Past Events



Sesssions


12:00 - 13:15 Keynote Hall '

Toronto Communities Keynote

Toronto has a vibrant and active security community. Join the founders and leaders of 6 of Toronto’s most active security communities for a “fireside chat”. Why do these communities exist? What are they up to these days? What are they working on next? How can you get involved? Join what will be a fun and […]

Keynote
Brian Bourne
Nick Aleks
Opheliar Chan
Max Cizauskas
Lee Kagan
Helen Oakley
14:45 - 15:45 Tech 3 (801B) '

Cloud Adoption – Trends and Recommendations for Security Teams

Organizations adopting cloud-based delivery are often at a loss as to how to navigate the technological and organizational changes introduced by this movement. Are we ahead? Are we behind? Do we really need to deploy to production hourly? What about security? This presentation provides insights from 451 Research’s view of technology and security trends as […]

Tech
Fernando Montenegro
14:45 - 15:45 Management (718B) '

Pentesting for Success – Critical Success Factors

Most organizations conduct a vulnerability assessment or penetration test of their network as part of their security program. Testing may be conducted by employees, or by external specialists, and the results may be used to comply with regulations such as PCI DSS, or they may just satisfy your sense of “security’s being done right”. However, […]

Management
Robert Beggs
11:30 - 12:00 Security Fundamentals (714AB) '

Got DA?

Penetration Tests and/or Red Team Engagements are usually aimed at getting the highest level of privileges in an organization’s Active Directory domain aka Domain Admin. However, what most teams miss or simply ignore is the fact that there are things that can be done even when you have obtained Domain Admin privilege. This talk’s primary […]

Sponsor Track
Hamza Gondal
10:45 - 11:15 Theatre (803AB) '

Catching and Cleaning Phish (for O365)

Attackers keep getting cleverer with their phishing attacks and if you’re a high value target or a large enterprise you’re probably also getting many targeted attempts every day. This session will cover the best practices for O365 for detecting, removing and investigating phishing attempts against an O365 tenant.

Sponsor Track
Jim Banach
10:15 - 11:15 Tech 2 (801A) '

IoT Security: An Insiders Perspective

The IoT industry is often lambasted for lax security, however it does face unique challenges. This talk brings expertise from a veteran security engineer who has spent the last few months embedded (hah!) in an IoT manufacturer, working on security from the inside. We will explore some of the unique challenges in this space, and […]

Tech
Lee Brotherston
16:00 - 17:00 Tech 3 (801B) '

Profiling Fraudsters from the Darknet to ICQ

Anonymity tools such as the tor network and cryptocurrencies are increasingly adopted by fraudsters to hide their tracks. They have enabled a darknet underground economy that centers around online illicit markets which has generated over USD$500 million in sales in the past year. Within online illicit markets, fraudsters create profiles and post ads for their […]

Tech
Mathieu Lavoie
16:00 - 17:00 Tech 2 (801A) '

Chip.Fail – Glitching the Silicon of the Connected World

All smart devices, from cars to IoT, are based around processors. Often these processors are not considered as part of the threat model when designing a product. Instead, there is an implicit trust that they just work and that the security features in the datasheet do what they say. This is especially problematic when the […]

Tech
Thomas Roth
14:45 - 15:45 Tools (716AB) '

Visualizing Your Security Posture from Link, to Gateway, and Beyond

The intersections between IT, OT, and (I)IOT has continued to fuse multiple domains within the organization. And in a world where we need to fully understand our security posture and react to the world around us, visualization is key. During this presentation we will dive deep on the toolsets, tradecraft and methodologies to render (visualize) […]

Tools
Joe Cummins
14:45 - 15:45 Tech 3 (801B) '

Poisoned RDP Offense and Defense

It’s safe to assume that many people reading this text have heard of using the Remote Desktop Protocol (RDP) to connect to other machines. But has anyone ever considered that merely using RDP can compromise their own computer? In this talk, we will not be covering a typical RDP vulnerability where a server is attacked […]

Tech
Dana Baril
16:00 - 17:00 Tech1 (718A) '

Powershell is Dead. Long Live C#

The PowerShell bubble has burst. With offensive use going down and detections and defences rising, the need for an alternative means to operate offensively against Windows environments is well underway and a big part of that is due to C# and .NET. In this presentation, Lee will take the audience through the rise of weaponized […]

Tech
Lee Kagan
12:00 - 13:15 Keynote Hall '

Do you trust or fear technology?

Our future is inseparable from technology and the choices we make will determine if we trust or fear the infrastructure our societies are built on. We as the people that dream, design, implement and talk about technology are seminal to determining which direction the world around us takes. What we do and say today really […]

Keynote
Jeff Moss
09:00 - 10:00 Keynote Hall '

Made in Canada – the Significance of Canadian Security Technology

From startups to large enterprise to academia, Canada has more influence on the global security market and innovation than one might expect. This panel will discuss Canadian businesses’ stance in IT security and take a forward look at what it will take to become a stronger competitor in world markets. Expect conversation from funding innovative startups to […]

Keynote
Brian O’Higgins
Stephan Jou
Leo Lax
Leah MacMillan
Michele Mosca
11:30 - 12:00 Tech1 (718A) '

Enabling Zero Trust with Artificial Intelligence

The Zero Trust security model assumes a hostile network with relentless external and internal threats. Authenticating and authorizing every device, user and network flow requires real-time algorithmic processing of telemetry from as many sources of data as possible. Applying mature machine learning data science to the Zero Trust problem provides a wholistic solution to multiple […]

Sponsor Track
Chris Pittman
14:45 - 15:45 Management (718B) '

The Year in Cybersecurity Law

CIPPIC is the Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic, Canada’s only public interest technology law clinic. CIPPIC is based at the University of Ottawa’s Centre for Law Technology and Society. In this session, CIPPIC staff will review the year’s legal developments in cybersecurity and provide a look ahead at what we might expect […]

Management
David Fewer
10:15 - 11:15 Security Fundamentals (714AB) '

How to Build an Insecure System out of Perfectly Good Cryptography

Cryptographers focus on provably secure cryptographic primitives. Standards bodies focus on syntax of messages. But there are many system issues that get ignored, leading to interesting security problems. Examples include trust models for PKI, misuse of web cookies, naming issues, and placing unreasonable demands on users. This session provides lessons on and mechanisms for avoiding […]

SECurity FUNdamentals
Radia Perlman
13:30 - 14:30 Management (718B) '

Outrunning the Avalanche of Unmanaged, Un-agentable Devices

There’s a torrent of unmanaged, un-agentable devices sweeping across businesses in every industry. From devices like smart TVs, MRI machines, patient infusion pumps, industrial device controllers, and manufacturing robotic arms, to printers, smartwatches, smart HVACs, and badge readers. These devices form an attack surface which is neither protected by nor monitored by traditional security products. […]

