Developing Your Career in IT Security (2017)

The IT security industry continues to rapidly evolve. With this rate of change comes both opportunity and challenges. There are more areas of specialization and more types of employers to apply them to. Come to what will certainly be a spirited and exciting panel session on how very different segments of the industry are viewing […]

Read more

Fighting Cyber(in)security

In this epoch of big data, we have reached a cybersecurity crisis – over 4 billion personal accounts compromised just in the past few years, not to mention multiple power grids. Advanced technologies, ranging from blockchain to quantum computing are emerging, but there are still big questions about how they can help. Fortunately, a band […]

Read more

Winning Defense

In this keynote, Allison Miller will explore how today’s defenders are protecting consumers/platforms from online threats, at scale. Deflecting exploits and vulns is a full-contact sport, but designing for the “human factor” also means mapping out complex sets of incentives and interdependencies, requiring new approaches to thinking about security, risk, & trust. Allison will discuss […]

Read more

Security and Privacy in a Hyper-connected World

We’ve created a world where information technology permeates our economies, social interactions, and intimate selves. The combination of mobile, cloud computing, the Internet Things, persistent computing, and autonomy are resulting in something different. This World-Sized Web promises great benefits, but is also vulnerable to a host of new threats. Threats from users, criminals, corporations, and […]

Read more

Prosperity and Security: A Renewed Approach to Cyber Security for Canada

The context within which Canada’s 2010 cyber security strategy was conceived is radically different from today’s reality. The significant evolution in the variety and impact of cyber threats, the profound influence that the digital environment now has on the economy, and the rapid emergence of ground-breaking technologies is driving a new approach to cyber security […]

Read more

Developing your Career in IT Security

2:55 to 3pm: Introduction (Brian Bourne) 3 to 4pm: Career Panel Panel Session: Developing Your Career in IT Security The IT security industry continues to rapidly evolve.  With this rate of change comes both opportunity and challenges.  There are more areas of specialization and more types of employers to apply them to.  Come to what […]

Read more

Defense Against the Dark Arts: Examining, Fixing and Fighting for our Cyber Defenses

We live in an age where spies have weakened our security in the wake of 9/11, while hackers and digital security breaches ensure compromised data is made instantly available to billions of eyes. So what should we know, and what can we do to protect ourselves and our interests, and how can we defend our […]

Read more

Securing Our Future

Technology around us is changing faster than ever. We’ve already become dependent of our digital devices, and this is just the beginning. As connected devices open new opportunities for imagination, they also open up new opportunities for online criminals. Where are we today? Where are we going? And how are we ever going to secure […]

Read more

Retaking surrendered ground: making better decisions to fight cybercrime

Every organisation that stores, processes or transmits valuable data will fall victim to a cybersecurity breach. But why? If we know the enemy is coming, and how they’re going to attack, why can’t we stop them?  Or even put up a good fight?  New research makes it clear that for the past 15 years we […]

Read more

It’s 2016: What can you do about gender balance in Information Security?

Successfully defending against modern threats requires information security teams to possess the right balance of hard and soft skills for engaging business and technology groups to secure an organization. This is creating more opportunities for women from a variety of backgrounds to join this industry, make positive contributions in a variety of ways and to […]

Read more

Big Data Needs Big Privacy … Enter Privacy by Design

While some believe that fundamental privacy protections will be challenged by the operation of Big Data analytics, Dr. Cavoukian dispels the notion that privacy acts as a barrier to analytics and the innovations they can spark. She argues that the limiting paradigm of “zero-sum” – that you can either have privacy or innovation, but not […]

Read more

Maturing InfoSec: Lessons from Aviation on Information Sharing

If we’re honest, we’re still making a lot of this security stuff up as we go, much like early pilots. The public was afraid of air travel and now it is a critical part of our lives. We wrestle with how to mature our profession. I believe information sharing will be one of the key […]

Read more

IT Security Operations: Successful Transformation

As technologies like Cloud and Mobility and processes like Agile Development have become mainstream, many enterprises large and small, have challenges not only keeping pace and leveraging these technologies to grow their business but also reducing risk to the business in an interconnected world. This session will provide best practices and experience from a CISO’s […]

Read more

Globalization of Cybercrime

Cybercrime continues to evolve into a truly transnational phenomenon. Highly technical and organized individuals with clear financial motivation continue to target our financial, retail, and service sectors. Only by understanding the origin and motivation of these criminals can the problem be properly confronted. This presentation will also include a present-day case study on criminal actors […]

