(ISC)2 Secure Summit Toronto

Lessons From the Cloud: The Evolution of Cloud Environments

Whether it’s Software as a Service (SaaS), Infrastructure as a Service (IaaS) or Platform as a Service (PaaS), cloud computing has been with us long before the media had a catchy name for it. Join us for this session to learn how cloud security has evolved and what that means to varied environments. You’ll learn practical and actionable advice from the field that you can take back to your organization and begin using immediately, building on the collective experience of our profession.

The Details

Date: Monday October 1, 2018.

Price: $50 for members and $120 for non-members

Registration: To register for the (ISC)2 Secure Summit Toronto at SecTor visit sector.ca/register and add Secure Summit Toronto to your SecTor conference registration.

SecTor 2018: Conference Sessions take place on Tuesday October 2 and Wednesday October 3, 2018. The full conference schedule will be released after the second-round speaker announcement in August.

Venue: The (ISC)2 Secure Summit Toronto at SecTor will be held on Level 700 in the South Building of the Metro Toronto Convention Center (MTCC) in downtown Toronto. More information on how to get there is available at sector.ca/travel.

Who is the (ISC)²

(ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 130,000 certified members strong, we empower professionals who touch every aspect of information security. Go to www.isc2.org to find out more.


10:00 – 10:10 Opening Remarks
10:10 – 10:40 CISCO
10:40 – 11:00 Break
11:00 – 12:00 The Lexicon Project, Risk Management, and You
12:00 – 1:15 Lunch on your own
1:15 – 2:00 When Public Cloud Emerged, it was Suitable Exclusively for Born-in-the-Cloud Startups
2:00 – 2:45 Modern Information Security; Forget Cyber, it’s all about AppSec
2:45 – 3:00 Break
3:00 – 3:30 Dark Trace
3:30 – 4:15 Security and Operational Challenges and Considerations in a Multi-Cloud Environment
4:15 – 5:00 Top Ten Risks Impacting Cloud, Digital and Data
5:00 Closing Remarks

*Timing and content subject to change

Speakers, Sessions, Bios

This session will be conducted by (ISC)2’s very own Director for Cybersecurity Advocacy. It will cover important new initiatives at (ISC)2 to expand our association’s role in the cybersecurity profession, and provide critical new guidance and support for our membership. In addition to these exciting new programs, the session will also provide a detailed overview of risk management principles outlining why the Lexicon Project is so important. You will learn the underpinnings of our profession, and how elements such as risk, vulnerabilities, ad threat are mathematically related. Join us to get an in-depth look at how your association with (ISC)2 will be paying you even bigger dividends soon, John McCumber, Director of Cybersecurity Advocacy, (ISC)²

However, as the technology has evolved and organizations have realized the importance of being agile and innovative, it has quickly become the enterprise ‘norm’. Despite this, cloud computing still suffers from confusion. IT leaders are often misinformed or misguided that moving to cloud alone solves challenges around security, performance and agility. Platforms fail, security breaches happen, resilience must be built in both the application and infrastructure design to handle these inevitabilities, regardless of the platform. Learn lessons from some unfortunate failings suffered by other organizations and discover how to leverage the best cloud has to offer by using universal design principles and concepts, without the risk of being ‘cloudwashed’. Bobby Singh – CISO & Head of Infrastructure

This discussion will focus on how modern information security has evolved and the new approaches we will need to move into the 21st century. Perimeter security is dead. We need a new paradigm in security with a new diverse workforce that understands application security, the new frontier. Adrien de Beaupre

According to Forrester, a majority of companies (86%) describe their cloud strategy as multicloud. While there may be many good reasons for utilizing multiple cloud platforms, there are also many associated technical and operational challenges, including those in security. We’ll discuss these challenges, and what organizations can do to minimize the impact, and manage security across a hybrid, multi-vendor environment. Mike Cook, Security GRC Specialist (ISC)²

Most organizations today focus on new and innovative ways in support of client retention and growth strategies. A primary target area is through leveraging emerging technology. This objectives in this session is as follows: 1) It will provide an overview of the digital ecosystem to include the threat landscape and emerging risks facing this technology. 2) It will provide participants with the top ten security risks impacting current organizations. 3) It will strengthen foundational knowledge on this topic, provide focal areas when implementing security controls with a lens on current regulations and industry best practices. Tara Singh, CEO, Director, IT Risk & Security Advisory Services