First round of speakers announced!!

We are thrilled to announce our first round of presenters for the 2018 ISACA Information Security & Risk Conference. We have had an overwhelming number of speakers submit some amazing talks. We still have the second round open until August 17, 2018 – so feel free to submit a talk. Here are the list of presenters. We will be publishing their abstracts and bios shortly.

  • Michael Wylie, Corporate Blue (US)
    • The Costly Mistakes of Being Unprepared
    • Fly Twitter Airlines
  • Tarek Habib, KPMG LLP (Canada)
    • A practical approach to business resilience: crisis management, business continuity and disaster recovery
  • Sunny Jamwal, MNP (Canada)
    • Subsistence* Living using PowerShell and WMI
  • Tim Dickinson, Sailpoint (Canada)
    • The Identity Utopian Trifecta: the power of identity context
  • David Chmielewski, illumio (US)
    • Stop Cyber Threats with Adaptive Micro-Segmentation
  • Andrew Kozma, Halifax Regional Police Department (Canada)
    • Aligning your security program to meet organizational objectives
  • Patrick McBride, Claroty (US)
    • The Perfect Storm – a look at operational technology security
  • Victoria McIntosh, Bloom Management Solutions (Canada)
    • Mirror, Mirror, on the Wall, Is Facial Recognition the Right Authenticator for All?
  • Darryl McLeod, Securicy (Canada)
    • The Security Questionnaire: To Do or Not To Do
  • Jamie Rees, NB Power (Canada)
    • Cybersecurity apprenticeship – tackling the talent gap
  • Wilco Van Ginkel, a3i (Canada)
    • Trust or not to trust in AI – that’s the question!
  • Lilly Chalupowski, GoSecure (Canada)
    • Don’t RAT me Out
  • Erik Denis, University of New Brunswick (Canada)
    • From the trenches: security case studies
  • Elaheh Samani, Google (Canada)
    • What is my “Cute kitten” really doing?! A recipe to dissect Chrome Extensions.
  • Anthony English, Mariner Security Solutions
    • Third Party Due Diligence
  • Keith Rayle, Fortinet (US)
    • Swarm vs. Hive – The Cyberwarfare Landscape of Today
  • Roger G. Johnston, Right Brain Sekurity (US)
    • How to Have Lousy Security: A Vulnerability Assessor’s
  • Shira Shamban / Grant Asplund, Dome9 (US)
    • Gone in 127 Minutes – Why Ephemeral Infrastructures Need Native Visibility, Security and Compliance

Training Session Announcement

We are thrilled to announce our last track in our full-day training sessions being held on October 31, 2018. We are excited to have Sandy Fadale, veteran ISACA CRISC, CGEIT and CISM certification instructor teaching the course Governance leading practices – How to setup governance in your organization.

IT governance provides a structure for aligning IT strategy with business strategy. By following a formal framework, organizations can produce measurable results toward achieving strategies and goals. A formal program also takes stakeholders’ interests into account, as well as the needs of staff and the processes they follow. In the big picture, IT governance is an integral part of overall enterprise governance. IT governance and GRC are practically the same thing. GRC is the parent program, what determines which framework is used is often the placement of the CISO and the scope of the security program.

Organizations today are subject to many regulations governing the protection of confidential information, financial accountability, data retention and disaster recovery, among others. They’re also under pressure from shareholders, stakeholders and customers. To ensure they meet internal and external requirements, many organizations implement a formal IT governance program that provides a framework of best practices and controls. Both public- and private-sector organizations need a way to ensure that their IT functions support business strategies and objectives. And a formal IT governance program should be on the radar of any organization in any industry that needs to comply with regulations related to financial and technological accountability.

In this day-long course, you will learn about:

  • Frameworks for Governance- Ensure the definition, establishment and management of a framework for the Governance of Enterprise IT in alignment with the mission, vision, and values of the organization.
  • Strategic Management – Ensure that IT enables and supports the achievement of enterprise objectives through the integration and alignment of IT strategic plans with enterprise strategic plans.
  • Benefit’s Realization – Ensure that information technology (IT) – enabled investments are managed to deliver optimised business benefits and that benefit realization outcome and performance measures are established, evaluated and progress is reported to key stakeholders.
  • Risk Optimization – Ensure that an IT risk management framework exists to identify, analyze, mitigate, manage, monitor, and communicate IT-related business risk, and that the framework for IT risk management is in alignment with the enterprise risk management (ERM) framework.
  • Resource Optimization – Ensure the optimization of IT resources, including information, services, infrastructure, and applications, and people to support the achievement of enterprise objectives.

Sandy Fadale, CISM, CGEIT, CRISC, CISA, CBCP, I.S.P., is a solutions-oriented Global IT Risk, Security, Policy and Compliance Senior Leader with notable success directing a broad range of corporate security initiatives while participating in planning and implementation of information-security, governance, risk and compliance management solutions in direct support of business objectives for Mariner Security Solutions a division under Mariner Partners.