We are finalizing our 2022 schedule We are thrilled to again bring you an amazing line-up of speakers from all of North America!
All times are in Atlantic Time Zone (AST).
- Day 1 October 24, 2022
- Day 2 October 25, 2022
- General Session
During security testing of a third-party product you come across a new vulnerability. Now what?
In this talk, we will explore how to responsibly disclose new, unknown vulnerabilities (0-Days), how to properly score the criticality using the Common Vulnerability Scoring System (CVSS), and how to submit your bug to the Common Vulnerabilities and Exposures (CVE) database.
OSCP, CRTP, Pentest+, CISSP, CISA, CCSP, CRISC, GCP-CDL and CEH (Master) certified, bilingual (French and English), experienced IT security professional. In the last 4 years, he has performed over 150 penetration testing engagements on a wide range of targets such as network infrastructure, web applications, IoT devices, cloud infrastructure, etc. for clients such as provincial governments, national telcos, large municipalities, police departments, health care providers, and much more. He is the founder of the Atlantic Cybersecurity Collective (formerly OWASP Moncton) and has presented at various infosec events.
Threat Hunting, how do you know if you’re doing it right? How do you define a successful threat hunting program? Where do you start? There are a lot of questions and preconceived notions about how threat hunting should work. Many organizations make the same mistakes without achieving their cybersecurity goals. This talk is summation of my threat hunting journey with the intent of inspiring others by sharing what has and has not worked for me and the organizations I help. By the end of the talk, attendees will walk away with a better understanding of threat hunting and actionable next steps to get an ROI.
Michael Wylie, MBA, CISSP is the Director of a 24/7/365 global managed threat hunting team – CrowdStrike’s Falcon OverWatch Elite. Prior to his current role, he was the Director of Cybersecurity Services at a top 100 CPA firm where he built the offensive and defensive security service practices. Michael has developed and taught numerous courses for the U.S. Department of Defense, DEFCON, Universities, and for clients around the world. Michael is the winner of numerous SANS challenge coin and holds the following credentials: CISSP, CCNA R&S, CCNA CyberOps, GPEN, GMON, GCFE, TPN, CEH, CEI, VCP-DCV, CHPA, PenTest+, Security+, Project+, CNVP, Microsoft Azure
Successful incident response requires swift action to contain. Whether it is a breach, insider threat or other attack the longer the adversary pivots in your network, the more difficult the event will be to contain. There are numerous tools available today to perform key orchestration tasks referred to as EDR or Endpoint Detection and Response tools – there are many reasons why these tools may not be suitable for your environment. For example, if you are tasked with protecting an industrial control system or OT environment where agent-based EDR-style applications could cause interruption to critical infrastructure, alternative options may be required. This presentation will discuss the concept of security incident automation and response and focus on introducing open-source host orchestration tools that can be used to execute key tasks to contain a cyber-security event, collect key evidence and better prepare you to survive the incident.
During this presentation we will discuss the following:
– Assessing what an organization’s incident response capabilities are
– Discussing the concept of automation and response and how this fits into the concept of Security Orchestration, Automation and Response (SOAR)
– Understanding what incident response processes can be easily automated and which cannot
– Discuss the concepts of incident analysis, triage and prioritization
– Review the benefits of incident response automation including quicker response to incidents, working with a smaller cyber workforce, lack of a sufficient tools budget and lack of response capabilities
– Discuss the various processes that should be in place in your playbook to be executed when a cyber-event has been identified and how these can translate to an automated workflow
– Discuss the value of agentless automation vs. commercial tools that require an agent
– Look at tools such as PowerShell, Chef, Puppet and Ansible used as tools to enable incident response automation
– Review a number of incident scenarios and response use cases and how they can be automated – including some uses for automation from a recent real-world ransomware response
Peter leverages over 25 years of experience to help clients develop robust Cybersecurity program strategies. This includes advising organizations in areas ranging from industrial and control system (ICS) security, network security architecture, threat hunting and red-teaming to cloud security, incident response, computer forensics and beyond. Throughout Peter’s career, he has held senior positions with numerous organizations, including a global Cybersecurity consulting firm, a national telecommunications and media company, a Fortune 500 cloud-computing company, a recognized Cybersecurity software company and a major US defense contractor. Peter has had the opportunity to work across industries, including in the critical infrastructure including energy and water, mining and industrial sectors as well as government, aerospace and military. As a public speaker, Peter has presented at numerous events held by the FBI, US Department of Homeland Security, Conference Board of Canada, FIRST, BSides, SecTor, SANS, Blackhat, Public Safety Canada, IIA and ISACA. Peter is also a frequent guest lecturer at colleges and universities across North America, and have been featured in such publications as SC Magazine, USA Today, National Post and Penetration Testing Magazine. Peter currently serves on the board of directors for the ISACA Atlantic Provinces Chapter. Peter received the ISACA Global Outstanding Leader Award in 2020 for his contributions to the association and his chapter.