Management
Nadir Izrael
13:30 - 14:30 Tools (716AB) '

The Tools of a Web App Pentester

During a web application penetration test, a tester often encounters different technology stacks and security controls implementations that requires the use of different tools and testing approaches. While commercial tools are often available for these specific scenarios – these can be hard to get in a short time frame (and can be very costly if […]

Tools
Chuck Ben-Tzur
10:15 - 11:15 Management (718B) '

Beyond Spam: Using CASL to Stop the Spread of Malware in Canada

The purpose of this session is to explain the less well-known aspects of the Canadian Anti-Spam Legislation (CASL or the Act) and illustrate those in action through a series of case studies based on the actual enforcement activities of the Canadian Radio-television and Telecommunications Commission (CRTC). In so doing, we aim to position CASL as […]

Management
Neil Barratt
11:30 - 12:00 Tools (716AB) '

Risk Transformation: Plan-Build-Run in a World Without Time

Life is rough for a security leader! The security product landscape is increasingly complicated but seems to always lag behind malicious actor capabilities. Organizations need proven security programs that demonstrate visible ROI, but once-vaunted security concepts have been sacrificed upon the altars of speed and mobility. Organizational leadership-level involvement has never been greater, offering access […]

Sponsor Track
Chris Gray
13:30 - 14:30 Tech1 (718A) '

FAIL Panel: I Quit Securi7y

In order to save the security industry, someone had to quit or be fired. Is this the ultimate fail or the only way to beat Thanos? This year’s panel includes all the best viewpoints: a vendor, an academic, a startup, and a quitter. Half the panel does more operations work than security work and has […]

Tech
James Arlen
Rich Mogull
Nick Johnston
Dave Lewis
13:30 - 14:30 Tools (716AB) '

Step by step AWS Cloud Hacking

This talk focuses on real-life exploitation techniques in AWS cloud and the tools used to perform them. We will focus on these steps: Identify a server-side request forgery Gain access to instance meta-data credentials Enumerate IAM permissions Privilege escalation Connecting to internal VPC services via VPN Multiple tools, such as nimbostratus, enumerate-iam, Pacu and vpc-vpn-pivot […]

Tools
Andrés Riancho
13:30 - 14:30 Tech 2 (801A) '

Threat hunting in the cloud

Threat hunting in the cloud is something that is not often talked about from a security strategy perspective. This talk will specifically cover techniques that can be used to support hunting within cloud environments. Recently, we have seen both Amazon and Microsoft release traffic mirroring capabilities within cloud environments which has allowed traditional network security solutions […]

Tech
Kurtis Armour
Jacob Grant
11:30 - 12:00 Tools (716AB) '

Revitalizing the Scotiabank SOC with Big Data Security Analytics and Automation

Behavioral analytics helps IT professionals predict and understand consumer trends, but it can also assist CISOs in understanding potential threats—and unearthing them before they wreak major havoc. Additionally, automation helps to respond rapidly, thus reducing your mean time to resolve (MTTR) and improve SOC efficiency. Join this session to discuss: Using behavior analytics as a […]

Sponsor Track
Rob Knoblauch
11:30 - 12:00 Tech 2 (801A) '

Identity – the Foundation of your Zero Trust Architecture

The evolution to a mobile and cloud-first approach to IT has made the old perimeter-centric view of security obsolete. We are opening our systems, information, and businesses to access from anywhere at any time. In this new reality we need to securely enable, manage, and govern access for all users, from employees to partners, customers, […]

Sponsor Track
Robin Wilson
Madhu Mahadevan
11:30 - 12:00 Tech 3 (801B) '

Beyond the Ones and Zeros: Aligning Effective Infosec and People Leadership Principles

It was the best of times, it was the worst of times… that pretty much sums up infosec today. We can’t figure out how to align to our businesses effectively, we love our silos, and constantly hire the wrong people. This presentation will address common issues in information security and people leadership areas, giving you […]

Sponsor Track
Michael Cole
14:45 - 15:45 Tools (716AB) '

Car Hacking on Simulation

Cars are no longer simply mechanical. While they may be getting more advanced that doesn’t mean they are immune to hacks. One particularly sensitive entry point for hacking a car is the legally required OBD II port, which is basically “the Ethernet jack for your car”. This port works on a signaling protocol called CAN […]

Tools
Rohan Aggarwal
14:45 - 15:45 Tech 2 (801A) '

Malware in Google Play: Latest tactics used to penetrate the official app store

This presentation focuses on the malicious actors’ efforts to introduce and spread malicious apps through the Google Play app store, and how various players (consumers, internet providers, security firms, etc.) can help to thwart these efforts. One of the most common ways of conducting cyber security attacks (beside phishing) is through trojenized applications that end […]

Tech
Corneliu Nitu
10:15 - 11:15 Tools (716AB) '

Using Static and Runtime Analysis to Understand Third-Party Applications

Modern software applications are complex, highly integrated collections of components, authored by dozens or even hundreds of individuals, and the rise of open source has taken this complexity to the next level. As an end-user, how well do you understand what a piece of software is *actually* doing, under the hood? Is your favorite string […]

Tools
Guy Acosta
16:00 - 17:00 Security Fundamentals (714AB) '

The CIS Critical Controls for Free – Defend all the Things!

The CIS Critical Controls are recognized as a good start in setting up a defensible infrastructure. They are platform / OS agnostic, aren’t driven by vendor agendas, and are very much community and volunteer driven. In this talk, we’ll discuss a typical organization, one that we’d see in many security engagements. We’ll discuss the various […]

SECurity FUNdamentals
Rob VandenBrink
13:30 - 14:30 Security Fundamentals (714AB) '

A Few Things Right: Insights from Live and Simulated Incident Response Failures

While we continue to support the concepts of compliance, defense, governance, and prevention, it’s time to shift our focus beyond those measures with more emphasis on strategic response to incidents. This talk offers real stories of failure and practical, quick-win lessons on how to be prepared to respond quickly, accurately, and confidently when incidents occur. […]

SECurity FUNdamentals
Chad Calease
16:00 - 17:00 Tools (716AB) '

OWASP Find Security Bugs: The community static code analyzer

The Web application development lifecycle has numerous security activities. For developers, code review is a familiar recurring activity. To support Java developers, a project was started in 2012 called, “Find Security Bugs” (FSB). It is an extension of the SpotBugs project, formerly known as FindBugs. FSB is a community static analysis tool which targets specific vulnerabilities. Over the years FSB has evolved from a limited tool to a solid coverage of bug […]

