Keynote Speakers

Patrick Gray, Patrick Gray & Associates, LLP

Patrick Gray is an IT Security Consultant, a member of the Center for Internet Security and the former Principal Security Strategist at Cisco Systems of San Jose, California and Director of X-Force Operations, Office of the Chief Technology Officer, Internet Security Systems, Inc. (ISS). Gray also spent 20 years as a Special Agent within the Federal Bureau of Investigation. Upon his retirement from the FBI, he joined Internet Security Systems and was one of the creators of the X–Force Internet Threat Intelligence Center and thereafter was Director of the Penetration Testing and Emergency Response Teams until his promotion to the X–Force R & D Team. As a result of his service with the FBI, and the Internet Threat Intelligence Center, he has first–hand knowledge of the hacking community, its aims and methodologies as they attack government, businesses, energy and financial entities relentlessly.

Sean McGurk, Former Director, US Department of Homeland Security – NCCIC

Prior to joining Amazon Mr. McGurk was the Global Managing Principal for Verizon with extensive experience in Industrial Control System (ICS) Cybersecurity, Critical Infrastructure and Key Resource Sector Protection (CIKR) and National Security Operations Center management. He has over 36 years of experience in advanced systems operation and information systems security. Mr. McGurk served over 28 years in the United States Navy. For several years he worked as an arms control inspector for the Department of Defense where he conducted numerous inspections throughout the Soviet Union and subsequent Commonwealth of Independent States in accordance with the Intermediate Nuclear Forces (INF), the Strategic Arms Reduction Treaty (START) and the Conventional Armed Forces in Europe Treaties. Since leaving the Navy, Mr. McGurk has managed many significant system development and IT security programs in the private sector supporting the Department of Defense and the Intelligence Community.

Frank Schettini, Chief Innovation Officer for ISACA

As Chief Innovation Officer at ISACA, Frank Schettini is responsible for spearheading innovation across the organization through thought and product leadership, proposing innovative solutions, and implementing those solutions to the benefit of the entire organization. He is responsible for cybersecurity, IT Audit, IT Governance, and Risk Management thought leadership, publications/periodicals, certification (CISA, CISM, CSX, CRISC, CGEIT) and Information Technology.  With 30 years of experience in various industries Schettini brings significant experience to ISACA in the areas of strategic planning; project, program and portfolio management; process improvement; enterprise architecture; and change management

Melissa Sariffodeen, Chief Executive Officer for Ladies Learning Code

Melissa is a social entrepreneur, leader and big thinker. As Co-Founder and CEO of Ladies Learning Code and Canada Learning Code, Melissa has established a reputation as a fierce advocate for women and youth. She is dedicated to ensuring that they have the critical skills, confidence, and opportunities that they need to become passionate builders — not just consumers — of technology and to thrive in our increasingly digital world.

Since 2011, Ladies Learning Code has championed digital literacy for Canadians, working nation-wide and across all sectors to equip women and youth with technical skills. To date, the organization has taught over 60,000 Canadians code through their programs, which are offered in over 30 cities across the country. The organization runs programming for adult women, a thriving girls’ program called Girls Learning Code, a co-ed youth program called Kids Learning Code. The organization’s latest initiative is a program for educators: Teachers Learning Code.

In 2016, Melissa and her team launched their most ambitious initiative to date: Canada Learning Code – a ground breaking cross-sector coalition to create 10 million technology learning experiences for Canadians over the next ten years.

Her efforts to promote digital literacy in Canada have garnered attention from national media outlets like CTV, CBC, and the Globe & Mail — and landed her a spot on Elle Canada’s list of 9 Canadian Women Making a Difference. She’s spoken on the TEDx stage as well as at notable conference such as Canada2020, GoNorth and Canadian Association for Business Economic Forum. Melissa also recently hosted Prime Minister Justin Trudeau to participate in a coding workshop!

Melissa holds an HBA degree from the Richard Ivey Business School and is currently pursuing her Master’s in Education Policy at the Ontario Institute for Studies in Education at the University of Toronto.  She taught herself how to build websites from scratch using HTML when she was 11 years old and has been coding ever since.


Breakout Session Speakers

Importance of a Cohesive Information Security Program (C-ISP)
Peter Macpherson, Bulletproof

Minor impact is no longer the sole impact from those who wish to do damage. Companies who have experienced major attacks and data breaches have seen their share values drop in the days following the publication of the attack. Our shareholders no longer accept this liability as a fact-of-life in doing business.

A Cohesive Information Security Program is now needed to support our corporate risk management models. With the increase in attacks like ransomware, denial-of-service, and phishing/social engineering events no single point of protection is completely effective. Daily we see new threats evolving as fast as they are identified. The old issues, like ones from last month (and yes – that is OLD in this industry) didn’t go away – they are still out there and awaiting a hook into our companies. A comprehensive plan includes both internal and external factors. Some of the key elements include:

  • Executive Buy-In
  • Risk Assessments and matching Risk Mitigations
  • Creation of policies to support safe and secure operations
  • Scheduled Routine Policy Reviews
  • An active patching program
  • Employee Education Program
  • Continuous Malware / Virus / Malicious event monitoring and testing
  • Development of a Rapid-Response Team
  • Maintaining a continuous watch on the horizon to see what is coming over it next

We are no longer covered by just using a virus scanner or any other single tool. We are tasked with doing everything possible to protect our data and our infrastructure.

