CSA Summit at SecTor

The fifth annual Cloud Security Alliance (CSA) Summit at SecTor will take place on  Monday, October 1, 2018 at the MTCC in Toronto as part of our pre-conference activities.

The CSA Summit at SecTor is Canada’s preeminent cloud security event. It is an invaluable opportunity for information security professionals to engage with industry leaders to discuss, debate and define the future of cloud security.

Built on a training platform like SecTor, the 2018 Summit will feature keynote speakers, panel discussions and sponsored sessions. Lunch and light refreshments will be provided along with onsite Networking Reception following the event.

The Details

Date: Monday October 1, 2018.

Price: $50

Registration: To register for the 2018 CSA Summit at SecTor visit sector.ca/register and add CSA Summit to your SecTor conference registration.

SecTor 2018: Conference Sessions take place on Tuesday October 2 and Wednesday October 3, 2018. The full conference schedule will be released after the second-round speaker announcement in August.

Venue: The CSA Summit at SecTor will be held on Level 700 in the South Building of the Metro Toronto Convention Center (MTCC) in downtown Toronto. More information on how to get there is available at sector.ca/travel.




09:00 – 10:00 Doors open. Registration and networking
10:00 – 10:15 Welcome
10:15 – 11:00 Keynote #1: David Senf, “Rethinking Your Security Operations in a Cloud Reality”
11:00 – 11:45 Panel #1: “From Federation to CASB; Choosing the Right Identity Solution”
11:45 – 12:15 CSA Global Update: J.R. Santos
12:15 – 13:00 Lunch and networking
13:00 – 13:45 Keynote #2
13:45 – 14:05 Sponsor Session: Bell
14:05 – 14:25 Sponsor Session: Scalar
14:25 – 14:55 Afternoon Break
14:55 – 15:40 Panel #2: “DevOPs Dos and Don’ts; Tips from the Trenches”
15:40 – 16:25 Keynote #3: Mike Rothman, “Cloud Security Trends for 2019”
16:25 – 16:30 Closing Remarks
16:30 – 19:00 Networking Reception

*Timing and content subject to change

Who is the Cloud Security Alliance?

The Cloud Security Alliance is a global member-driven organization, chartered with promoting the use of best practices for providing security assurance within Cloud Computing. Go to cloudsecurityalliance.org to find out more.


Speakers, Sessions, Bios

Below is the schedule for the CSA Summit at SecTor 2018. Expand each one to read more about each speaker and session. You can also watch the full library of 2015, 2016 and 2017 CSA Summit at SecTor sessions here.

Cloud is fundamentally reshaping the roles of security professionals, security budget allocation, security risk planning and security technology purchases. But how do you know if the changes you are making are the right ones, and what impact they will have on your cybersecurity posture? David Senf, founder of Cyverity, leverages in-depth research and analysis, plus guidance from the five functions of the NIST Cybersecurity Framework and four security maturity levels, to help organizations measure the success (or not) of change. In this interactive session, he will share key findings from his work and arm you with benchmarks you can use to evaluate your environment.

David SenfDavid Senf – Founder, Cyverity

David Senf is an IT research and advisory thought leader and executive with a particular focus on cybersecurity. He has spent close to two decades analyzing and delivering vendor, provider, channel and end-user success. He examines security within the larger context of technology adoption from containers to cloud and from DevOps to devices. He founded Cyverity to promote cybersecurity risk awareness, solutions selection, and operations benchmarks and best practices.

Previously he was a VP at IDC where he worked with and presented to countless organizations – and much of the IT vendor community. He enjoys hundreds of press appearances in a variety of publications, including The Globe and Mail, CBC, The Star, Wall Street Journal, and Wired.


Identity is at the core of any secure infrastructure, especially in the cloud world. The challenge is that there is a plethora of solutions out there and it’s not always obvious how to choose the right one. In this session, our panel of experts will bust myths around cloud identity and provide recommendations on how to evaluate and choose the right solutions.

In this session Luciano (J.R) Santos will provide an update on the Cloud Security Alliance and their activities in Canada and across the globe.

Luciano (J.R) SantosLuciano (J.R.) Santos – Executive Vice President of Research, Cloud Security Alliance 

J.R. Santos is the Executive Vice President of Research for the Cloud Security Alliance. He oversees the Cloud Security Alliance’s research portfolio that covers a diverse range of cloud security topics such as IoT, quantum security, big data, artificial intelligence and application containers and micro-services. He is responsible for the execution of the research strategy worldwide. In addition, he advises over 30+ working groups that develop industry-leading security practices, education and tools. J.R. has over 19 years of experience working in information security in a variety of industry sectors including finance, healthcare, aerospace, retail, and technology. J.R. is an active professional in the security industry and has served on various boards and committees throughout his career. J.R. holds various professional certifications and a bachelor’s degree from the University of Washington.

Have you heard the one about the developer who built granular permissions to a critical app, only to have the Ops person grant admin access to everyone? Or the Dev that chose to use an open source module with known vulns that undermined the network security because it was easier…

Collaboration and communication between software developers and other IT professionals is critical to securing systems. In this session, our panel of experts will share tips and tricks to help you implement and run a successful DevOps program.

The evolution and adoption of the cloud continues to astound even the most aggressive of prognosticators. The challenge is not just in figuring out how to migrate to the cloud, securely. But also to keep track of the continuous innovations on the part of the cloud providers and security companies catering to the cloud that force you to revisit architecture and design decisions seemingly daily. In this session Securosis analyst Mike Rothman will break out the crystal ball and give you a sense of the key areas innovation in 2019, what to do right now to be ready, and also how to avoid the inevitable pitfalls of leveraging fast moving cloud technologies.

Mike Rothman – President, Securosis

Mike Rothman is a 25-year security veteran. He specializes in the sexy aspects of security, like protecting networks and endpoints, security management, compliance, and helping clients navigate a secure evolution to the cloud. He’s a busy guy, serving both as President of DisruptOPS, as well as Analyst & President of Securosis. This is a good thing since Mike gets into trouble when he’s not busy enough.

2018 CSA Summit Sponsors








Sponsorship opportunities for the 2018 CSA Summit are now available. If you’re interested in becoming a sponsor, please email sponsorship@sector.ca.