Will Your Backups Help You Recover from Ransomware?

Most Canadian organizations have a backup and recovery plan for disasters such as blackouts or flooding, but surprisingly few are prepared for an arguably greater – and more likely – threat to their livelihood: cyberattacks. While 90 percent of Canadian organizations reported falling victim to cyberattacks such as ransomware over the past year, according to […]

Read more

From the Field – Stories of Successfully Detecting Cyber Attacks

We often hear the attackers are successful, the company has been breached and data has been stolen or held ransom.  We never hear when the defends beat the attackers! In this session, hear from two leaders in Cyber Security talk real world examples of the defenders defeating the attackers.  You will hear from Stephan Jou, […]

Read more

Navigating Enterprise Security in a Post-Compromise Reality

Every organization gets compromised – it’s how fast you detect and respond to an incident that counts. This is especially important when you look at trends like the overnight move to remote work, the rise in encrypted traffic and acceleration of cloud adoption, as well as the proliferation of enterprise IoT that have expanded the […]

Read more

The (Hard) Key to Stop Phishing: How Cloudflare Stopped a Targeted Attack and You Can Too

In July 2022, Cloudflare was targeted in a sophisticated SMS phishing scheme in such a way that we believe most organizations would be likely to be breached. In this session we’ll detail the recent targeted phishing attack we saw at Cloudflare and more importantly, how we stopped it and steps you can take to protect […]

Read more

Impact of the Russia – Ukraine Conflict on Your Cybersecurity

The Cyberconflict between Russia and Ukraine has spurred numerous “Shields up” warnings from CISA, Certs, our own CCCC, and other agencies. What is the real risk for Canadian businesses? This talk presents the current state of affairs on the cyberwar and some of the tools that can be used to mitigate this new elevated risk.

Read more

The Agent of Influence

In a world of media chaos and disinformation, how do you differentiate truth from lies? How do you choose your sources of information? Never before have nation-states had a tool as far-reaching as the internet to tell stories, spread messages, and deceive friends and foes alike. Today, over 95% of Canadians and Americans are connected […]

Read more

The Evolution of Ransomware

Ransomware has evolved from a relatively minor annoyance with negligible costs into a multi-billion-dollar international criminal economy. With the advent of nation-state sponsored support for these evolving campaigns, it’s important to understand the various mitigation options so you never have to rely upon the “honour amongst thieves” in order to recover your data. Based on […]

Read more

Ransomware IR Playbook to Remember & an Art of Building Resilience

The rise of ransomware and other tactics for cyber criminals over the past few years is an ever-growing problem that has quickly become an extremely lucrative criminal enterprise. Targeted organizations often believe that paying the ransom is the most cost-effective way to get their data back — and, unfortunately, this may also be the reality. […]

Read more

Operationalizing Cyber Threat Intelligence for Modern Security Operations

Data and algorithms are the fuels for insights and driving decisions in the modern digital business, and cyber threat intelligence (CTI) is the fuel for modern security operations. Operationalizing threat intelligence requires the right mix of people, process and technology to create and refine this fuel, yet organizations still struggle with establishing and growing a […]

Read more

Report: Protecting Customer Identity and Access Management (CIAM) Services Against Online Threats

Today’s companies must enable their customers to engage with their apps or services at any time, from any device, in a secure and safe manner. While the importance of identity within an organization’s security posture has been clear for many years, the digital rush has accelerated timeframes by dissolving security perimeters with unprecedented swiftness. As […]

Read more

Is Your Defensive Stack Ready for a Targeted Attack?

A key challenge for organizations is determining if the investment in detection and response tools are performing and meeting their objective. Security teams struggle with red team and security validation processes performed in a continuous and efficient manner. How can security teams remove assumptions and shift their organization’s security program to one centered around the […]

Read more

Security Lessons from Canada’s Payment Modernization Journey

Canada embarked on a national payment modernization program in 2016 that significantly impacts businesses, banks, government, and consumers alike.  The program vision is to provide faster, efficient, and data-rich payment systems, while ensuring security and privacy are built-in.   In this keynote, Monika Tamber, Director of Security Governance with Payments Canada, will share key security lessons […]

Read more

Software Supply Chain Security: Knowing What You Don’t Know

Attackers know that the majority of modern application code is composed of open source software. Today, Checkmarx researchers witness, in real-time, attackers planting packages with malicious code into open source software supply chains. As a result, as application developers perform builds, malicious code becomes part of the applications you are publishing. Making matters even worse, […]