Peter has over 25 years in the delivery of IT services across critical infrastructures focused on network operation and the security operations centers. With a strong background in Network Operation Centers (NOC) and Security Operations Centers (SOC), Peter brings a rich understanding ranging from the founding days of the internet to the newest “over-the-horizon” insights. Prior to Peter’s role with Bulletproof, Peter has functioned as Client Advocate (Voice and Data Network Operations) to international banking and wealth management firms, Risk Manager for airlines, Telecom Operations Management, Delivery Manager for Security Applications, and as a consultant to regional and national governments in both Canada and the US. Peter has delivered presentations to the heads of state for the USA, Canada, and Russia on emerging technologies. As the Director of Security Operations Center at Bulletproof, Peter’s team delivers a wide variety of security functions to many Atlantic Canadian companies. Staying current and on top of the next issue is a full-time commitment that takes a great team of gifted specialists – and Peter heads up one of the fastest growing teams in Atlantic Canada solely focused on this.

Making Incident Response Effective Again
Robert Beggs, DigitalDefence

The resent of wave of ransomware attacks is a bitter reminder that “patch and pray” is no longer an effective strategy for protecting a network and its data.  Realistically, organizations have to act as if a security incident is inevitable, and be prepared to successfully manage that response.  During this talk, we'll examine how both technical and management teams can optimize their response process – what are the tools, techniques, and processes that enable success.

Robert Beggs is the President of DigitalDefence, a Canadian firm specializing in preventing and responding to data security and privacy breaches. He has been responsible for the technical leadership and project management of more than 500 consulting engagements, including policy development and review, standards compliance assessments, attack and penetration testing of wired and wireless networks, third party security assessments, incident response and forensics, and other projects.  He is also the lead investigator for managing the response of data security incidents.

Trends in Breach Incident Management
Stewart Cawthray, Rogers Communications.

Cyber attacks are going to happen. It does not matter what industry you are in or what size of company your are. Your data has value to someone. How you survive a cyber attack and data breach is directly related to how well you prepare. Communicating the Breach looks at the activities any organization should do before, during and after a breach to maximize their outcome.

Stewart Cawthray is an ISACA member who holds both the CISM and CRISC certifications from ISACA. Stewart is currently the Senior Director, Enterprise Security Products & Solutions, Enterprise Business Unit, Rogers Communications.

IoT – Standards, Risks and Why we Need to Address Both
Anthony English

This presentation will cover Internet of Things, outline the various types of IoT devices and environments, cover some examples of IoT based cyberattacks, and cover the various  current standards and frameworks available to help guide security in this space.

Anthony has worked in IT and Information Security for more than 25 years and in the health care, law enforcement, IT consulting, lottery and gaming and education sectors. From managing a global information security program to implementing structured 27001 and 27032 programs, I have covered the broad range of applied security.

Enterprise Risk Management for Cloud Computing
Darren Jones, KPMG

Cloud solutions present many challenges to organizations as they seek to capitalize on the opportunities presented by these strategies. The need to more closely articulate – or even refurbish – solutions for privacy protection, supplier assurance, GRC, DevOps, identity & access management, data governance, business resilience and cyber security can contain many surprises that challenge an organization’s understanding of risk tolerance. Capitalizing on Darren’s more than seven years of experience in managing and delivering solutions using the cloud, this session will examine SaaS, IaaS, and DRaaS solutions and view the risks they present through a business lens.

Darren is a Senior Manager in KPMG’s Canadian Cyber Security and Risk Advisory practice area. Based in Toronto, Darren’s focus is to assist clients with Cyber Risk transformation strategies and solutions. In this capacity he helps clients in navigating the
complexities of deploying “cyber-charged” solutions for security that allow companies to deliver solutions at the speed of business. Previously in this decade, Darren had maintained Directorships on a small number of startup ventures in the US and
Canada, and was the President of start-up companies in the time period between 2009 and 2015. The companies developed and delivered cloud computing solutions, a fintech on-line platform for small business and a multi-location wayfinding mobile application. Darren has been working at architecting, migrating and managing business solutions into the cloud since 2009. These solutions include full technical operations, managing all aspects of the supplier assurance life cycle, architecting SaaS, IaaS and DRaaS solutions and ensuring governance attributes are achieved for compliance purposes..

On The Prowl: Practical Threat Hunting
Andrew Kozma, GoSecure

This talk will present Threat Hunting models and concepts along with the practical application of hunting techniques to identify compromise within an organization.   In addition to discussing adversaries we will also review and some of the techniques used to circumvent modern security controls and how including threat hunting can improve your organizations security posture.

Andrew leads a team of threat hunters within GoSecure for 2.5 years before moving into a Sr. consulting role last Feb where I am now performing audits and assessments for clients in many verticals.

Hacking Infosec Policies: Cutting Through The Jargon
Darryl MacLeod, Securicy

Information security policies: Everyone hates writing them, everyone hates reading them, but they are a necessary evil for an effective information security program. The trouble is that very few organizations take the time and trouble to create decent policies; instead they are happy to download examples to cut and paste as they see fit. The resulting mess is often no good to anyone and can often leave the organization open to unforeseen issues, especially when an auditor comes calling. We will walk through the process of creating a simple, yet effective, information security policy.. from an auditor’s point of view.

