response'

Speaker:
Evan O'Regan, Associate Partner - IAM Practice - Canada, IBM Cloud and Cognitive Software

Winners and losers: What to do (and what to avoid!) when building your CIAM according to zero trust principles to ensure engaging, secure digital experiences while reducing risk.

Join IBM IAM expert Evan O'Regan as he shares his experience in how he has guided clients successfully on their CIAM and Zero Trust journeys, insights on the key challenges that organizations have had to address, and steps on the way forward.

This discussion will cover a pragmatic understanding of CIAM and Zero Trust, and how to apply these principles in practice as organizations start or progress their strategy across domains such as Customer Identity and Access Management, Infrastructure and Endpoint, and in securing their Hybrid Cloud environment.

Speaker:
Martyn Crew, Director of Solutions Marketing, Gigamon

As more and more organizations adopt and scale out hybrid cloud architectures, many are concerned that there are visibility gaps between on-premises and cloud environments. These gaps can compromise organizational security and compliance as well as impact customer experience and application performance. In this session, Martyn Crew, Senior Director of Solutions Marketing at Gigamon will discuss the Cloud Visibility Gap including the potential technical and business impacts of this gap, and how the Gigamon Hawk Visibility and Analytics Fabric helps organizations prevent this gap.

Speaker:
Bruce Brody, CISO Advisor, Cisco

In a “Left of Boom” cybersecurity approach, the CISO employs proactive processes, capabilities, and tools, all being continuously patched, managed, and monitored in a manner that attempts to get out in front of the threat actors.

"Right of Boom" is a bad place to be. It means that "Boom" has already occurred, significant damage has been inflicted and enormous unforeseen and unprogrammed resources are being expended.

Speakers:
Kate Davis Green, Director, Fraud and Identity Global Strategy, LexisNexis® Risk Solutions
Kimberly Sutherland, VP Fraud and Identity, LexisNexis Risk Solutions

Well-networked cybercriminals are capitalizing on the acceleration of digital transformation and are targeting the entire customer journey. With a 17% growth in bot activity year-over-year, what other fraud and cybercrime trends in Canada could be impacting your business?

Kate Davis Green and Kim Sutherland of LexisNexis Risk Solutions with have a discussion with Tom Fields, Editor for ISMG on:

• Canadian consumer fraud trends and cyber risk insights
• How leading organizations are focusing on customer experience by leveraging a dynamic, multi-layered fraud prevention strategy and using risk-appropriate friction for authentication

Speaker:
Robert Falzon, Head of Engineering, Office of the CTO, Check Point Software

Algorithms are being used to choose who lives & who dies. Computers are being programmed to make decisions that impact every facet of our lives. Based on the ethics of cyber-criminals, Check Point has made incredible breakthroughs using algorithms to detect the DNA of Malware & in an industry-first breakthrough that will provide the best threat prevention in the world! Explore the fundamentals of AI and ML, and what may be coming next!

Speaker:
Eddie Glenn, Sr Security Analyst & Manager, Venafi

Beyond remote access. Beyond people. Beyond the traditional data center. Google’s BeyondProd model takes zero trust beyond traditional infrastructure to cloud-native architectures.

In this presentation, we’ll explore how this machine-driven zero trust model and how it’s a fast-moving world of perimeter-less, identity-based systems that rely on cloud native designs, microservices and service meshes.

It’s the world that your developers and architects are already driving today. In this session, we’ll provide insight on how to secure and protect the millions (or billions) of machine identities that are on the other side—the nonhuman side—of zero-trust strategies and initiatives.

Speaker:
Stephen Gates, Security Evangelist and Senior Solutions Specialist, Checkmarx

There’s no denying that enterprise applications must be protected but thwarting increasingly severe and frequent threats to customer data and confidential information requires more out of our AppSec policies than ever before. Add in the challenge of building increasingly secure applications to address the current pressures of digital transformation, many organizations are finding that their AppSec policies just can’t keep up—resulting in costly post-development vulnerability triage and deployment delays. Therefore, company-wide AppSec policies that directly influence developers and security teams are imperative to meet time-to-market demands.

During this talk, I’ll discuss how the development of an organization’s AppSec policy drives developer training initiatives, and how proper and consistent secure coding education must be available to developers while coding. Finally, I’ll focus on the needs of Provincial Government, both from the perspective of their own developers, in addition to their contractors who may need a refresher on becoming better developers.

Speakers:
Ruth Promislow, Partner, Commercial Litigation, Fraud and Cybersecurity Practice, Bennett Jones LLP, Toronto
Vanessa Henri, Data Governance & Emerging Tech Lawyer, Fasken

What are best practices for navigating the cyber insurance landscape? Will ransomware still be covered, in the future? What prevention and preparation — including incident response plans — should organizations have in place? How is the Canadian privacy landscape evolving and what should businesses — and cybersecurity professionals — beware?

This expert panel will share insights and strategies, including:

• Best practices for navigating the cyber insurance landscape;
• Legal do's and don'ts of incident response;
• Upcoming changes to Canadian privacy law.