Read more

Vulnerability Management: Try Fixing Less to Reduce More Risk

For over 20 years, Vulnerability Management has gone completely unchanged; sure, we have new ways to scan, detect, and report, but the ineffective process has stayed the same. What this means in today’s organizations is a flood of tickets, slow remediation, missed SLAs and constant conflict between IT and Security teams. Meanwhile, common vulnerabilities remain […]

Read more

Researching Risk: The Qualys Approach to Identifying and Reducing Risk

In recent years the number of vulnerabilities, threat actors, tools, tactics, and techniques has grown exponentially. Keeping track of what is important is a daunting task for an organization of any size. At Qualys, the research team is looking at the threat landscape around the clock to prioritize what is important for our customers. This […]

Read more

Indicators Everywhere! How SOCs Can Maintain Efficiency Against Any Attack

Security Operations Center (SOC) teams are being stress-tested today like never before. With increasing pressure to respond to a variety of signals demanding their attention, optimizing a security operations center has proven to be increasingly challenging. The SOC strategy you implement can not only help to prevent threats from causing harm, but it can also […]

Read more

Top 10 Cyber Security Actions for Canada

In 2021, the Canadian Center for Cyber Security released the top 10 mitigating actions that organizations should take to protect its Internet-connected networks and sensitive information from cyber security threats. Together, we will understand what these 10 actions are and validate what their impact could be on the protection of your most critical assets. This […]

Read more

Two Years of Accelerated Cybersecurity and the Demands Being Placed on Cyber Defenders

In the last few years cybercriminals have, upped their monetization demands, attacked critical infrastructure, utilized supply chain attacks, and continued to inflict untold damage on businesses and consumers. The woes don’t stop there, the conflict in Ukraine has seen attacks on power grid infrastructure and destructive data wipers, causing heightened potential cyber-attack alerts to be […]

Read more

Seize the Breach: Protect Your Organization With Behavior-based Security Intelligence

No organization can ever be complacent and think that their cybersecurity strategies are impenetrable. Regardless of how thorough the precautions, establishing a perimeter and defending it is never enough. Cyberattacks are growing in number and sophistication, with adversaries becoming more experienced at bypassing even the most sophisticated measures. Waiting for a “You’ve Been Breached Notification” […]

Read more

Neither Pointless nor Boring: Pop it and Lock it Down with CIS Controls

As part of a vendor security research team, a lot of time is spent reading up on documents released by various standards bodies. These standards are useful guides to securing the environment, but they often become the driving force behind “checkbox security.” This happens, in part, because these documents are looked down upon as boring […]

Read more

Defending Ukraine: Early Lessons from the Cyber War

Microsoft’s efforts to aid Ukraine’s response to Russia’s attacks are tied to our commitment to security, defence of democracy, and protecting people. Join us for this session to learn how our threat intelligence and security teams are working closely with the government of Ukraine and other partners to protect organizations and citizens. Protection against cyber-attacks […]

Read more

Into the Abyss: Cybersecurity Tool Selection, Rationalization, and Decommissioning

The information security space is awash in point technology solutions. As a defender, how does one choose where to spend a limited security budget when faced with this sea of choices? How can we minimize overlap within the highly dynamic toolset we already own, rationalize vendor relationships, and decommission tools that overlap or no longer […]

Read more

How Safe is Your Cloud? Deciphering Cloud Threats and Security Models

The cloud is here and growing. Securing the cloud isn’t the same as securing on-premise deployments. According to recent Elastic research, 1-in-2 CISOs expect misconfigurations to be a leading cause of breaches, while an ESG research highlights that 89% of negative outcomes occur between detection and investigation. In this session James Spiteri, Product Marketing Director […]

Read more

How AI Can Think Like an Attacker

In the face of skyrocketing cyber risk, detecting and responding to attacks is no longer enough. Organizations must take proactive steps to prevent threats before they happen, and to recover if compromised. In this session, Darktrace unveil an ambitious new approach to security, with core engines powering AI technologies to prevent, detect, respond, and ultimately […]

Read more

Mobile Security – The Hackers Next Frontier

At the intersection between business and pleasure, mobile social applications access the most sensitive information about us and the world we live in. Hackers are focused on Mobile attacks now more than ever, as they represent the next frontier for security risk.