Darryl is an Information Security Manager with Securicy and has been involved in computer security for the last 17 years, most recently working as a QSA and risk assessment specialist. He has presented at the Atlantic HTCIA IT Security Conference, TecSocial, Halifax Area Security Klatch (HASK), and Security B-Sides St. John’s. He sits on the Board of Directors for the Atlantic Security Conference (AtlSecCon) and is the former Lead Organizer for the Security B-Sides Cape Breton conference. Darryl holds CISSP, CISA, and CCSK certifications.

Will Your FitBit Replace Your Password? How the ‘IDentity of Things’ Will Usher in the Next Wave of Multifactor Authentication
Dwayne Melancon, iovation

The Internet of Things (IoT) represents one of the fastest growing technology categories, with Gartner predicting  that there will upwards of 25 billion connected ‘things’ operational by 2020. While much has been written about the potential disruption that IoT will have in terms of transforming our industrial supply chains and making our homes smarter, there is another use case that promises to be equally impactful: Identity and authentication. Welcome to the IDentity of Things (IDoT), where all of the connected devices that surround us will become an increasingly important proxy for authenticating our identity. Multifactor Authentication (MFA), which typically relies on something you have (i.e., your iPhone) coupled with an additional factor of something you know (i.e., a pincode) or something you are (i.e., your fingerprint), is quickly becoming the preferred method of authentication for businesses that have grown weary of managing large stores of user passwords. Consequently, as these connected things become more embedded in our daily lives – be they a FitBit, an iWatch or even a connected fridge – they will also serve as an additional yet fully transparent factor of authentication that will improve both the security posture of critical applications as well as your user’s experience.

Dwayne is a recognized leader in the cybersecurity industry where he has brought dozens of innovative security products and solutions to market. Prior to iovation, he spent 17 years at Tripwire serving in a variety of product and technology leadership roles, including CTO, VP of product management and VP of research development, and held numerous management roles at Symantec. In his current role at iovation he focuses on strategic product development, market research and managing product teams focused on delivering exceptional customer value and a frictionless user experience.

Critical Security Controls: Planning, Implementing, and Auditing
Peter Morin, KPMG

This session discusses proven techniques and tools needed to implement and audit the Critical Security Controls as documented by the Center for Internet Security (CIS). These Critical Security Controls, are rapidly becoming accepted as the highest priority list of what must be done and proven before anything else at nearly all serious and sensitive organizations. For security professionals, the session provides information on how to put the controls in place in your existing network though effective and widespread use of cost-effective automation. For auditors, CIOs, and risk officers, this session will assist in understanding how you will measure whether the controls are effectively implemented. One of the best features of the course is that it uses offense to inform defense. This session is an overview of the SANS course Security 440, Critical Security Controls: Planning, Implementing, and Auditing.

Peter is a Director in KPMG’s Management Consulting practice. He is a senior cyber security professional with over 20 years of experience focusing on information security risk management, developing and implementing security standards and frameworks, penetration testing, cyber threat incident response, application code analysis, malware analysis, and computer forensics. Peter has worked in senior positions for a number of organizations, including a national telecommunications and media company, Fortune 500 cloud-computing company, major US defense contractor, and a recognized cyber security software company. Peter is a frequent speaker on the subject of critical infrastructure protection, risk management, penetration testing, malware analysis and forensics and has presented at numerous events held by the HTCIA, black hat, PMI, Computer Security Institute, Interop, SANS, and ISACA. Peter is a frequent guest lecturer at numerous colleges and universities throughout North America and has also been featured in numerous publications including SC Magazine. Peter holds numerous security-related designations including the CISSP, CISA, CGEIT, CRISC, and GCFA.

Cybersecurity Risk: from Server Room to Boardroom
Jamie Rees

This presentation will impart an understanding of how cybersecurity risk information gathered from throughout a system’s lifecycle can be used vertically through the organization to enable decision making.  Using example scenarios and interaction with the audience the presentation will illustrate that from initial architectural sketch to end of life, and from frontline management to the board of directors, cybersecurity risk information can be efficiently collected and used for multiple purposes.  Whether it is compliance with multiple frameworks, operational management decisions or executive direction, all can be fed from the same efficient pipeline.   Learn what each of these audiences needs and how to transform the data you have to match that need.

16 year security professional, designing and implementing security programs in telecom, finance, government and energy; from analyst to CISO.  (20+ overall in tech) ICTC – Cyber Security Leadership Council on Youth and Education (Chair) Member of the Editorial Board – Cyber Security: A Peer-Reviewed Journal – Henry Stewart Publications, UK. Multiple Award winner; ITAC Ingenious Award, CSO50 North America, CyberSmart Award 2017; & Finalist in ISC2 – Americas Information Security Leadership Awards (ISLA). Certs: CISA, CISSP, ISO 27001 Lead Auditor, TOGAF 9, Archer GRC Professional

Patching your people: building a technology to support going beyond user awareness and towards accountability
David Shipley, Beauceron Security Inc.