Computer systems today rely on globally distributed and connected systems. When working together and in harmony, these systems provide a seamless experience, however a minor delay or glitch in one of these systems can result in the whole system becoming unresponsive. As computer science evolves these systems are now composed of not only traditional Information technology (IT) but Operational technology (OT), Internet of Things (IoT), and Industrial IoT.
Recent attacks on the supply chain such as SolarWinds, 2020; Mimecast, 2021 have highlighted the importance of Supply chain risk management. In most organizations, the process to manage Supply chain risk is loosely defined or not defined at all. Supply chain risk management involves assessing and ensuring the security, quality, integrity and resilience of the supply chain and its products and services. Some common supply chain risks include the introduction of malicious software, tampering with existing systems etc.
In this talk, the author discusses some of the ways in which supply chain risk management can be integrated into the existing Information Security Governance program and best practices when assessing supply chain risk.
Strategic and visionary information technology leader. Skilled at recognizing, organizing, and protecting critical information. Accomplishments include implementing and helping sustain an Information Security and Governance program for multiple clients from different business verticals such as the education and government sector.
Platinum Sponsor Lunch Presentation
Multi Factor Authentication is an excellent layer of security, but does that mean your accounts, apps and devices are safely protected? Banks, your email provider, League of Legends – everyone asks and accepts MFA, and it is without a doubt a great layer of security. But – and this might come as a surprise – it’s not completely safe, and shouldn’t be solely relied upon. With a little bit of social engineering MFA can be bypassed.
Bryan Beard is a security specialist who delivers easy-to-understand presentations and demonstrations that challenge his audience to reconsider their security strategies. Using real-world examples, he sheds light on current findings in the cybersecurity world. Bryan moved to Halifax and received his computer engineering degree from Dalhousie
University in 2019. With a strong sense for learning and a love for solving puzzles, he developed a talent for computers as well as a knack for breaking things. Naturally, Bryan went on to become a penetration tester and received his OSCP in 2021. Since then, he has conducted hundreds of penetration tests for clients in all sectors – from 2-person
start-ups to big-name banks. Bryan mentors with passion, guiding his clients to effectively strengthen the security strategies they need to succeed no matter what their marketplace does.
This presentation is focussed on helping leaders and influencers build a robust Cyber Security Program for their organizations. A properly developed program provides structure for improving the overall security posture of the organization. This presentation will lead the attendees on:
1) What is a Cyber Security Program?
2) Why do we need a Cyber Security Program?
3) Steps to build a Cyber Security Program?
4) Building a Successful Cyber Security Program?
After the presentation, the attendees will be able to take a better understanding and a structured framework back to their organizations.
Azhar is the Founding Managing Director for two consulting firms: InScope Project Management & Consulting Inc. which specializes in Project Management, Analysis, Change Management and Quality Assurance services, and Castellan Information Security Services Inc., which specializes in providing end-to-end services, products and personnel related to Information / Cyber Security.
Azhar is a results-oriented Senior Consultant with extensive expertise in Project / Program Management, Business and Systems Analysis, Technology Portfolio Assessment and Recommendation, Business Process Review & Redesign, Systems Implementation, and Cyber Security Programs. He has nearly 30 years of experience working in the Information Technology field, and over 20+ years of experience in successfully delivering complex and critical projects across several industries including Education, Agriculture, Financial Services, Telecommunications, and Insurance. He has successfully led projects with teams of up to 30 people. Over the last 9+ years, Azhar’s focus has been on delivering Information / Cybersecurity programs.