Read more

Time to Re-evaluate Your Security Layers

The layers of security we’ve deployed over the last 30 years must be re-evaluated since many organizations have fallen victim to cyber-attacks. How will today’s cyber security solutions solve the many business problems? This discussion highlights the pros and cons of the past solutions vs the present.

Read more

What Log4Shell Taught Us About the Software Supply Chain, that Other Vulns Didn’t

The discovery of the Log4Shell vulnerability was a wake-up call for many organizations. It was an opportunity not only for criminals, but also for hackers who look to help organizations uncover vulnerabilities before they can be exploited. Log4Shell forced many organizations to address how they use third-party and open-source software. Most organizations have recovered from […]

Read more

Effective Response in the Face of Zero Day Threats and Vulnerabilities

Today, all companies are susceptible to cyberattacks. Despite the presence of SOC teams monitoring for zero day threats, vulnerabilities, and unusual activities 24/7. So what can you do to help your team accelerate incident response? Join me to discuss how you can: Quickly assess your risk exposure to identify CIs in zero day vulnerabilities, such as […]

Read more

The Unsung Hero of Cybersecurity: Taking Your Vulnerability Management Program (VMP) from Good to Great

Feedback from Canadian organizations in the 2022 TELUS Canadian Ransomware Study highlighted the importance of having a comprehensive Vulnerability Management Program (VMP) in order to defend against ransomware. Today, approximately 50% of Canadian organizations have a formal VMP in place, but how can these organizations take their programs from good to great? Join Kim Schreader, […]

Read more

Decision Making in Uncertain Times: Key teachings from Executive Exchanges

Global and technological uncertainty is being weaponized by adversaries.  Digital Transformation, Global Supply Chain issues, Mandated Lockdowns, and State Sponsored attacks are creating windows of opportunities for adversaries to exploit. We will discuss evolving attack trends and how defenders can employ core security pillars to mount a rigorous defense. Rigid defenses are obsolete and easily […]

Read more

The Compelling Case for Zero Trust: Bridge the Gap Between Cybersecurity and Business

At a time when work was still a place to go to, apart from a thing to get done, organizations could afford to protect their most sensitive data using firewalls, IDS and IPS systems, and VPNs. But today, when there are no corporate network boundaries, and data can be stored and accessed from anywhere, traditional […]

Read more

Correctly Configure All the Clouds

Even though cloud computing isn’t all that new anymore, learning how to use it effectively can be overwhelming. It’s unfortunately very easy to make mistakes. The vast majority of cloud security failures are configuration mistakes of some kind or another, so developing the discipline of correct configuration is the best thing companies can do to […]

Read more

Leave No Stone Unturned: The Elements of Security Visibility

With each passing year, the number of cybersecurity events continues to increase despite record breaking spend on cybersecurity tools. So why do threats continue to be successful even if we are investing heavily in detecting them? The answer is simple, we are not always monitoring in the correct places. This session will discuss the 5 […]

Read more

Cybersecurity Insurance: Where to Start & How to Qualify

The blistering pace and expanding scope of cyberthreats and ransomware attacks is forcing cyber insurance companies to steeply increase their rates and premiums, and even drop coverage for high-risk organizations. Underwriting requirements to be approved for cyber insurance are becoming more stringent. In this upcoming session with Chris Hills, Chief Security Strategist at BeyondTrust hear […]

Read more

How 2FA is Circumvented

Discover how vulnerabilities, misconfigurations, and lack of security awareness could lead to successfully social engineering. This talk will discuss: Vulnerabilities – If left unpatched lead to risks Misconfigurations – Exposing users or public endpoints without 2fa Session theft – Session stealing through phishing or post-exploitation (e.g. dumping chrome cookies) Social engineering – Repeatedly spamming users […]

Read more

Smarter XDR Demands Email Security

XDR is often focused upon the endpoint, but what about the original entry point into the organization – email? Learn how Mimecast’s email security provides valuable threat sharing capabilities to connect your controls, improves your response during a breach and leverages one of the most extensible ecosystems to choose the XDR solution appropriate for your […]

Read more

BlackBerry XDR: Even the Odds

Is your organization’s SOC struggling to keep up with the latest innovations? BlackBerry’s XDR is here to even the odds with automation and artificial intelligence that delivers a cohesive, holistic view of your technology landscape.

Read more

What is Linux Kernel Keystore and Why You Should Use It in Your Next Application

Did you know that Linux has a full-featured keystore ready to be used by any application or service it runs? Applications can securely store and share credentials, secrets and cryptographic keys, sign and encrypt data, negotiate a common encryption key – all this by never touching a single byte of the underlying cryptographic material. This […]

Read more

10th Anniversary FAILtacular!