In November 2015 a small group of technology and security professionals at the University of New Brunswick started to think about a new approach to managing the human aspects of cybersecurity including user awareness, incident handling, process gap identification and culture change, particularly with respect to empowering a new management culture and focus on cybersecurity. Those discussions gave rise to a new technology that would integrate and automate training, social engineering attack simulation, incident tracking, security risk management into a scalable, affordable and flexible approach that could help organizations of any maturity level improve their security posture.

During this presentation, David Shipley will discuss how an understanding of the original meaning behind ‘cyber’ led to a new approach to cybersecurity  that blends the social sciences and computer science. Shipley will demonstrate how this approach has helped surface and reduce risk, leading to better management outcomes and will share some key observations from aggregate data from the early adopters of the Beauceron platform.

David Shipley is the CEO and co-founder of Beauceron Security Inc., a Fredericton-based start-up that has developed a software-as- a-service platform that automates cybersecurity awareness programs and social engineering simulations, improves user accountability and helps develop and support a culture of cyber risk management in organizations. Prior to founding Beauceron, Shipley was the cybersecurity awareness, incident response and threat intelligence lead at the University of New Brunswick. Shipley holds a CISM, MBA and a BA in Information and Communications Studies. Shipley speaks frequently at public and private events across North America about cybersecurity and regularly appears in regional and national media about technology and security issues.  Shipley has spoken twice at IBM’s global Interconnect Conference in Las Vegas, presented at Trend Micro’s global summit in Vancouver in 2015, at several Atlantic Security Conferences and several higher education conferences and summits including the Educause Cybersecurity Conference in Minneapolis and at several Canadian National Higher Education IT (CANHEIT conferences).

Turning a Trillion Rows of Security Threat Data into Gold
Ajay K. Sood, Symantec

Having lots of security data is not enough  The real value of having data is being able to learn from it and turn it into action that better protects an organization.  This year we analyzed a trillion rows of security data year and produce the Internet Security Threat Report (ISTR) providing insights into global threat activity, cyber-criminal trends and motivations for attackers.   This talk will show how the ISTR can be used to predict future security trends.   But most importantly this talk will demonstrate how the data reveals practical solutions to security threats, allowing managers to make policy and procedure change to improve their security posture for today and tomorrow.

With over 20 years of real-life, in-the- trenches business experience in the IT security space, Ajay is a seasoned veteran when it comes to introducing disruptive security brands to the Canadian market.  He currently serves as the Vice-President and General Manager for Symantec Canada where he is on a mission to evangelize the importance for entities to stay ahead of the curve when it comes to architecting and operating their cyber security defenses.  You can follow him on Twitter at @akssecure.

Realizing Software Security Maturity: The Growing Pains & Gains
Mark Stanislav, Duo Security

Software security maturity is often diluted down to the OWASP Top 10, leaving organizations with a simplistic & ineffective view of risks represented by their real-world attack surface. Where do these organizations then go, to realize a strategy that considers the complexity of their production stacks, including frameworks, platforms, languages, & libraries. This talk will focus on leveraging the Software Assurance Maturity Model (SAMM) to benchmark coverage & consistency of application security across the software development lifecycle. If your organization has been considering formalizing your application security program, or just don’t know where to start, come to this talk to find out the pitfalls and opportunities of using SAMM to guide a successful and ever-maturing application security program. Learn from Duo Security’s Application Security team about the benefits, challenges, and outcomes of what it takes to enable engineering & product teams to excel at their jobs, while providing world-class security.

Mark Stanislav is the Director of Application Security for Duo Security. Mark has spoken internationally at over 100 events, including RSA, DEF CON, SOURCE Boston, Codegate, SecTor, and THOTCON. Mark’s security research and initiatives have been featured by news outlets such as the Wall Street Journal, the Associated Press, CNET, Good Morning America, and Forbes. Mark is the cofounder of the Internet of Things security research initiative BuildItSecure.ly. He is also the author of Two-Factor Authentication. Mark holds a BS in networking and IT administration and an MS in technology studies focused on information assurance, both from Eastern Michigan University. During his time at EMU, Mark built the curriculum for two courses focused on Linux administration and taught as an adjunct lecturer for two years. Mark holds CISSP, Security+, Linux+, and CCSK certifications.

Are you hackable or uncrackable?
Eugene Ng, MNP

The premise of this presentation topic was designed in October 2015 for a Young President’s Organization (YPO) conference held in Toronto, ON in September 2016. The
concept was to see if we could perform a “live” hack at a conference, using the attendees as our victims / targets. The social engineering concept was fairly simple – provide a hot spot logon, outside of the conference room / hotel and have attendees logon with social media credentials. For the purposes of this presentation, I was thinking I could review the findings for each of the previous 8 conferences I had presented at or even bring the setup to the conference and demonstrate it “live”. The goal was really to build awareness on social engineering, creating some interest from end users and in the end improving security.

Eugene Ng, CISSP, is MNP’s Cyber Security Leader for Eastern Canada. A member of the firm’s Enterprise Risk Services team, Eugene identifies security technology, products and services that give clients a competitive advantage. Eugene oversees research and development activities and formulates long-term vision and strategies at the executive management level to help the firm better serve clients. He provides a full range of cyber security services and solutions to medium-sized and large enterprises, delivering strong
advice to help clients make business decisions relating to technology. Prior to joining MNP, Eugene co-founded a successful cyber security company that won many industry awards. There, he held the position of Chief Innovation Officer and was involved in the design and high-level strategic security vision with some of Canada’s largest corporations. Eugene has attended numerous events to understand the marketplace and upcoming technologies and has been a guest speaker, most notably a panel speaker at the Canadian Association for Security and Intelligence Studies to discuss cybercrime with some of Canada’s most respected government agencies. Eugene is a graduate of the DeGroote School of Business at McMaster University. He holds the Certified Information Systems Security Professional (CISSP) designation and is a PCI Qualified Security Assessor.