Tools
Philippe Arteau
13:30 - 14:30 Tech 3 (801B) '

Hashes, hashes everywhere, but all I see is plaintext

I will recap traditional cracking techniques before utilising combinator attacks to challenge recent password guidance of passphrases over passwords. I will then focus on more advanced methods, leveraging additional tools to launch attacks such as Fingerprint, PRINCE and Purple Rain. Non-deterministic techniques will be shown that are designed for infinite runtime, resulting in candidate generation […]

Tech
Will Hunt
10:15 - 11:15 Tech 3 (801B) '

Post-Quantum Manifesto

In recent years, the threat to the public key infrastructure posed by quantum computers has gained some attention. Standards agencies such as NIST and ETSI have begun efforts to standardize encryption and signature algorithms that are quantum resistant. This talk will introduce attendees to the threat posed by quantum computing and explain which parts of […]

Tech
Philippe Lamontagne
10:15 - 11:15 Tech 2 (801A) '

The SOC Counter ATT&CK

The goal of the talk is to answer a few questions we often see or hear : “ATT&CK is nice and all, but how do I (we) get started?”, “How can I (we) detect those TTP?”, “Why use the ATT&CK Framework?”, etc. The ATT&CK Framework from Mitre is the new honest in the InfoSec world. […]

Tech
Mathieu Saulnier
14:45 - 15:45 Tech1 (718A) '

Major Pitfalls to Avoid in Performing Incident Response in AWS

When performing Incident Response in a platform where infrastructure and data is just as quickly destroyed as it is created, speed and efficacy are paramount. While AWS provides a wide gamut of tools and capabilities to effectively harness the cloud, it’s often a daunting task to understand which tools to use for what, when, and […]

Tech
Jonathon Poling
13:30 - 14:30 Tech1 (718A) '

Into the Fog – The Return of ICEFOG APT

In 2013, a public report revealed a group of actors conducted targeted attacks leveraging a malware dubbed ICEFOG against mainly government organizations and the defense industry of South Korea and Japan. Little has been published about the activities of ICEFOG malware since the report was released more than six years ago. However, despite a pause […]

Tech
Chi-en Shen (Ashley)
10:15 - 11:15 Management (718B) '

Securing pipes with TACOs

TACO is an acronym I use with clients to help them map controls from their software delivery pipelines to the organizational controls. TACO stands for Traceability, Access, Compliance, and Operations. The approach consists of a base list of 25 automatable controls that are documented and the control activity, artifacts and SOR identified. After mapping how […]

Management
Peter Maddison
11:30 - 12:00 Management (718B) '

The Race Against the Adversary: How to Win in the Era of the 18 Minute Breach

This exclusive session delves into the details of some of CrowdStrike’s most eye opening breach investigations of the past year and highlights the need for speed in modern security operations centers. See new research on “breakout time” and learn how you can use the 1-10-60 Rule to benchmark your organization and see if you have […]

Sponsor Track
Serge Bertini
11:30 - 12:00 Tech 2 (801A) '

AI, Intelligently. A Current Look into AI in Cyber Security.

Algorithms are being used to choose who lives and who dies. Computers are being programmed to make ethical decisions that impact every facet of our lives. Based on the ethics of cyber-criminals, Check Point has made another gigantic leap forward by teaching our gateways to use algorithms to detect the DNA of Malware in an […]

Sponsor Track
Robert Falzon
14:15 - 14:45 Theatre (803AB) '

Data Governance for Risk Reduction and Value Creation

In this session, we will explore how organizations can adopt a single data governance framework to discover and protect sensitive data while mitigating cyber risks, reducing storage costs and addressing increasing privacy regulations.

Sponsor Track
Neil Correa
16:30 - 17:00 Theatre (803AB) '

Your Tools are Protecting the Network but What is Protecting the Tools?

With the increased focus on cybersecurity over the past several years, organizations are proactively adopting security practices and deploying security solutions to harden their networks. This is in the hopes of not being the next victim of a security breach. The emphasis on securing the network perimeter has driven organizations to deploy multiple inline security […]

Sponsor Track
Matthew Adams
11:30 - 12:00 Security Fundamentals (714AB) '

Expand your cybersecurity program with complete visibility!

As enterprises face pressure amid growing internal and external compliance requirements, these organizations are looking for ways to expand visibility throughout their environments. Mark Holub offers insights on how companies can gain visibility throughout their environments to improve asset management, software inventory, vulnerability assessment, configuration compliance and more. Using real-world examples and forward-looking principles, Mark […]

Sponsor Track
Mark Holub
11:30 - 12:00 Theatre (803AB) '

Modern MDR and Machine-Accelerated Human Response

The cybersecurity market is teeming with new tools and technologies, each promising to detect and respond to threats better than the rest. But if your business is like most, you’re probably struggling with a shortage of security-focused manpower and expertise to manage those tools with skill, speed, and precision. The reality is that effective security […]

Sponsor Track
Karl Ackerman
10:45 - 11:15 Theatre (803AB) '

Phishing Defense: The Art of Human Intuitive Repulsion

As human beings we often sense when things aren’t quite right. The same is true as it applies to cybersecurity. This session examines why human intuition is a key part of any organization’s phishing defense. Learn about the types of phishing attacks seen in the wild, how attackers evolve their tactics to avoid perimeter controls, […]

Sponsor Track
Jason Meurer
13:30 - 14:00 Theatre (803AB) '

Chaos, order and the road forward – perspectives on evolving cybersecurity

Never before has the creation and preservation of value depended so much on effective cyber security, nor has the means to “getting security right” been so complex. Many aspects of traditional security management are urgently being reconsidered as security teams seek to stay aligned with the characteristics of the modern enterprise and ahead of the […]

Sponsor Track
Gary Miller
15:00 - 15:30 Theatre (803AB) '

The Value of Threat Intelligence

This presentation is a non-technical look at the benefits of threat intelligence and the challenges that organizations face when attempting to utilize and operationalize threat intelligence within their infrastructure. Existing resources (human and infrastructure), security tools, the difference between threat data sources and cybersecurity program maturity are just a few of the areas we will […]

Sponsor Track
David Empringham
11:30 - 12:00 Tech 3 (801B) '

Key elements to prioritizing security vulnerabilities and risks

Join Scalar, a CDW Company for a discussion on the key elements to prioritizing your security vulnerabilities and risks. Taking a holistic approach to risk management, we will help you understand how to follow best practices and manage your risk effectively and efficiently. Darren and Benjamin will go through some of the key elements that […]

Sponsor Track
Darren Chin
Benjamin Li
13:30 - 14:00 Theatre (803AB) '