Speaker:
Dave Lewis, Global Advisory CISO, Duo Security at Cisco

Security debt, defined by Dave Lewis, Global Advisory CISO, Duo Security at Cisco, as “the accumulation of the patches missed, the risks accepted, and the configurations misapplied,” is a serious and common problem for many organizations, especially with the move to cloud computing and rise of IoT. Part of the problem is that, while organizations might accept the risks they encounter, they often neglect to review them or make a plan for the future, and that risk is compounded when patches are passed from person-to-person through staff changes and/or employee churn. However, it doesn’t have to be this way - to track and address security debt, organizations must develop and implement defined, repeatable processes. They should look to strategies like the zero-trust model, trust but verify, sanitation of inputs and outputs, and of course, make sure to execute patches instead of pushing it onto the next person.

Speaker:
Vivienne Suen, Cybersecurity Architect, CCSP IBM Security

What could the SOC of the future look like? As we continue to struggle with siloed data, heterogeneous tooling, and increased pressure for quick detection and response, security teams need solutions that can deliver rapid and actionable insight. All of this is now within reach with the IBM Cloud Pak for Security, a ground-breaking security intelligence and analytics platform. Join us as we demonstrate our latest advances in unified threat management and operationalised security, regardless of where your security data resides.

Speaker:
Jeff Costlow, Chief Information Security Officer, Extrahop

The SolarWinds SUNBURST attack was a rude awakening for many security teams, and it won't be the last time Security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With threats persisting inside the network for months, security teams need a new plan. In this session, CISO Jeff Costlow discusses strategies, including revising existing mental models and incident response processes, to build resilience in the fight against advanced threats.

Speakers:
Dan Wolff, Director of Product Management and Marketing. BigFix
Samer Adi, Technology Operations and Security Leader, Goodfood Market
Tim McCreight, Managing Director, Enterprise Security, Canadian Pacific Railway and former CISO, City of Calgary

The endpoint attack surface and threat landscape – they've changed immensely over the past 15 months. How, then, has endpoint management been forever changed? This expert panel discusses:

• How to balance enterprise security and user privacy on personal devices
• Keeping disparate devices patched and compliant
• How to meet the new IAM challenges

Speaker:
Martin Dinel, Executive Lead and Chief Information Security Officer, Government of Alberta

As CISO of the province of Alberta, Canada, Martin Dinel has responsibility not just for the cybersecurity defense of the government, but also of the citizenry. In this exclusive interview, he discusses:

• How the threat landscape for agencies and citizens has expanded
• Alberta’s digital ID initiative
• Recruiting and retaining talent in his organization

Speakers:
Andrew Vezina, VP and Chief Information Security Officer, Equitable Bank
Mike Melo, CISO, LifeLabs
Rob Davidson, Director of Security Services, CISO, Pacific Blue Cross

They are three CISOs from dramatically different organizations across Canada, but are facing similar challenges when it comes to calculating risk and developing security resiliency for a post pandemic world. This includes threats of ransomware and how zero trust is driving the hybrid work model for later this year. Attend this exclusive panel discussion for insights on:

• Threats of ransomware
• Using Zero Trust to guide a hybrid workforce
• What it means to be resilient and how that can affect how organizations approach risk

Speaker:
Kush Sharma, Inaugural CISO, City of Toronto

He was the inaugural CISO of the City of Toronto, and he has some strong opinions about the inherent shortcomings of municipal government cybersecurity and what can be done to address them. Kush Sharma opens up on:

• The maturing role of government CISO
• Strategies to address the digital divide
• How to address supply chain security and ransomware defense

Speaker:
Ranjeet Khanna, CISO, Mirion Technologies, Inc.

Recent attacks have hammered home both the vulnerabilities inherent in operational technology, but also the need to secure the critical relationship between OT and IT. Ranjeet Khanna, CISO of Mirion Technologies, shares a cybersecurity leader's unique insight on:

• Top risk to OT security
• Roadmap to converging IT/OT security
• Biggest technical and cultural obstacles to be overcome

Speakers:
Aniket Bhardwaj, Vice President - Cyber Threat Detection & Response, Charles River Associates
Joni Brennan, President at Digital ID & Authentication Council of Canada, DIACC
Kolin Whitley, Head of North America Acceptance Risk, VISA

Canada in 2021 has a fundamentally different and larger threat landscape than it did in 2020. How are security leaders strategizing today to secure critical assets in 2022? Join this exclusive session for insights on:

• Secure information sharing
• Identity verification on ubiquitous networks
• Threats, threat actors and regulatory trends to watch

Speaker:
Kevin Morrison, Managing Director, CISO, Alaska Air

Not only did Kevin Morrison start a new job at the beginning of the COVID-19 pandemic, but he also did so in a struggling industry. Today, as CISO of Alaska Airlines, he leads initiatives to integrate cybersecurity in the business and culture. He shares insights in this exclusive interview.

Speaker:
Marene Allison, CISO, Johnson & Johnson

She’s been in the military, law enforcement, undercover and in very public leadership roles. But nothing quite prepared Marene Allison for a year like the past one. In this exclusive session, the Johnson & Johnson CISO opens up on:

• Cybersecurity’s ‘State of the Union’
• What transformation means for J&J
• Zero trust, SASE and other initiatives in response to the evolving threat landscape