Read more

The Connected Car: Security Throwback

What, the car got hacked – how? We all take for granted technology we use every day and especially items that have been around for a while, such as the car. Many of us think about the physical security of cars in terms of locks and immobilizers, but as technology innovation moves forward, so should […]

Read more

The Extinction of Trust

Nation State Actors in the so-called “cyber domain” are nothing new. But what a little while ago was considered talk from people wearing hats made from kitchen supply, recently became the concern of many, even some who should care about it. Unfortunately, selectively revealed bits and pieces of data don’t answer the questions of “what” […]

Read more

$#!T My Industry Says. . .

The Security Industry says a lot of ‘stuff’ about a lot of things, and most of the time it just feels like noise. What does an Internet of Things really mean? Is SDN (Software Defined Networking) something you should care about, or should we just wait for the next networking buzzword? This session explores the […]

Read more

New Era Risk Management: Using Information to Predict, Understand and Mitigate Organizational Threats

Risk is unavoidable, whether your organization is operating domestically or is interconnected globally. Which threats—from cyber and foreign influence to terrorism and espionage—are most critical to Canadian interests? How do Canadian firms or entities operate effectively and securely abroad? In this unique and enlightening talk, Ray Boisvert goes beyond the typical “security” speech to explore […]

Read more

Why We Need DevOps Now: A Fourteen Year Study Of High Performing IT Organizations

Gene Kim has been studying high-performing IT organizations since 1999. He is the author of the highly acclaimed “Visible Ops Handbook,” “The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win,” and founder of Tripwire, Inc. He will be presenting his findings from an ongoing study of how high-performing IT organizations simultaneously […]

Read more

Tech it out

If you thought today’s tech was cool, to quote ’70s rocks Bachman-Turner Overdrive, “baby you ain’t seen nuthin’ yet.” This lighthearted yet informative chat focuses on 10 mind-blowing future technologies worth getting excited about. From wearable tech (like Google Glass) and virtual reality (VR) headsets to flying cars and space tourism to domestic robots and […]

Read more

How the West was Pwned

Can you hear it? The giant sucking sound to the East? With it are going more than just manufacturing jobs — it’s our manufacturing know how, intellectual property, military secrets, and just about anything you can think of. If we’re one of the most advanced technological nations on Earth, how are the People’s Republic of […]

Read more

Crossing the line; career building in the IT security industry

Ever crossed the line in order to learn your trade in the security world? Or perhaps is there really a line? A recent study suggests that many of us feel that in order to build our careers in the IT security industry, the line might blur to help us learn. A common thread is that […]

Read more

How NOT to do Security: Lessons Learned from the Galactic Empire

Join Kellman for a critique of the LucasFilm epic, from the perspective of a security audit. He will review the security procedures and practices of the Galactic Empire, and see what they did well, but more importantly, learn from the mistakes they made. Prepare for a discussion on security policies and procedures, applied during the […]

Read more

Global Efforts to Secure Cloud Computing

In this session, CSA will present the key security problems of Cloud Computing that are being faced by the industry. They will provide information about activities in the public and private sector around the world to develop standards, guidelines and innovation for cloud security. They will also provide an overview of key tools and best […]

Read more

Exploring the NFC attack surface

Near Field Communication (NFC) has been used in mobile devices in some countries for a while and is now emerging on devices in use near you. This technology allows NFC enabled devices to communicate with each other within close range, typically a few centimeters. It is being rolled out as a way to make payments, […]

Read more

When Does Lawful Access Become Lawful Surveillance: The Future of Lawful Access in Canada

In February 2012, the Canadian government introduced “lawful access” legislation that granted new powers to law enforcement to access private communications and require telecommunications providers to install new surveillance capabilities. The bill generated a massive public backlash as Canadians loudly rejected the bill and pressured the government to reconsider its surveillance plans. Michael Geist played […]

Read more

Thinking Differently: Bringing the Hacker Mindset to the Corporate Environment

Hackers think differently. They create new, innovative, and novel solutions to technical problems that are often deemed too difficult to solve. From Thomas Edison to Steve Wozniak to Richard Stallman, hackers have helped shape the world we live in. Corporations, on the other hand, are generally more rigid in their approaches to problem solving and […]

Read more

The Bizarre Business of Rogue Internet Pharmacies

Krebs’s talk will focus on the bizarre business of rogue Internet pharmacies. Krebs has logged hundreds of hours of interviews with the proprietors of the two largest online pharmacies, and has access to more than four years’ worth of data on who bought and sold drugs for these programs. Told through the eyes of the […]

Read more

Trust me, I am a cloud vendor!