Code Signing: What You Don’t Secure Can Hurt You

When you sign a piece of code, you make a statement that it comes from your trusted brand and that you stand behind it. But what happens when that trust is broken? Recent attacks underscore the importance of managing reputational risk. As attackers become increasingly skilled in the art of signing and spreading malware, technologists […]

Sponsor Track
Ryan Sanders
Jack Palivoda
14:15 - 14:45 Theatre (803AB) '

ARUBA + ZSCALER = Better Together Network Transformation

Risk is a balance between security and usability, when security is too restrictive users naturally find ways around it. As organizations seek to improve the user experience and while maintaining the required level of security, questions of risk arise. How do we deploy Cloud solutions with direct to Internet connectivity and still maintain visibility over […]

Sponsor Track
Bil Harmer
Raja Sundarrajan

Sponsors


Blackberry Cylance

Gold

Check Point

Gold

CrowdStrike

Gold

Forcepoint

Gold

Fortinet

Gold

HP Inc.

Gold

Microsoft

Gold

Okta

Gold

Optiv

Gold

Qualys

Gold Networking Reception

Rapid7

Gold Networking Reception

Sailpoint

Gold

Scalar, a CDW Company

Gold

Securonix

Gold

Anomali

Silver

Aruba

Silver

Bell

Silver

Cisco

Silver

Cofense

Silver

Illumio

Lounge Silver

IXIA a Keysight Business

Silver

Keyfactor

Silver

Micro Focus

Silver

NETSCOUT

Silver

Recorded Future

Networking Reception

Sophos

Silver

Symantec

Silver

Trend Micro

Silver

Zscaler

Silver

3M

Bronze

AGARI

Bronze

Arcon

Bronze

BackBox

Bronze

BitSight

Bronze

BMO Financial Group

Bronze

BSI Group Canada

Bronze

Calian

Bronze

Carbon Black

Bronze

Checkmarx

Bronze

CIRA

Bronze

Compass Security

Bronze

Corero Network Security

Bronze

CyberArk Software Inc.

Bronze

Datex Inc.

Bronze

Dell Technologies

Bronze

Devolutions

Bronze

esentire

Bronze

ESET

Bronze

exabeam

Bronze

Expanse

Bronze

Speakers


Brian Bourne

Brian Bourne

Director and Co-Founder, Black Arts Illuminated


Brian has a passion for security and has been an active member of the IT security community for over 25 years. Being part of the IT community has always been important to Brian and his entrepreneurial spirit and industry experiences are what helped establish TASK and SecTor as part of Black Arts Illuminated. Brian was the founder of CMS Consulting Inc. and Infrastructure Guardian Inc. which became part of New Signature. The two organizations (professional services and managed services respectively) provided deep Microsoft expertise working with mid to large enterprise [...]

Nick Aleks

Nick Aleks

CEO of Aleks Security Cyber Intelligence Inc.


Nick Aleks is a leader in Toronto's security community. He is a distinguished security engineer, speaker and researcher. Nick is one of the founding partners of DEFCON Toronto (DC416), one of Canada’s largest hacker meetup communities. In partnership with TraceLabs, he organized the world’s first ever OSINT CTF where hackers helped find missing persons. He also runs a Toronto-based ethical hacking firm and is an advisor at HackStudent, an organization that helps educate students ages 13-17 about cybersecurity.

Opheliar Chan

Opheliar Chan

OWASP Toronto Chapter Co-Lead


Opheliar Chan spends most of her time trying to make application security more accessible, pragmatic, and FUD-free, both as Director of Advisory at Security Compass, and while moonlighting as co-lead of the OWASP Toronto Chapter. For over a decade, she has focused on application security, SDLC process consulting and implementations, program building, penetration testing/vulnerability assessments, and related. Prior to her career in consulting, she worked in security research, web application development, and technical writing. You can usually find her in-person at OWASP Toronto Meetups, or at opheliar.chan@owasp.org.

Max Cizauskas

Max Cizauskas


By day Max Cizauskas is the manager of Threat Prevention at IGM Financial, implementing blue team policies and practices and advising on how projects can apply security across their cloud dev ops endeavours. By night Max focuses on helping people bridge the gap to get into information security. He shares his perspective on the most important practices that can be implemented across all practices through being a committee member of the Toronto Area Security Klatch (TASK) and the BSides Toronto annual conference, as well as the host of the infrequent [...]

Lee Kagan

Lee Kagan

RnD Specialist


Lee Kagan is a sr. principal offensive RnD specialist at Symantec, the co-founder of RedBlack Security in Toronto and co-creator of the Canadian Collegiate Cyber Exercise (C3X). Lee has been professionally active since 2010 and focuses on advanced Windows attack and defence, command and control infrastructure design and adversary systems in general.

Helen Oakley

Helen Oakley

Leader in Cybersecurity Field and CoFounder


Helen Oakley is a cybersecurity enthusiast, researcher and educator. She takes on a leadership security role at a global leading software provider. Helen is currently working on her own cybersecurity research project and strongly believes in giving back to the community. Helen is a lead of Toronto’s community group “Leading Cyber Ladies” and HackStudent.com teacher, which is a non-profit organization that educates kids in cybersecurity skills.

Fernando Montenegro

Fernando Montenegro

Industry Analyst


Fernando Montenegro is a principal industry analyst and management consultant with 451 Research, focusing on analyzing market trends and providing strategic advice on topics related to modern security markets: cloud security, endpoint security and others. His previous experience includes pre- and post-sales technical roles and consulting roles with vendors in enterprise security such as Hewlett Packard, RSA and others. He has worked with organizations in Canada, Latin America, and the US. His areas of interest include security economics - particularly behaviour economics - data science, including machine learning, and cybercrime. [...]

Robert Beggs

Robert Beggs

Ethical Hacker


Robert Beggs breaks into computers and data networks. As an ethical hacker and incident responder, he identifies and closes the vulnerabilities that could be exploited to create a security breach. He has been responsible for the technical leadership and project management of multiple successful responses to data loss. His experience has driven the development of the AIM methodology, used to effectively respond to a breach. His clients range from banks and insurance companies to small and medium enterprises. Robert holds an MBA in Science and Technology from Queen's University and [...]

Hamza Gondal

Hamza Gondal

Information Security Consultant


I work as an Information Security Consultant at eSentire. Being a cybersecurity enthusiast, I have worked in both capacities (as a Blue teamer in SOC) and presently working in Red Team. I’ve completed a few certifications such as CCNA and OSCP. I am currently working on Advanced Active Directory Attacks and Methodologies and learning about pentesting techniques against popular Cloud infrastructures such as AWS and Azure. Infosec is all about learning which makes me feel right at home, which is why I love to learn, and I love to give [...]

