(ISC)2 Toronto Security Nexus

Focused on Defining Cybersecurity, join us at (ISC)² Toronto Security Nexus to equip you, our security leaders, with the knowledge and tools necessary to tackle today’s threats, protect your organizations, and advance your career.

(ISC)2 TORONTO SECURITY NEXUS will feature these four topics::

  • Defining the Profession
  • Defining Threats
  • Defining New Technologies
  • Defining Industrial Control Systems and IoT

Why You Should Attend
Here’s your chance to take advantage of educational sessions, keynotes and networking with cybersecurity leaders in government, industry and academia. These tactical, focused learning opportunities will complement your broad understanding of cybersecurity strategies and principles, enabling you to become a more well-rounded, focused and effective practitioner. Learn from the most experienced in our profession while strengthening your organization’s security posture.

The Details

Date: Monday October 7, 2019.

Price: $60 for members and $120 for non-members

Registration: To register for the (ISC)2 Toronto Security Nexus at SecTor visit sector.ca/register and add (ISC)2 Toronto Security Nexus to your SecTor conference registration.

SecTor 2019: Conference sessions take place on Wednesday October 9 and Thursday October 10, 2019. The full conference schedule will be available on our Schedule page after our round-two speakers are announced.

Venue: The (ISC)2 Toronto Security Nexus at SecTor will be held on Level 700 in the South Building of the Metro Toronto Convention Center (MTCC) in downtown Toronto. More information on how to get there is available at sector.ca/travel.

Who is the (ISC)²

(ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 130,000 certified members strong, we empower professionals who touch every aspect of information security. Go to www.isc2.org to find out more.


10:00 – 10:10 Opening Remarks
10:10 – 10:40 Session #1
10:40 – 11:10 Break
11:10 – 12:00 Session #2
12:00 – 1:00 Lunch Break (Lunch Not Provided)
1:00 – 1:40 Session #3
1:40 – 2:30 Session #4
2:30 – 2:45 Break
2:45 – 3:20 Session #5
3:20 – 4:00 Session #6
4:00 – 4:45 Session #7
4:45 – 5:30 Session #8
5:30 Closing Remarks

*Timing and content subject to change

Speakers, Sessions, Bios

Stay tuned for 2019 details. Below is the line-up from the (ISC)2 Secure Toronto event at SecTor 2018. Expand each one to read more about each speaker and their session.

Cyber Criminals are increasingly exploiting the Internet services to build agile and resilient infrastructures, and consequently to protect themselves from being exposed and taken over. This session will explain how the correlation of Internet data on multiple levels (DNS, BGP, ASN, Prefixes/IPs) can be used to build and deliver a new model of security that is pervasive and predictive, and that allows us to expose the attackers’ infrastructure. Learn how detection models that can be built and applied (such as co-occurrences, NLPRank, and Spike Detectors), and how the different detectors can be integrated to expose malicious infrastructures and advanced persistent threats. Chris Parker-James, Consulting Systems Engineer, CISCO

This session will be conducted by (ISC)2’s very own Director for Cybersecurity Advocacy. It will cover important new initiatives at (ISC)2 to expand our association’s role in the cybersecurity profession, and provide critical new guidance and support for our membership. In addition to these exciting new programs, the session will also provide a detailed overview of risk management principles outlining why the Lexicon Project is so important. You will learn the underpinnings of our profession, and how elements such as risk, vulnerabilities, ad threat are mathematically related. Join us to get an in-depth look at how your association with (ISC)2 will be paying you even bigger dividends soon, John McCumber, Director of Cybersecurity Advocacy, (ISC)²

In an age of borderless networks, security for the cloud and security for the corporate network can no longer be separated. Security teams are now presented with the challenge of monitoring and controlling access to these cloud environments, as they represent yet another frontier for cyber-attacks. Complete visibility has never been more important—or more difficult. Powered by AI, Darktrace’s Enterprise Immune System technology is the only solution to offer real-time visibility and insight into all parts of a network, regardless of its configuration. By learning a ‘pattern of life’ for all networks, devices, and users, Darktrace can detect threats as they arise and autonomously respond in real time – all without impacting server performance. Dave Masson, Country Manager, Canada, Darktrace

However, as the technology has evolved and organizations have realized the importance of being agile and innovative, it has quickly become the enterprise ‘norm’. Despite this, cloud computing still suffers from confusion. IT leaders are often misinformed or misguided that moving to cloud alone solves challenges around security, performance and agility. Platforms fail, security breaches happen, resilience must be built in both the application and infrastructure design to handle these inevitabilities, regardless of the platform. Learn lessons from some unfortunate failings suffered by other organizations and discover how to leverage the best cloud has to offer by using universal design principles and concepts, without the risk of being ‘cloudwashed’. Bobby Singh – CISO & Head of Infrastructure

Traditional AV vendors see virtualization and cloud architectures as impediments to effective security. At Bitdefender, virtualization has opened the door to a new, more secure world. Today, we leverage virtualization to stop future exploit-based attacks. Tomorrow, we’ll be making virtual servers and workstations even more secure than what is possible today without heavy administrative overhead or poor user performance. Mike Gable, Bitdefender

This discussion will focus on how modern information security has evolved and the new approaches we will need to move into the 21st century. Perimeter security is dead. We need a new paradigm in security with a new diverse workforce that understands application security, the new frontier. Adrien de Beaupre

According to Forrester, a majority of companies (86%) describe their cloud strategy as multicloud. While there may be many good reasons for utilizing multiple cloud platforms, there are also many associated technical and operational challenges, including those in security. We’ll discuss these challenges, and what organizations can do to minimize the impact, and manage security across a hybrid, multi-vendor environment. Mike Cook, Security GRC Specialist (ISC)², Inc.

Most organizations today focus on new and innovative ways in support of client retention and growth strategies. A primary target area is through leveraging emerging technology. This objectives in this session is as follows: 1) It will provide an overview of the digital ecosystem to include the threat landscape and emerging risks facing this technology. 2) It will provide participants with the top ten security risks impacting current organizations. 3) It will strengthen foundational knowledge on this topic, provide focal areas when implementing security controls with a lens on current regulations and industry best practices. Tara Kissoon, CEO, Director, IT Risk & Security Advisory Services