As a management consultant, Azhar draws upon his strong and thorough analytical skills. His experience in diverse industries enables him to look at a problem from different perspectives; enabling him to provide recommendations that may not be immediately obvious. He is comfortable and confident in working with all levels within an organization, be it at the team, management or executive level.
Culture – that combination of people, values, and processes – plays a far larger role in cybersecurity and resiliency than technology alone. Building a cyber resilient culture is critical to reducing risk and improving the odds of successfully dealing with cyber incidents.
Building a cyber resilient culture takes more than just annual awareness training. It takes a deliberate program that successfully leverages platforms, content and senior leadership support to explain the why, not just the what of cybersecurity. It also takes a program designed to change individual and organizational risky behaviours, an approach the calls for a robust change management component to supplement awareness and education efforts.
Join Ian MacMillian, co-founder of Beauceron Security and Paul Eisner, President of Mariner who will share their expertise in building cyber resilient cultures. Ian MacMillan led the design of the Beauceron platform’s user experience program and leads the cybersecurity awareness and culture program for Beauceron. Paul Eisner brings a wealth of cybersecurity expertise as well as leading Atlantic Canada’s largest change management practice.
Paul leads the Mariner’s strategic growth, overseeing all business and technical operations. With over 30 years’ experience in the communications, advanced media technology and cybersecurity fields, and in leadership positions at IBM, Harris Corporation and Leitch Technologies, Paul brings an energetic global business perspective to the Mariner team. As President of Mariner, he was successful in leading Mariner’s entry into the high-growth market of information security services and products. Paul holds a Master of Business Administration from The University of New Brunswick, a Bachelor of Engineering (Industrial) from Dalhousie University and a Bachelor of Science from Acadia University. He is also a graduate of the Darden School of Business (University of Virginia) Executive Development Program.
Ian MacMillan is a co-founder of Beauceron Security Inc., one of Canada’s leading technology companies focused on the human aspects of cybersecurity. As the Chief Evangelist for Beauceron, Ian provides advice and expertise on how to build world-class cybersecurity awareness and education programs that engage and motivate employees in organizations of all sizes. Ian helps clients develop initiatives and leverage technologies that deliver meaningful experiences for individuals, and measurable impact in the security of their organizations. Ian’s professional passion has always been about creating individual-focused experiences. A graphic designer and user experience (UX) architect by trade and an information security professional by choice, Ian has led projects in higher education, at global technology companies, and now at Beauceron Security that empower individuals to be in control of the technology they use. Ian regularly works with household national and global brands in the development and execution of their cybersecurity awareness and education efforts. In his past, Ian has worked at the University of New Brunswick as a Software Developer in Information Technology Services, at IBM on their flagship security product, QRadar, and led the development of Beauceron’s industry-leading personal cyber risk dashboard for individual employees. In his spare time, Ian is an outdoorsman and gearhead, spending his off-days exploring the outdoors and turning wrenches on projects at home.
You don’t know what you don’t know. This statement is very true as it pertains to the technical controls, tools, and services being used within your organization deployed to protect against attackers and threats.
How much overlap in tools and capabilities does your current suite of security controls generate? Wouldn’t it be great if you could determine what tools were meant to do what? How about being able to justify expenses on new, or upgrades to existing, solutions?
This session will show you how to create a detailed gap analysis of your currently deployed technical controls against the types of threats your organization may face. Not only will this help visualize overlaps, but it will also highlight deficiencies that could be addressed by an increase in budget, a configuration change, an Open Source tool, or even a license upgrade. It will also show you how to properly budget for areas not currently addressed using concrete data backed by the MITRE ATT&CK framework.
Darryl MacLeod has over 20 years of experience in the IT security sector, having been responsible for optimizing service delivery to all levels of enterprise and government level organizations.
Darryl has presented at the Atlantic HTCIA IT Security Conference, Halifax Area Security Klatch (HASK), Security B-Sides St. John’s, ISACA Atlantic Provinces Chapter Information Security & Risk Conference, GoSec and the Texas Cyber Summit. He sits on the Board of Directors for the Atlantic Security Conference and was the Lead Organizer for the Security B-Sides Cape Breton conference.
- General Session
Ira Winkler, CISSP, is the Chief Security Architect for Walmart and author of the books, You Can Stop Stupid and Security Awareness for Dummies. He is considered one of the world’s most influential security professionals and was named “The Awareness Crusader” by CSO magazine in receiving their CSO COMPASS Award. Most recently, he was named 2021 Top Cybersecurity Leader by Security Magazine.