Jim Banach

Jim Banach

Practice Group Lead, New Signature


Jim Banach is the North American Practice Group Lead for Modern Workplace at New Signature. Jim has been absorbed in Information Technology for the past 20 years focusing on helping customers realize the value of their investments in productivity solutions. Jim has a long history in messaging and communications technologies including Exchange, Skype for Business / Teams, and Office 365.

Lee Brotherston

Lee Brotherston

Director of Security, Ecobee


Lee has worked within Information Security for over a decade. In that time he has held positions ranging from hands-on practitioner through to management across a number of industry verticals, he is currently the Director of Security at Ecobee. He has spoken on topics ranging from malware analysis to network security and surveillance.

Mathieu Lavoie

Mathieu Lavoie

Co-founder and CEO, Flare


Mathieu Lavoie is co-founder and CEO of Flare. He obtained his B.Eng. from the ÉTS. After being a malware researcher for a few years, he worked as a pentester and then as a security team lead in a large financial institution. He was also a strategic advisor for senior executives regarding cybersecurity and blockchain initiatives. He has spoken at security conferences such as HOPE, Hackfest and NorthSec about his open-source Bitcoin forensic tool called Bitcluster.

Thomas Roth

Thomas Roth

Researcher and Founder, Leveldown Security


Thomas Roth is a security researcher and founder of leveldown security. His focus is on mobile and embedded systems with published research on topics such as TrustZone, payment terminals, embedded and chip security. In recent years, his focus has been on critical infrastructure and communication, with published research on industrial control systems, industrial IoT devices and secure communication. In 2018, Thomas Roth and his research were named as one of the 30 under 30 in Technology by the Forbes Magazine and was named TCCA Young Engineer of the Year 2018.

Joe Cummins

Joe Cummins

Cybersecurity Professional


Joe Cummins has focused his career as an offensive cybersecurity professional, and as a seasoned serial Entrepreneur within the Canadian ecosystem, has led CybernetIQ since its inception in 2009. Over the course of his career, Joe has successfully built and sold a series of innovative software platforms focused on solving real-world cybersecurity challenges and bridging the gaps within the IT and OT spaces. Products such as TOTEM (Building Management Systems), FOCAL (Unmanned Data Storage), as well as other disruptive technologies that have been developed under contract to various Private and [...]

Dana Baril

Dana Baril

Security Software Engineer


Dana Baril is a security software engineer with experience in some of the world's leading technology giants. She started her career in an elite Israeli military cyber intelligence unit, proceeded to a big data startup, and then joined Google in its Zurich HQ. For the past 3 years she has been working on Windows Defender Advanced Threat Protection at Microsoft, researching and developing new cyber security threat detections. Dana is passionate about Operating Systems and Windows Internals. Dana is an active volunteer with high school students, training the next generation [...]

Brian O’Higgins

Brian O’Higgins


Brian O’Higgins is an Angel Investor and Board Member. Brian O’Higgins has over 30 years experience as a leader in security technology development for enterprise and government customers—possibly known best for his role pioneering PKI (public key infrastructure)— and as the co-founder and Chief Technology Officer of Entrust, a leading Internet Security Company.     He was also a co-founder and Chief Technology Officer of Third Brigade, a provider of security products for physical and virtualized servers that was acquired by Trend Micro in 2009.   Brian's approach to security is both [...]

Stephan Jou

Stephan Jou

CTO Interset


Designing software from inception to release for more than 15 years, Stephan is the veteran mind behind Interset’s technological vision. Stephan has been a technologist and leader at two startups and at one of the largest software development companies in the world. He was previously a technical architect, research staff member, and senior manager at IBM Cognos Analytics. During his career at IBM Cognos, he architected and oversaw more than ten 1.0 products related to cloud computing, mobile, visualization, semantic search, data-mining, and neural networks. Stephan holds a Master of Science [...]

Michele Mosca

Michele Mosca


Michele Mosca is co-founder of the Institute for Quantum Computing at the University of Waterloo, a Professor in the Department of Combinatorics & Optimization of the Faculty of Mathematics, and a founding member of Waterloo's Perimeter Institute for Theoretical Physics. He was the founding Director of CryptoWorks21, a training program in quantum-safe cryptography. He is a founder of the ETSI-IQC workshop series in Quantum-Safe Cryptography, and the not-for-profit Quantum-Safe Canada. He co-founded evolutionQ Inc. to support organizations as they evolve their quantum-vulnerable systems to quantum-safe ones and softwareQ Inc. to [...]

Chris Pittman

Chris Pittman

Principal Security Engineer, BlackBerry Cylance


Chris Pittman has worked in enterprise information technology since 1993 and has specialized in cyber security for the last 14 years. He worked in security and controls and incident response for the Ford Motor Company before moving to the security vendor space in 2008. As a sales engineer at BlackBerry Cylance, he provides technical and security guidance to global enterprises interested in implementing AI-based endpoint security solutions. He holds SEC+, CISSP and a Master of Information Assurance in Digital Forensics, which he also teaches at Eastern Michigan University.

David Fewer

David Fewer

General Counsel, CIPPIC


David Fewer is General Counsel of the University of Ottawa’s Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic (CIPPIC), Canada’s only public interest technology law clinic. CIPPIC’s mandate is to advocate for balance in policy and law-making on issues arising out of new technologies. David joined CIPPIC in November 2004. His work focuses on training students in effective legal advocacy, producing public education materials, and articulating a public interest perspective in public policy debates and important court cases at the intersection of law and technology. David graduated with a B.A. [...]

Nadir Izrael

Nadir Izrael

Co-Founder and CTO, Armis


Nadir Izrael is co-founder and CTO at Armis and drives the technology vision behind the platform. He served six years in the Israeli army’s Cyber Intelligence unit where he designed and programmed software systems and attained the rank of captain. He graduated Summa Cum Laude from Technion-Israel Institute of Technology where he studied computer science and physics. In the following years, he worked for Google as a software engineer manager. Nadir enjoys creating simulations of particle systems and cosmological models and is experienced in applied machine learning algorithms and statistical [...]

Chuck Ben-Tzur

Chuck Ben-Tzur


Chuck Ben-Tzur is an IT Security professional with over 15 years of experience as a consultant and a senior manager. Chuck has helped leading Canadian and international organizations to build their corporate security program, assess and implement effective security controls and maintain ongoing compliance. To keep his technical knowledge fresh and up-to-date, Chuck likes to “keep his hands dirty” by researching the security of new technologies and is continuously performing hands-on penetration testing, vulnerability assessments and threat risk analysis. Chuck has presented at many conferences and in front of professional [...]