Ever woken up to a news story about a major Cloud issue and realized it didn’t just happen to the other guy? Along with Cloud adoption, there is often a feeling of loss of control, especially when we see or experience issues such as outages, security breaches and information leakage. Ever more frequently service providers […]

Read more

Online Espionage

Espionage is all about collecting information. Today, information is stored on computers and networks, making them potentially accesible from anywhere in the world. As a result, state-sponsored espionage is happening increasingly with computer attacks such as backdoors and remote trojans. Why was RSA Security hacked in spring 2011? How did they do it? Come and […]

Read more

Involuntary Case Studies in Data Security

It is absolutely backwards, but while the bad guys constantly share details of their exploits, including techniques, when it comes to real incidents, actual defenders rarely talk about what worked, and what didn’t. In this session, Mike Rothman will name names as he builds in-depth case studies based on publicly available information, some of which […]

Read more

Today’s Face of Organized Cyber Crime: A Paradigm for Evaluating Threat

Traditional organized crime syndicates and urban street gangs are well understood by law enforcement officials. They have a hierarchy, defined geographic area of influence, and established business model. Cyber criminals, however, are more difficult to categorize. Mr. Kelly will deconstruct “organized” cyber crime and explore a new paradigm for evaluating the threat it poses to […]

Read more

Attribution for Intrusion Detection

With today’s evolving threat landscape, and the general failure of AV to keep bad guys out of the network, effective intrusion detection is becoming extremely pertinent. Greg will talk about using attribution data to increase the effectiveness and lifetime of intrusion detection signatures, both host and network. Within host physical memory, software in execution will […]

Read more

The Problem with Privacy is Security

Privacy advocates tend to spend a lot of time refuting the high profile discussions about the pending death of privacy, particularly online. This focus would be better spent addressing the cause: security. Identifiable information about us pops up in places you wouldn’t expect, leaving a detailed virtual trail. Security mechanisms force the recording, monitoring and […]

Read more

A day in the life of a hacker…

When you check into a hotel room, do you see the elegantly understated, calm yet energising modern styling, providing you with the ultimate in traveller comfort, or is it the hotel safe, pay per view tv, automated minibar and RFID door lock that gets your attention? Is the ATM in the lobby a convenient place […]

Read more

Consumer Internet Identity.

Andrew Nash senior director of identity services, PayPal Consumers have too many online identities – they must remember dozens of accounts and passwords, consumer Internet interactions are repetitive, frustrating and littered with outdated information. The scale of the problem is immense; hundreds of millions of Internet users interact with tens of millions of Internet Service […]

Read more

The Frogs Who Desired A King: A Virtualization and Cloud Computing Security Fable Set To Interpretive Dance

Aesop wrote a little ditty about some discontented frogs who lived in a pond. They asked Zeus for a new King. They got one. It ate them. The moral of this story is “be careful what you wish for as you might just get it.” The corresponding analog is that of virtualization and cloud security. […]

Read more

Security in the Real World

Security in the Real World – Panel of Experts

Read more

No-Tech Hacking

Based on the book No-Tech Hacking, this presentation shows life through the eyes of today’s hacker. I’ll show what kinds of tactics a hacker will employ and the perspective they have that allows them to stay one step ahead of the good guys. I’ll focus on the hacker mind, showing in a compelling way the […]

Read more

What I took with me when I ‘left’ Computer Security

Known by most by his email name, ‘Stepto’, Stephen Toulouse was involved in some of the most fundamental security incidents and decisions made at Microsoft over the past several years. In 2007 Stepto moved from Microsoft’s Trustworthy Computing division to pursue his lifelong dream of being paid to play video games and work for the […]

Read more

Opening Keynote

Opening Keynote” – David Black, Manager, Cyber Infrastructure Protection Section RCMP, Technical Security Branch

Read more

Web Application Worms: The Future of Browser Insecurity

The traditional conception of web application security covers how attacks piggyback HTTP(S) through a firewall to attack servers. Yet this is a bidirectional path; web browsers can be attacked by compromised sites with malicious payloads. Such attacks exploit assumptions of trust and security between the browser and web site. HTML, JavaScript and similar engines like […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required