Expanding Advisory Services in your Internal Audit Practice
Amy Yung, Province of Nova Scotia

Advisory services performed by internal audit are widely varied and dependent on the leadership of any given audit shop. The Institute of Internal Auditors Research Foundation issued a publication on Assurance and Consulting services discussing the industry’s perplexing stance on advisory services, including topics such as blended engagements; balancing assurance and consulting; limits on the extent consulting in internal audit function should undertake; and the risk and reward of providing consulting services. This paper raised a lot of interesting queries in my mind, and I felt it would be beneficial to open the door on this topic and demonstrate how our audit shop has embraced and benefited from the consulting side of internal audit services.

From a young age I have, cultivated my leadership skills by competing in public speaking competitions through 4H / Toastmasters and performing and stage managing numerous drama productions in high school. My presentation skills were further enhanced via operational opportunities I leveraged by providing staff and management training for implementations she executed: an electronic, paperless work environment which increased employee productivity and provided workplace flexibility for staff; new financial statement templating software in conjunction with authoring audit programs and checklists to ensure the firm’s compliance with new auditing and accounting standards.

Trends in Breach Incident Management
Greg Murray, Rogers

Cyber attacks are going to happen. It does not matter what industry you are in or what size of company your are. Your data has value to someone. How you survive a cyber attack and data breach is directly related to how well you prepare. Communicating the Breach looks at the activities any organization should do before, during and after a breach to maximize their outcome.

A resilient people focused leader driving business value through innovative IT solutions that realize strategic objectives. With 20+ years of broad international experience, Greg has a track record of delivering transformational, business oriented and risk reducing high value IT services across multiple industries. Greg is the current sitting VP Information Security & CISO at Rogers Communications. Additionally, Greg is the current Cyber Security and IT Director in Residence for University of Toronto Rotman’s ICD.D Directors Education Program (DEP). A sought after leader in IT, cyber and information risk, Greg actively participates in Government of Canada Cyber

Greg was a key IT leader in the enterprise IT transformation and integration post Rio Tinto $38 Billion acquisition of Alcan Inc. With keen focus on shareholder value, Greg led the IT risk management of Rio Tinto’s $19 Billion divestment and $5 Billion acquisitions program – supporting deal teams, addressing Dept. of Justice and EMEA regulatory concerns and subsequent IT divestiture / integration activities. As a former member of PwC LLP, Greg has briefed and provided guidance to many Senior Executive teams and Boards.

Additionally, Greg is a sitting Board member on a local School Board, has deep expertise in the Telecom, High Tech, Government and Retail sectors. Greg is a graduate of University of Toronto and Athabasca University with a focus on Sociology and business studies. He is regularly asked to speak at conferences on topics involving IT transformation, information management and risk. Greg has dual citizenship having lived and worked in the United States and Canada, speaks both English and French, and currently lives in the Greater Toronto Area (GTA).

What is made of 8 billion parts and vulnerable to 2000’s era Wi-Fi attacks? Every Wi-Fi radio on the planet.
Ryan J. Orsi, WatchGuard

The number of Wi-Fi radios have officially surpassed the human population and all of these devices are vulnerable to the biggest joke known among hacker communities: Wi-Fi man-in-the-middle attacks (MiTM). These attacks are so low layer and so easy to perform that an entire ecosystem of easy to use tools is available to equip the most junior person with the power to intercept usernames, passwords, credit card numbers, and more on any Wi-Fi network. They can even bypass HTTPS security and steal information prior to the traffic every reaching any kind of gateway security appliance such as a Unified Threat Management (UTM) appliance. In this presentation we will examine the growing risks of Wi-Fi and show how users can take advantage of the great convenience that hotspots provide without compromising their data and privacy. We will look at the technology available to create a ‘hands-free’, fully automated wireless cyber shield with zero false positives so that users no longer have to feel they are living dangerously every time they log onto Wi-Fi.

Ryan Orsi is Director of Product Management at WatchGuard, a global leader in network security, providing products and services to more than 75,000 customers worldwide. Ryan leads the Secure Wi-Fi solutions for WatchGuard. He has experience bringing disruptive wireless products to the WLAN, IoT, medical, and consumer wearable markets. As VP Business Development in the RF component industry, he led sales and business development teams worldwide to success in direct and channel environments. Ryan’s filled various roles in sales, marketing, business development, and general management within the IT and wireless industries. He holds MBA and Electrical Engineering Degrees and is a named inventor on 19 patents and applications on topics such as automated antenna design and compound field antennas.

A Comprehensive Approach to Enterprise Risk Management
Rick Ouellette, Province of New Brunswick

There are endless risks to business success such as cyber security threats; external environmental threats such as economic or natural disaster; production capacity constraints; change fatigue; succession planning; and knowledge transfer, to name a few. In order to deliver continued value to customers – citizens and patients alike – then just as projects and financial activity should be well-managed, so too should risks to business success. This session provides a comprehensive overview of an approach to building an Enterprise Risk Management program.