Neil Barratt

Neil Barratt

Director, Electronic Commerce Enforcement, CRTC


Neil Barratt joined the Compliance & Enforcement team at the CRTC in May 2017. As Director, Electronic Commerce Enforcement, he is responsible for ensuring compliance with Canada’s Anti-Spam Legislation including outreach and enforcement activities. Under his leadership, the CASL team has prioritised the disruption of malicious activity that harms Canadians and undermines trust in the digital economy. Neil has also overseen a renewed focus on transparency, developing and publishing clear guidance to stakeholders and the public. Neil has over a decade of experience in policy development and implementation. Most recently, [...]

Chris Gray

Chris Gray

Director of Service Delivery, Canada / Global Executive Services Director - Optiv


A highly accomplished senior leader with more than 20 years of experience in the defense, financial, retail, technology, and professional services industries. Leveraging knowledge in leadership, risk and compliance management, cyber security, and data governance, Chris has built and lead comprehensive programs that combine emerging technologies and risk-based governance. Chris has led globally dispersed teams focusing in security operations, incident investigation and response, enterprise risk management, compliance, red/blue team attack and penetration services, sales, and marketing. As a subject matter expert, he has authored numerous articles and been regularly cited [...]

James Arlen

James Arlen


James Arlen is a member of Salesforce’s security team focused on Public Cloud computing at one of the world’s largest SaaS/PaaS providers. Over the past twenty plus years, James has been delivering information security solutions to Fortune 500, TSE 100, and major public-sector organizations. In both consultant and staff member roles, James led business and technical teams of professionals in short-term projects as well as multi-year organizational change initiatives. James held key contributor roles as CISO or most senior security executive at dozens of international companies across the finance, critical infrastructure, manufacturing, and [...]

Rich Mogull

Rich Mogull


Rich has twenty years experience in information security, physical security, and risk management. He specializes in cloud security, data security, application security, emerging security technologies, and security management. He is also the principle course designer of the Cloud Security Alliance training class and actively works on developing hands-on cloud security techniques. Prior to founding Securosis, Rich was a Research Vice President at Gartner on the security team. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of [...]

Nick Johnston

Nick Johnston


Nick is the program coordinator for, and professor in, Sheridan College’s Honours Bachelor of Applied Information Sciences (Information Systems Security) degree program. Previous to his role in academia, Nick led an incident response team, worked as a computer forensic investigator, programmer, penetration tester, secure code auditor and general InfoSec consultant. You can find Nick on Twitter at @nickinfosec where he’ll either be tweeting cringe-worthy cyberpuns or asking beginner electronics/maker questions.

Dave Lewis

Dave Lewis

Global Security Advocate


Dave Lewis has twenty five years of industry experience. He has extensive experience in IT security operations and management including a decade dealing with critical infrastructure. Lewis is a Global Advisory CISO for Duo Security (now Cisco). He is the founder of the security site Liquidmatrix Security Digest and cohost of the Liquidmatrix podcast. Lewis serves on the advisory boards for Cortex Insight and Dateva Inc. Lewis writes columns for Forbes, Daily Swig and several other publications.

Andrés Riancho

Andrés Riancho


Andrés Riancho is an application and cloud security expert who leads the open source w3af project and provides high-quality security assessment services to companies around the world. In the research field, he identified new techniques which can be used to escalate privileges in Amazon AWS infrastructures, discovered critical vulnerabilities in IPS appliances, multiple vulnerabilities in web and REST APIs, and contributed with SAP research performed at a former employer. His focus is application security, where he developed w3af, a web application attack and audit framework used extensively by security professionals. [...]

Kurtis Armour

Kurtis Armour

Senior Security Strategist


As a member of eSentire's Security Strategy team, Kurtis Armour is responsible for finding new and innovative ways to protect customers. As a regular conference speaker, Kurtis is inquisitive and dedicated to the cybersecurity industry and furthers research endeavors. He holds an OSCP certification which helps him understand the needs and requirements of organizations on the defensive side. Kurtis' current research focuses on cloud and endpoint security as it pertains to the managed detection and response industry. Kurtis holds a Bachelor of Technology from Seneca College.

Jacob Grant

Jacob Grant

Senior Security Strategist


Jacob is a Senior Security Strategist at eSentire, a Managed Detection and Response company based in Waterloo, Ontario. Jacob has worked within the MDR space for over 8 years in various roles from SOC, Operations, and Professional Services. He is mainly focused on security as it relates to networking, cloud services, and automation.

Rob Knoblauch

Rob Knoblauch

VP, Enterprise Security


Rob Knoblauch, VP Enterprise Security Scotiabank is a cybersecurity professional with over 20 years of experience protecting financial institutions from a myriad of information security risks. He serves on a variety of customer advisory boards for leading cyber security companies and speaks at various conferences on cybersecurity, AI and machine learning. Rob has a passion for building strong teams and bringing new, innovative technologies to combat the growing complexities of cyber threats. Prior to Scotiabank, Rob has worked in the Toronto Stock Exchange, Bank of Montreal, and Bird on a [...]

Robin Wilson

Robin Wilson

Senior Sales Engineer


Rob is a veteran of the cybersecurity industry with over 20 years of experience. Throughout his career he has focused on Identity governance and access management, as well as APIs and microservices. Rob’s ability to address both business and technical requirements and provide effective solutions has enabled him to become a trusted advisor for clients across multiple industries. Rob holds a Bachelor of Technology Management, a MSc in IT, and Advanced Certificates in Telecommunications Management and Enterprise Architecture. When not working with clients, he enjoys outdoor activities with family, gaming, [...]

Madhu Mahadevan

Madhu Mahadevan

Sr. Manager, Strategic Alliances


Madhu Mahadevan manages the SailPoint partnership at Okta. As a part of the Strategic Alliances team, he helps any organization to use any technology and enables their people to securely connect to the tools they need. Follow him on Twitter at @mmaha

Michael Cole

Michael Cole

Senior Security Consultant


Michael Cole is a Senior Security Consultant with Rapid7 and has been in the technology and security fields for over 17 years. He is the recovering CISO of a publicly traded bank, and has had roles in security architecture and engineering, biometrics, and security program development. Michael holds numerous professional certifications, including CISSP, CISM, and CISA, and has earned master’s degrees in both Information Security and Management and Leadership. He also has degrees in Scottish history and Golf Course Operations.