Ever wonder about threat actors impersonating each other to obscure their intetions or to shift blame to met a political agenda? If so, in this talk we will be walking through a technical analysis of Bitter APT’s ZxxZ backdoor, its attack chain and capabilities. Once we understand Bitter APT’s malware, there will be a demonstration of delivering our own payloads to infected targets using their malware with our own C2 server. To conclude, we will discuss both technical and non-technical points to be aware of when performing attribution.
I started my career after I hit rock bottom being a single mom who moved back to live with my parents. This was after dropping out of computer science in university, my professors told me I would not be good enough to get a job in computers. I had lost all passion for what I loved and hoped for the future. I worked with my case worker (social assistance program) and they helped me gain the confidence to try computers again. I was able to tech myself programming and other computer science concepts on my own time (online courses). With this, I was able to regain my confidence regarding computers. I then became really interested in offensive security and applied to work at a cyber security company. I started as an entry-level analyst and worked my way up to starting my own threat research and detection department. I taught myself how to reverse engineer malware from scratch along the way and have not looked back since. If I can train an English teacher to reverse engineer malware, I have the confidence I can train anyone to get the task done. If you are looking for someone to lead your threat research and detection team who has done each job on the way up to the top, I might be the one you are looking for. Since then, I’ve presented research all across North America, appeared on TV as an expert twice and have not looked back. I love reverse engineering, malware analysis, detecting threat actors, the thrill of the hunt, mentoring other women who want to get into cyber security and most importantly, my family and the wonderful people on my team who have grown so much in their careers.
Business resilience programs are designed to cover all types of disruptions, including fires, severe weather and pandemics. But one type of disruption is the most common: cyber-attacks.
This presentation will explore how you can approach building or focusing your business resilience program around one of the most likely disruptions your organization will face – cyber-attacks. We will cover practical approaches to determining recovery targets, assessing exposure, making the case for additional investment and developing recovery plans and testing them.
Tarek is a Senior Manager in KPMG’s Cybersecurity practice and specializes in business resilience, information security and privacy. Tarek’s experience includes helping clients design and implement end-to-end business resilience programs in various sectors, including government, financial services, natural resources and manufacturing/industrial.
Tarek is an active speaker on the topics of cybersecurity and business resilience, providing insights into current trends and practical approaches for businesses of various sizes and non-profits to protect themselves against cyber-attacks and significant business disruptions.
As security professionals growing in our roles, we face challenges in creating cost effective security for those we serve. At the individual contributor level, we face deadlines for solutions and analysis. At the manager level we face challenges in hiring qualified staff, prioritising work and building effective teams. As one moves to more senior roles, we determine and justify an accountability model to stakeholders outside security. This talk discusses the profession of security, in light of other similar professions. It then focuses on how we can grow our members and interface with non-security stakeholders through formal governance. The talk makes liberal use of real-world experiences, real stories of difficult choices, and real-world examples of organisations that have had governance success.
Robert Fritz brings 30 years of experience of security leadership to the individuals and organizations he works with. He served his country as a US Air Force officer, including assignments at Langley AFB and at the Pentagon, and has served as a leader in public and private companies ever since. At Hewlett-Packard, he led research and development of security technology. As an Executive Director at Morgan Stanley, he served as Canada CISO. He then served as Director of Cyber Security at Emera and at Irving Oil. His last 5 years have concentrated on board and executive level cyber security and privacy governance advice and reporting, as well as cyber security operations. Robert received his Bachelor’s in Computer Science at the US Air Force Academy, and his Master’s in Computer Science: Software Engineering, from Old Dominion University in Norfolk, VA. He serves his Atlantic Canada security community as a frequent speaker and as the Vice President of the Atlantic Canada Chapter of ISC2
Beauceron Security’s Chief Evangelist, Ian MacMillan, will share his catch of real phishes submitted to Beauceron Security and caught by various organizations around the world, including classic examples of phishing and new emerging trends in 2022. Ian will explain how these attacks work, why they’re successful, and how you can use these examples to inform your security awareness strategy and incident response plans.