Rick Ouellette (BScDA, CPA, CGA, CISA, CISSP, CGEIT) is a visionary with a unique background in the leadership of: Governance, Risk, and Compliance; Accounting; Audit;
IT; and Cyber Security. Currently the Chief Risk Officer of the Government of New Brunswick (GNB), Rick is leading GNB’s Enterprise Risk Management (ERM) and
Cyber Security strategy. He is a past Chair of the National CIO Sub-Committee on Information Protection (NCSIP) and as such he led national information security
collaboration and the delivery of a white paper on Enterprise Cyber Risk Management.

While Acting CIO of GNB in 2016, Rick contributed to corporate governance by mapping GNB to COSO’s Three Lines of Defense framework. This enabled him to share his vision of GNB managing required controls in a layered and integrated fashion. This approach has been a barrier-buster and roles-and- goals clarifier that has gained support for the ERM program. Rick’s private sector experience includes Finance, Cyber Security, and Internal Audit roles with Bell Aliant. He led the design and delivery of the first Corporate Security Operations Centre for Bell Aliant and also for the Province of New Brunswick. Supporting corporate performance management at both Bell Aliant and GNB, Rick was the executive supporter and catalyst for Balanced Scorecard information security measures.

Managing the Chaos: Disaster Recovery for Your Data
Victoria McIntosh, Information in Bloom Management Services

“Houston we have a problem!” Should the worst occur is your organization ready? A data breach for your business means more than repairing your operating systems and running backups: you need a strategy for who to call and how to contain the damage. A good Disaster Recovery Plan with policies and procedures acts as your business’s 911 by mobilizing your team into action to minimize the destruction. Information and Privacy Professional Victoria McIntosh walks through the compliance must-have every organization needs and how good governance means preparing for when things go wrong.

People who come to my presentation will be able to:

  • Recognize the value in preparing for an IT attack or takedown before it happens
  • Dissect the main elements of a Disaster Recovery Plan
  • Examine business priorities against compliance timelines to better triage reactions

Victoria McIntosh is an Information and Privacy professional residing in Halifax, Nova Scotia. With over six year’s experience, she is committed to assisting clients with the growing challenges of controlling their information resources through strategic information management, data governance, and privacy controls. Victoria has received an honours BA in History from Mount Allison University, an MLIS degree from the University of Western Ontario, and is certified by the International Association of Privacy Professionals as an Information Privacy Technologist.

Data Assurance and Analytics within Risk Assurance
Courtney Brown & Charles du Plooy, PwC Canada

“Today, public and private sector organizations are faced with the increasing cost of compliance, managing budgets, more timely reports and a greater need to understand and manage risks.Data analytics and continuous auditing/monitoring enables us to focus on mitigating financial and operational risks, while ensuring acceptable business conduct conforms to policy and procedures. The path of constructing a data analytics function is a journey which evolves daily for many organizations. This presentation will look at this journey and provide examples of what is being seen globally in the market place, as well as right here at home in the Atlantic.

Across Canada, data analytics, as a way to identify risk, is resonating more and more. Analytics enables organizations to examine and compare trends and patterns within large volumes of transactional data, and identify “out of the norm” activity to expectations. This is done by incorporating data from multiple sources (internal and external) and developing algorithms to analyze data according to varying requirements. Fasten your seat belts for an interactive and fast-paced session that will provide “real-world” examples in discussing the following.

  • Understanding use of the risk analytics life cycle.
  • Identifying proper stakeholders, benefits, opportunities and efficiencies for data analytics.
  • Identifying data analytic strategies, tools and accelerators from technology, people and relationships perspective.
  • Presenting visualizations, use cases and data analytics relevant to emerging trends through practical scenarios/demo.

Transforming data into insights, Courtney Brown is a Director within the Data Assurance and Analytics group with over 16 years of experience within PwC across a combination of Audit, Consulting and Tax. His primary focus is risk analytics, bringing business intelligence to the Internal Audit, data management and External Audit transformation. Courtney facilitates data enablement and the use of analytics throughout the entire audit lifecycle.

Charl leads the Atlantic Risk Assurance Services practice with the delivery of audit and assurance services to both public and private company clients reporting in IFRS. Specializing in complex, multi-location audits, assisting clients who have primarily been IFRS reporting issuers with complex IT environments. Charl also leads on and is directly supporting the firm’s Global Audit Transformation, developing and implementing revolutionary data-auditing tools/techniques, and is a national subject matter specialist on
various matters including multi-location engagements, data auditing, audit transformation initiatives and integrated audit (IT) solutions. Charl also led a 2-year project on a roll-out of PwC’s audit software platform (Aura), audit methodology, risk management and quality matters, focused working practices and efficiencies.

Cloudy with a Chance of Visibility, Accountability and Security
Paul Da Silva, Forcepoint

Cloud adoption is not a question anymore — it’s happening and it’s driving value into business like never before. Enterprises want to enable frictionless IT and provide the best user experience for their employees, but need to do it in tandem with securing their data, users and assets –and without additional IT burden. As organizations gain greater visibility into cloud usage and shadow IT, how are policies best enforced? In this session, we will explore how hybrid and cloud-first organizations can have the best of both worlds, and the role of CISOs and CIOs working together to make this a reality.