Rohan Aggarwal

Rohan Aggarwal

Offensive Cyber Security Analyst


Rohan is an Offensive Cyber Security Analyst at TCS where he does IOT, hardware, web and Android application hacking. He is also a part-time bug bounty hunter on Hackerone and Synack. He has found security vulnerabilities within big companies like Yahoo, Twitter, Goldman Sachs, Matomo, BrickFTP, Pixiv, etc. He has also attended a live hacking event in Nepal. Rohan has presented a talk on Microsoft Azure Bootcamp as well as delivered training on IOT, web application and Cloud hacking.

Corneliu Nitu

Corneliu Nitu

Security Researcher


Corneliu Nitu is a computer security professional with extensive experience in the development of security solutions in several industry verticals (telecommunication, healthcare, manufacturing and ICS). With a Ph.D. in Artificial Intelligence, he has deep knowledge of intelligent technologies, which he applied to the development of cutting-edge products. As a Security Researcher with Nokia’s Threat Intelligence Lab, he is responsible for malware analysis, research of the current trends in cyber security and the creation of malware threat intelligence for Nokia’s network-based malware detection products that are deployed in mobile ISPs around [...]

Guy Acosta

Guy Acosta

OSS Security Analyst/Engineer, Microsoft


Guy is an enterprise security analyst/engineer and has been with Microsoft several years, first as part of the ACE team in the Digital Security Risk Engineering org delivering threat and SDL compliance assessments on Microsoft Line of Business Web apps. Guy now works on the Open Source Security (OSS) team within the Customer Security & Trust Engineering (CST-E) organization where he is responsible for assessing the security of open source software used by Microsoft Engineering through tools, threat modeling, security code reviews, and the development of in-house security tools. His [...]

Rob VandenBrink

Rob VandenBrink

Consultant


Rob VandenBrink is a consultant with Coherent Security in Ontario, Canada. He is also a volunteer with the Internet Storm Center (https://isc.sans.edu), a site that posts daily blogs on information security and related stories.   His areas of specialization include all facets of Information Security, Network Infrastructure, Network and Datacentre Design, Automation, Orchestration and Virtualization. Rob has developed tools for ensuring policy compliance for VPN Access users, a variety of networking tools native to Cisco IOS, as well as security audit/assessment tools for both Palo Alto Networks Firewalls and VMware vSphere.  [...]

Chad Calease

Chad Calease

Principal Security Architect


Chad is the Principal Security Architect at Forget Computers, Ltd., the largest and oldest Apple-focused MSSP in Chicago, IL, USA. The story of how he got into InfoSec is prolly not much different from yours, meandering over more than 15 years across infrastructure engineering, complex systems design, strategy, and lots of mentoring across sectors and industries in the US and overseas. His twitter bio sums him up nicely: Dad, ludic, neurodivergent, grateful for many gifts. Mom said, "There's always one weirdo on every bus." But I can never find them.

Philippe Arteau

Philippe Arteau

Security Researcher


Philippe is a security researcher working for GoSecure. His research is focused on Web application security. His past work experience includes pentesting, secure code review and software development. He is the author of the widely used Java static analysis tool “Find Security Bugs” (FSB). He is also a contributor to the static analysis tool for .NET called Security Code Scan. He built many plugins for Burp and ZAP proxy tools: Retire.js, Reissue Request Scripter, CSP Auditor and many others. Philippe has presented at several conferences including Black Hat Arsenal, ATLSecCon, [...]

Will Hunt

Will Hunt

Co-founder, in.security


Will Hunt (@Stealthsploit) is a cyber security consultant and former digital forensic consultant who has worked in IT security for over 10 years. He co-founded in.security, a specialist cyber security company delivering high-end consultancy and training services. He has delivered infrastructure and web hacking courses at Black Hat USA and EU, as well as training and speaking at other bespoke international events and conferences. Will also assists government in various technical, educational and advisory capacities. He runs the blog https://stealthsploit.com

Philippe Lamontagne

Philippe Lamontagne

Research Officer, Canada’s National Research Council


Philippe Lamontagne is a computer scientist and mathematician born and raised in Montreal. He received his Ph. D. in quantum cryptography from Université de Montréal in 2018. His thesis is focused on the provable security of quantum protocols for secure two-party computation. He worked for a year as a machine learning engineer before accepting a position of research officer at Canada's National Research Council (NRC). As a member of the NRC's cybersecurity team, his research interests include quantum-resistant algorithms, security of machine learning and lightweight cryptography for embedded devices.

Mathieu Saulnier

Mathieu Saulnier

Adversary Detection Team Lead


Mathieu Saulnier is a “Security Enthusiast” ©@h3xstream. He has held numerous positions as a consultant within several of Quebec’s largest institutions. For the last 6 years he has been focused on putting in place a few SOC and has specialized in detection (Blue Team), content creation and mentorship. He currently holds the title of Senior Security Architect and acts as Adversary Detection Team Lead and Threat Hunting Team Lead for Bell Canada, one of Canada’s largest carriers. He loves to give talks and has had the honor to do so [...]

Jonathon Poling

Jonathon Poling

Managing Principal Consultant, SecureWorks


Jonathon Poling is a Managing Principal Consultant for Digital Forensics and Incident Response (DFIR) at Secureworks. With over 11 years of experience spanning government, contractor and private sectors, he serves as a DFIR SME in all major operating systems (Windows, Linux, Mac) including Cloud (AWS), currently focusing on Security Orchestration/Automation. He is most at home on the *nix command line, performing investigations using FOSS tools.

Chi-en Shen (Ashley)

Chi-en Shen (Ashley)

Senior Researcher


Chi-en Shen (Ashley) is a senior researcher working at FireEye, where she focuses on threat intelligence research. She specializes in threat hunting, malware analysis, reverse engineering, and targeted attack research. To support women in InfoSec, Ashley co-founded “HITCON GIRLS” – the first security community for women in Taiwan. Ashley is also a regular speaker at international security conferences, including Black Hat, FIRST, HITB GSEC, CODE BLUE, Troopers, HITCON, Confidence, and RESET. Ashley also serves as a review board member of Black Hat Asia, Blue Hat Shanghai and Hack in the [...]

Peter Maddison

Peter Maddison

Founder, Xodiac Inc.


Peter Maddison has been in the business of building high-performance teams and automating everything worth automating for the past couple of decades. Presently, Peter spends his time helping organizations accelerate their delivery practices as an expert coach and consultant and is equally comfortable talking about business strategy as he is talking about IT. As a part of Xodiac, Peter is on a mission to help make every team thrive.

Serge Bertini

Serge Bertini


With over 20 years of Information Technology Management and Security experience working with both Private and Public Sector in Canada, Serge Bertini is currently the VP and Country Manager for CrowdStrike in Canada. Prior to joining CrowdStrike, he was the VP and GM for the Security Division of HPE Canada. His understanding of the security challenges organizations face daily has helped his customers to develop and implement successful business-focused cyber strategies. Before HPE, he was the Regional Director for Intel Security/McAfee where he was named McAfee’s Global Sales Regional Manager [...]