Ian MacMillan is a co-founder of Beauceron Security Inc., one of Canada’s leading technology companies focused on the human aspects of cybersecurity.
As the Chief Evangelist for Beauceron, Ian provides advice and expertise on how to build world-class cybersecurity awareness and education programs that engage and motivate employees in organizations of all sizes. Ian helps clients develop initiatives and leverage technologies that deliver meaningful experiences for individuals, and measurable impact in the security of their organizations.
Ian’s professional passion has always been about creating individual-focused experiences. A graphic designer and user experience (UX) architect by trade and an information security professional by choice, Ian has led projects in higher education, at global technology companies, and now at Beauceron Security that empower individuals to be in control of the technology they use. Ian regularly works with household national and global brands in the development and execution of their cybersecurity awareness and education efforts.
In his past, Ian has worked at the University of New Brunswick as a Software Developer in Information Technology Services, at IBM on their flagship security product, QRadar, and led the development of Beauceron’s industry-leading personal cyber risk dashboard for individual employees.
In his spare time, Ian is an outdoorsman and gearhead, spending his off-days exploring the outdoors and turning wrenches on projects at home
Platinum Sponsor Lunch Presentation
Brian Brown is an Enterprise Architect for McAfee’s North America business unit helping customers navigate a transformational IT Security landscape. A focus on Information
Security Program Strategy and Enterprise Security Architecture using the SABSA method is the core of his approach. As a former Information Security Manager and
Director of Security Operations in healthcare Brian grounds his approach with the background of a practitioner. His experience spans security for devices, networks,
cloud technologies and data. Brian’s multi-disciplinary background as a 27 year IT professional and architect is complemented by membership in ISACA, SABSA and the IASA Global Architect
community to assist clients with strategy and technology integration.
This presentation is based upon the master’s project for the American Military University (to be) submitted in September of 2022. Focusing on the potential risks associated with the various degrees (one through four) of autonomous shipping and their impact on Atlantic Canada’s seaports, this work aligns the current state of autonomous shipping’s cyber security concerns with the current (and soon to be implemented) cyber security requirements not only from the International Maritime Organization but also the International Association of Classification Societies (IACS) and industry best practices. This includes not only the NIST Cyber security framework (version 1.1), but also guidance from doctrine such as NIST 800-53B focusing on cyber security controls but also the guidance in the IACS unified requirements for computers and cyber security on board ships (E22 currently and E26 and E27 coming into force on 01 January 2024). The comparison of the current state of controls for autonomous shipping, taking into account the recent IMO activities (MSC.1 / 1638 Regulatory Scoping Exercise) and the UK voluntary model generated by industry identifies areas that warrant further attention.
These gaps are then examined through the view point of port operations. Halifax has seen its share of difficult and even tragic situations involving maritime shipping in the port, such as the 1917 explosion. This structured approach intends to identify areas where the Information Technology, Information Systems and other capable practitioners may wish to devote energy as autonomous shipping becomes more prevalent.
Allan McDougall has over 30 years experience across the Asset Protection and Infrastructure Assurance domain. This spans military (Canadian Armed Forces – combat engineers), public service (Senior Security Policy and Projects at DFO, Compliance Auditor for the Canadian Coast Guard, Senior Inspector for Marine Facilities at Transport Canada, and Manager for Physical Security at Canada Border Services Agency), and private sector with both the security (senior consultant) and maritime (corporate leadership roles) domains. Within the volunteer community, he has held both leadership (ARVP Region 6 Certification, Certification Chair) and supporting roles involved in assisting individuals working through their efforts towards certification in a number of association.
In addition to multiple certifications across several domains (Professional In Critical Infrastructure Protection, Certified Master Anti-Terrorism Specialist, Computer and Information System Security Professional, Certified Protection, Professional, Physical Security Professional, and others in the maritime space), he has assisted in the conceptualization and implementation of maritime security education programs at the graduate level (Coventry University, UK and currently working with Acadia University’s Professional Certificate in Maritime Security). He has four co-authored published works focusing on Transportation Systems and Critical Infrastructure with the latest editions still being used in several universities world-wide. He is currently working on a fifth edition of the Critical Infrastructure work due to be out in April of 2023. While contributing in this way, Allan also continues his own professional development and continuous learning through a range of technical courses and academic programs, the most recently being the master’s program at American Military University.