Paul Da Silva is a Sales Engineer at Forcepoint. Paul has been in the IT industry for the over 15 years with the last 7 years in IT Security. Certified with various vendor certifications, Paul has been designing, implementing and securing networking infrastructures. He held roles previously at Bell with extensive pre-sales and post-sales Professional Services, consulting in security and compliance.

From Visualization to Visual Analytics: Making Information More Accessible
Fernando Vieira Paulovich, Dalhousie University

Due to the cost reduction and improvement of storage, distribution, and data retrieving technologies, the amount of produced or disseminated data has substantially increased over the last few years. Although non-relevant data can be filtered, it is still a challenge to transform such amount of data into useful information. Amongst the different strategies to tackle this problem, the integration between machine learning/data mining and visualization algorithms has proved to be one of the most powerful solutions. Generally, such integration is called visual analytics and seeks to take advantage of the “intelligence” provided by the learning/mining approaches, and of the user expertise by means of interactions with the visual representations, potentially defining more robust and reliable computational tools where user knowledge can replace automatic heuristics. In this presentation, I will give an overview of visualization and visual analytics approaches, discussing how they can be used to convey information in different domains, with attention to the exploration of multivariate data sets and text collections.

Fernando V. Paulovich is an associate professor and Canada Research Chair in Data
Visualization at the Faculty of Computer Science, Dalhousie University, and head of the Visualization and Visual Analytics (VVA) lab. Over the past ten years, he has been conducting research in the field of computational visualization, more specifically information visualization, visual analytics and visual data mining. His focus is on integrating machine learning and visualization tools and techniques, helping people to understand and take full advantage of this “brave new information world.”

How to Consolidate a Dearth of Security Standards
Anthony English, Mariner Security Solutions

This presentation will provide the attendees with an overview of the current security standards and frameworks in the industry and differentiate between a standard versus a framework. Guidance ill be given on how to ensure compliance is being met while also taking the step beyond just ompliance to true security.

Anthony has worked in IT and Information Security for more than 25 years and in the health care, law enforcement, IT consulting, lottery and gaming and education sectors. From managing a global information security program to implementing structured 27001 and 27032 programs, I have covered the broad range of applied security.

The Power of Network AND Endpoint Threat Correlation
Danny Banks, WatchGuard

Hackers are designing malware to be more sophisticated than ever. Through packing, encryption, and polymorphism, cyber criminals are able to disguise their attacks to avoid detection. Ransomware, zero day threats and advanced malware easily slip by antivirus solutions that are simply too slow to respond to the constant stream of emerging threats. Organizations of all sizes need a solution that leverages a holistic approach to security from the network to the endpoint. In this session you’ll learn simple evasion techniques that hackers use and the steps that organizations must take in order to correlate events together to not only detect them, but also remediate them.

As the Threat Detection & Response (TDR) Subject Matter Expert Danny provides market knowledge and field level sales support to WatchGuard partners and customers to assist them with their endpoint related cyber security challenges.  Specifically, Danny applies his unique talent and capabilities to evangelize the benefits of WatchGuard’s Threat Detection and Response Advanced Security Service to WatchGuard’s rapidly expanding partner and customer base. Danny joined WatchGuard Technologies in June 2016 through the acquisition of the HawkEye G Endpoint Detection and Response (EDR) technology that was original developed by Hexis Cyber Solutions in 2013. Danny has over 19 years of technical sales experience at companies such as Sensage, Sybase, OnDisplay, and Vignette where he was Chief Technologist of the Content & Wireless group. Danny holds a BS degree in Physics from the University of California at Davis.

The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defence
Nabil Zoldjalali, Darktrace

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. A fundamentally new approach to cyber defense is needed to detect and investigate these threats that are already inside the network – before they turn into a full-blown crisis.

Based on unsupervised machine learning and probabilistic mathematics developed by specialists from the University of Cambridge, new ‘immune system’ technologies are capable of learning the ‘self’ of an organization. By analysing every network, device, and user, and modeling them as they go about their day-to-day activity, the Enterprise Immune System can establish a highly accurate understanding of normal behavior. It can therefore spot abnormal activity as it emerges, and even take precise, measured actions to automatically curb the threat.

Rules and signatures are not keeping pace with today’s rapidly evolving cyber-attacks. The Enterprise Immune System represents a fundamental step-change in automated cyber defense. It is relied upon by organizations around the world, and can cover up to millions of devices.

In this session, learn:

  • How new machine learning and mathematics are automating advanced cyber defense
  • Why 100% network visibility allows you to detect threats as they happen, or before they happen
  • How smart prioritisation and visualization of threats allows for better resource allocation and lower risk
  • Real-world examples of unknown threats detected by ‘immune system’ technology

Nabil Zoldjalali is a Senior Cyber Security Technology Specialist at Darktrace, based out of the company’s Toronto office. Nabil has comprehensive technological experience with Darktrace’s Enterprise Immune System, the only AI technology capable of detecting and autonomously responding to early-stage cyber-threats. He advises Darktrace’s strategic Fortune 500 customers in North America on advanced threat detection, machine learning, and automated response. Nabil graduated from McGill University with a Bachelor of Engineering in Electrical and Electronic Engineering.