Robert Falzon

Robert Falzon


Robert Falzon is currently the Head of Engineering within the office of the CTO for Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 20 years of experience in large-scale network security architecture, design, and deployment projects for government and business organizations spanning the globe. Robert currently leads a large team of the most talented cyber security engineers in the industry who are responsible for educating the market on the latest cyber security trends. Other past responsibilities have included operational, management, and developmental duties [...]

Neil Correa

Neil Correa


Neil is an information security and privacy risk leader with over 15 years of experience across a broad range of security/privacy risk areas and diverse industry segments.

Matthew Adams

Matthew Adams

Senior Solutions Engineer


Matthew Adams is a Network and Security Systems Engineer who has enjoyed working with Enterprise, NEMs and Service Providers for over the past ten years. During Matt’s tenor at Ixia Solutions Group, he has spent most of his time deploying large scale testing and test automation solutions for his clients. As a result, Matt has extensive experience helping clients validate and secure their local and wide area networks whilst they roll out new security and critical business applications. In addition to Matt’s extensive experience in pre-production testing along with production [...]

Mark Holub

Mark Holub

CISSP, CISA, MBA


Mark Holub is a Subject Matter Expert for Qualys’ policy compliance solution. With 20 years of experience across IT Security, Compliance, and IT Audit, he has helped small, medium and large enterprises with establishing strong governance and control environments. He has significant experience with building Information Security and Audit programs.

Karl Ackerman

Karl Ackerman

Principal Product Manager


With over 20 years in the IT security space as a software developer, architect and product manager, Karl has a passion for security and a deep commitment to drive criminal syndicates and nation state actors off our networks and out of our devices. Over the years, Karl has collaborated with organizations from small businesses to national defense agencies, both to understand the threats these organizations face and to design and build the software used to defend them from adversaries. With an engineering background, Karl has patents ranging from cryptographic methods [...]

Jason Meurer

Jason Meurer

Senior Research Engineer


Jason Meurer is the senior researcher for Cofense labs. His years of experience in the inner workings of company product offerings has been key in his bottom to top structuring of research project integrations and focus on real world needs for the research team. His current projects bring botnet tracking and target data to the forefront to give everyone the heads up they deserve.

Gary Miller

Gary Miller

Cyber Security Strategist


Gary Miller is a Cyber Security Strategist at Bell. For more than 20 years Gary has been assisting governments and industry organizations around the world shape appropriate and practical cyber security strategies to support their changing business. Gary has held senior executive positions within international businesses leading corporate security functions and cyber security business units. He brings a unique balance of business, IT and cyber security domain expertise. He has successfully launched new cyber security products and businesses, consulted with governments on national cyber security strategy and policy, advised on [...]

David Empringham

David Empringham


David has been deeply involved in security since the late 90’s when he started in security information and event management with one of the 3 pioneering SIEM vendors. Over the years, David has held positions both in software engineering and professional services. Within the last 8 years, made the move to sales and architecture to help customers of all sizes and verticals with solutions that will assist them in improving their security posture and mitigating risk to the business.

Darren Chin

Darren Chin

Principal Consultant


Darren is the Principal Consultant responsible for the Cyber Security division of Scalar Decision's Risk Advisory Services practice. He is a seasoned Management Consultant and Information Security professional with over 20 years’ experience in Information Technology operations, architecture, design, audit, and security management. During his tenure at Scalar, he has formed world-class penetration testing and vulnerability management teams; servicing clients in the Financial, Health Care, and Technology sectors. He has proficiency with the identification and quantification of security risk, assessing threats and risks based on best practice methodologies as well [...]

Benjamin Li

Benjamin Li

Principal, Cyber Risk


Benjamin is the Principal Consultant responsible for the Cyber Risk Consulting division of Scalar's Risk Advisory Services practice. He is an experienced consultant with over 10 years' experience in Information Technology sales, operations, design, audit, and management. Benjamin has implemented security programs at several large law firms, technology and software development organizations with great success. Benjamin uses his ability to design programs that are fit-for-purpose and right-size to ensure clients are able to manage their own security programs on an ongoing basis. He specializes in ISO 27001, NIST CSF, SANS [...]

Ryan Sanders

Ryan Sanders

Product Lead, Keyfactor


Ryan Sanders is a Toronto-based Product Lead with Keyfactor, a leader in providing secure digital identity solutions for the Global 2000 Enterprises. Ryan has a passion for cybersecurity and actively analyzes the latest in compliance mandates, market trends, and industry best practices related to public key infrastructure (PKI) and digital certificates. More recently he has specialized in code signing fundamentals and security best practices to prevent software supply chain attacks. Prior to joining Keyfactor, Ryan held several roles in product marketing and enablement at WinMagic, a Toronto-based data encryption and [...]

Jack Palivoda

Jack Palivoda

Solutions Engineer


Jack Palivoda is a Senior Solutions Engineer at Keyfactor. With over 35 years of deep technological experience, he is responsible for collaborating with prospects and clients, facilitating technical discussions that align customer requirements with the right solutions. Jack also conducts product demonstrations, proof of concept delivery, and turns customer insights into concepts for product enhancements. Prior to joining Keyfactor, Jack held various technical positions at Microsoft and was a Systems Engineer at AT&T. Jack enjoys spending time with his wife and four children, serving his church community, and is a [...]

Bil Harmer

Bil Harmer

CISO, Zscaler


Bil Harmer is the Americas CISO at Zscaler. In this role he engages security executives at a peer level to drive strategic change and facilitate industry wide collaboration on emerging security and privacy topics. While developing the Security and Data Protection program for SuccessFactors/SAP he pioneered the processes for security and privacy compliance used by Cloud vendors today. Prior to joining Zscaler, Harmer was the Chief Security Officer at GoodData Corp and the VP Security & Cloud Privacy Officer for the Cloud Division of SAP. He has provided advisory services [...]

Raja Sundarrajan

Raja Sundarrajan

Consulting Systems Engineer


Raja is a Toronto-based Consulting Engineer with Aruba, a Hewlett Packard Enterprise Company. He has over 19 years of experience in Networking, including IT strategy and Enterprise Architecture for all verticals and environments of all sizes. Raja’s design and consulting experience encompasses global network designs across multi-vendor environments. As a member of Aruba’s Mobility & Access Consulting organization, Raja provides guidance on networking solutions that best enable business outcomes and user experiences for large organizations across Canada.