They’ve let us do this 10 times now. It’s either SecTor’s longest running joke or the single most successful panel in the history of Canadian Security Conferences – it’s the “Littlest Hobo” of Security! As in years past, you’ll be treated to time with a distinguished panel of guest speakers (who are rarely told beforehand […]

Read more

A Diamond is an Analyst’s Best Friend: The Diamond Model for Influence Operations Analysis

Malign influence is one of the greatest challenges the world faces today. State-sponsored threat actors, criminals, and political actors alike are weaponizing information in online spaces to thwart elections, incite social division, disrupt supply chains, and manipulate markets. Due to the inherent overlaps in modern day digital influence campaigns and cyber intrusion campaigns, information security […]

Read more

Under the Hood of Wslink’s Multilayered Virtual Machine

In October 2021, we published the first analysis of Wslink – a unique loader likely linked to the Lazarus group. Most samples are packed and protected with an advanced virtual machine (VM) obfuscator; the samples contain no clear artifacts and we initially did not associate the obfuscation with a publicly known VM, but we later […]

Read more

FAIR STRIDE – Building Business Relevant Threat Models for AppSec

Have you ever wondered what the ROI is on a security control? Or whether you should spend time fixing 2 highs or 47 mediums? FAIR STRIDE is a method for creating application threat models that can answer these questions by feeding the output from STRIDE into a quantitative risk model like FAIR rather than a […]

Read more

“What do you Mean Moose Meat?” Advancing Resilience Through Preparing for the Unexpected.

EXERCISE, EXERCISE, EXERCISE Despite efforts by organizations of all sizes to maintain a tight security posture, cyber intrusions still occur. Ensuring that your business effectively responds to cyber incidents is essential to maintaining a resilient cyber defense for todays and tomorrow’s threats. To combat these threats, organizations need to invest in the development and sustainment […]

Read more

The Vastaamo Data Breach

In October of 2020 Vastaamo, a chain of psychotherapy clinics with over 30.000 patients, was forced to admit that their patient database had been stolen. The database contained the therapist’s notes and personally identifying information for tens of thousands of Finnish citizens. The criminal, only known as RANSOM_MAN, was trying to exert pressure on the […]

Read more

New Minimum Cybersecurity Requirements for Cyber Insurance

The COVID-19 pandemic helped the cyber insurance industry make record-breaking revenue growth in 2020. But it also saw record profit loss. This decline led insurance companies to alter their client coverage requirements, placing stricter cybersecurity conditions for eligibility. This session will dive into what organizations need to do in order to meet these requirements. The […]

Read more

The COW (Container On Windows) Who Escaped the Silo

Virtualization and containers are the foundations of cloud services. Containers should be isolated from the real host’s settings to ensure the security of the host. In this talk we’ll answer these questions: “Are Windows process-isolated containers really isolated?” and “What can an attacker achieve by breaking the isolation?” Before we jump into the vulnerabilities, we’ll […]

Read more

The Development of a Completely Unsupervised Machine Learning Pipeline for Security Analytics – from Ingestion to Analytics

Since the proliferation of data science applications in cyber security, there has been a complimentary division in the approaches to threat detection: Traditional and Machine Learning (ML). The traditional approach remains the predominate method in cyber security and is primarily based on identifying indicators-of-compromise via known signatures. On the other hand, ML applications are focused […]

Read more

A Transformation Blueprint for Developer-First Security

The traditional approach to quality assurance (QA) was disrupted when the Agile movement caused most development teams to start taking at least partial ownership of the quality of their products. The cloud-native and DevOps movements similarly disrupted traditional IT Ops. These were not mere shifts to the left, they all involved fundamental changes to mindset, […]

Read more

Innovation and Evolution – How Medical Device and IoT Profiles Have Evolved – But So is Your Attack Surface

In recent years, with the wake of numerous attacks, there has been a push to understand the risks posed by smart devices. While helping revolutionize the way the world operates, the innovation and convenience has often overshadowed – and sometimes completely – their security implications. This talk discusses the evolution of the ‘traditional’ device profiles […]

Read more

Toronto Communities Keynote

Toronto has a vibrant and active security community. Join the founders and leaders of 6 of Toronto’s most active security communities for a “fireside chat”. Why do these communities exist? What are they up to these days? What are they working on next? How can you get involved? Join what will be a fun and […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!