What is Machine Learning?
Sylvain Dumas, McAfee

Machine Learning is a big topic these days. But what is it really? Is it Artificial Intelligence? Is it some type of voodoo magic? How does it work and what does it really do? Come learn about how Machine Learning works and how it does it. We’ll spend some time demystifying what it is and what it is not.

Sylvain Dumas has been a systems consultant for McAfee since 1999. He has more than 30 years of  experience in networking and security. Sylvain has helped securing multiple government entities both federal and provincial as well as many financial institutions and large corporations. He participates regularly to multiple public conferences such as the HTCIA, CQSI and others. He is certified CISSP.

Does Your Security Posture Stand Up to Tomorrow’s New Threat?
Chris Strand, Carbon Black

If you do not know the answer to this question then your business is like many organizations at risk in successfully preventing cyber-attacks targeting and stealing sensitive data. Exploits involving new forms of ransomware and polymorphic malware continue to grow daily, and despite large investments in security technology, often, businesses still fail to prevent attacks. To compound the problem, these failures are spawning more public scrutiny and amplified regulatory oversight due to the increasing number of cyber security and data privacy compliance mandates that businesses are required to keep in check. Resolving this situation begins with an honest assessment of where one’s organization currently stands; understanding security and compliance gaps, and prioritizing high-risk areas that threaten critical assets.

This session will detail several ways organizations can lower liability against regulatory pressure, reduce security threats to the business, and ensure data-security and regulatory accountability.  Attendees will leave the session empowered with examples of how to implement effective measurement of their critical security controls. Armed with a realistic cyber security “scorecard,” businesses will be able to expedite the goal of proactively gauging their true regulatory and security postures, while providing an honest assessment of strengths and weaknesses that need to be addressed.

Christopher Strand leads Carbon Black’s security risk, audit, and compliance sales and marketing strategy. With more than 20 years of information technology and compliance experience, Christopher oversees the development of enterprise network and application security solutions that help organizations deploy proactive security to maintain, measure, and improve their compliance and risk posture.

Previously, Strand held security/compliance positions at Trustwave, Tripwire, EMC/RSA, and Compuware. Strand is a PCI Professional (PCIP) and trained QSA and has been certified on and is proficient with other regulatory disciplines including HIPAA, NERC CIP, SOX/GLBA, and multiple IT Security baseline practices and frameworks such as ISO 27001 and NIST.

Strand’s security risk model presentation is featured regularly and he speaks about  security and compliance issues and best practices in keynotes, on webinars, and at many industry conferences. He has authored several white papers, published many articles in security industry journals and books, has been an expert witness on cyber security events, and is frequently quoted as a thought leader by many leading media outlets.

You can measure anything…but what if it’s not the RIGHT thing?
Gerald Caponera, Nehemiah Security

Peter Drucker said “if you can’t measure it you can’t improve it”. But what if we’re measuring the wrong thing? Metrics today tend to focus on responses and threats. Even if we were to improve responses to an exceptional level, we would still be dealing with critical attacks. The two measurement components that are missing from today’s cyber security defense mechanisms are exploitability and financial impact. There are many reasons why these components are missing—they are hard to capture and potentially even harder to manage. However, the technology and the formulas exist to address these critical aspects. The bottom line is that increasingly the business is asking cyber leaders to step up and guide broad-reaching strategy, investment, and risk management initiatives. The only way to accomplish this will be to transition from reactive to predictive, and to incorporate financial impacts into every decision. This session will be spent outlining ways this can be accomplished.

Gerald is a Vice President with Nehemiah Security where he leads the effort to quantify cyber risk in financial terms. Prior to Nehemiah he helped found PivotPoint Risk Analytics which focused on cyber risk quantification through value-at-risk modeling and simulations. Jerry has a broad background in cyber, having worked for incident response, malware analysis, and services companies. He has spoken at a
number of conferences worldwide including ISS World MEA in Dubai, InfoSecurity Russia in Moscow, and TM World Forum in Nice, France. He holds an MBA from the University of Massachusetts, an MS in Computer Science from the University of Pennsylvania, and a BS in Electrical Engineering from the University of Buffalo.

Hunting Methodology: A Key to the Labyrinth of Network Forensics
Matt Tharp, RSA

Proactive hunting is the newest cybersecurity strategy and promises great potential. But where is one to start in the world of network forensics? This presentation proffers a methodology for exactly that. It walks through the maze of network protocols with a spool of thread; discussing the protocols of interest, what to look for in each protocol, and how to find the cheese.

Matt Tharp is a Security Engineer with RSA. Matt got his Bachelor’s in Electrical Engineering from Colorado School of Mines and began working at United Launch Alliance (ULA) as an engineer on the space communications system before moving to designing embedded hardware on the most precise navigation and flight computer system both in this world and out of it. During his time with ULA, Matt got his Masters of Science in Electrical Engineering from the University of Denver. Matt moved to RSA as a Security Engineer specializing in the Advanced Security Operations Center (ASOC) product suite. Now Matt supports RSA as a cyber-investigator with the EMC Critical Incident Response Center (CIRC) in addition to teaching security boot camps. Matt continues to work in the security space where his interests include reverse engineering, and the prevention of Android malware.