Past Events



Sesssions


11:10 - 11:40 Tech 3 '

Protect Your Hybrid Workforce with Data-First SASE

For enterprises with hybrid workforces and ubiquitous cloud services, protecting the edge is no longer enough. Security teams must deliver safer access to business resources and enforce security policies consistently. A data-first SASE architecture goes beyond access to control usage of data everywhere and ensures only the right people have access to the right data, […]

Sponsor Track
Benoît H. Dicaire
13:00 - 13:40 Security Fundamentals '

Bot Shops and Info Stealers – Exploring the Dark Web’s Newest Frontier

Carding is one of the earliest forms of cybercrime. Since the 1980s, cybercriminals have developed various fraud tactics to steal and monetize credit card information. To prevent these types of attacks, financial institutions have developed anti-fraud measures to detect and prevent fraudulent transactions. These security precautions include checking various parameters like IP address, operating system, […]

SECurity FUNdamentals
Bryan Oliver
10:10 - 10:50 Tech 3 '

Behavioral Biometrics – Attack of the Humanoid

The way we move our mouse, use our keyboard, and touch our phones is unique to us. Behavioral biometrics allows security systems to identify computer users across a wide variety of devices uniquely. While AI can help secure computer infrastructure, they are vulnerable to data-based type attacks. By capturing user interaction data, an attacker may […]

Tech
Justin Macorin
Iain Paterson
12:00 - 12:40 Diamond '

Hindsight Security: Things Breach Victims Wish They Had Done

The decisions made in the seconds, minutes, and hours of a security breach carry long-term operational, legal, regulatory, and public relations repercussions. Making the wrong move in the heat of the moment can cost a fortune; it can even end a career. Featuring real-world best practices from the breach response team responsible for defending hundreds […]

Sponsor Track
Matthew Hickey
09:10 - 09:50 Keynote Hall '

Infosec Halloween 2021: Unmasking the Scary Characters

During these years when a holiday just can’t be any scarier than the other 364 days, it’s easy to forget that some spectres aren’t what they seem. Some of them are Old Lady Nather under the ghost sheet. Others are clowns, but not the kind that inhabits your nightmares, just the expo halls. If you’ve […]

Keynote
Wendy Nather
14:20 - 14:50 Silver Track 2 '

Breaking Down Silos Between Security and Infrastructure

Bridge the Gap Between IT Security and Infrastructure Teams and Unify Your Security Efforts with a Vulnerability Management Solution. Chances are you know Tripwire as the progenitor of file integrity monitoring. But over the course of Tripwire’s history, we’ve focused on how we can help security teams maximize their productivity to more effectively address today’s […]

Sponsor Track
Chad Reaney
11:10 - 11:40 Security Fundamentals '

For the Greater Good: Challenging the Vulnerability Disclosure Status-Quo

Over the last five years, we have publicly disclosed the details about dozens of software vulnerabilities with varying degrees of severity and their effect on a wide range of vendors including Oracle, Pulse Secure, Microsoft, Antidote, and Akamai. We have acquired hard-earned experience on the difficulty faced dealing with clients and vendors, the risks and […]

Sponsor Track
Laurent Desaulniers
Olivier Bilodeau
15:00 - 15:30 Silver Track 2 '

Faster and Smarter Response to Cyber Threats in a Hybrid Cloud Environment

Responding to security incidents and vulnerabilities is an ongoing process which becomes increasingly more difficult to manage in a Hybrid environment. Reacting too slowly to a critical incident or vulnerability can have drastic consequences, but how do we make sure that we are working on the most critical threats first? Join us to learn how […]

Sponsor Track
Karl Klaessig
13:40 - 14:10 Silver Track 2 '

Transforming Cloud Security with SASE

With employees working remotely, the amount of data that flows through the cloud is exploding. The classic paradigm of corporate perimeters and traditional network architecture is now a thing of the past. Keeping up with this evolution is imperative and organizations are looking to implement an agile and holistic threat defense. SASE is a security […]

Sponsor Track
Jay Reddy
13:00 - 13:30 Silver Track 2 '

Get it Right, Get It Savvy – Remote Workforce Enablement

Perennial threats like ransomware have evolved to hold pace with our adoption and migration to cloud. They have continued to be a thorn in our sides even as platforms and user behaviour has changed. While cloud and malware security solutions have a major part to play, there is also a less intuitive initiative that has […]

Sponsor Track
Diana John
10:10 - 10:50 Tools '

Knocking on Clouds Door: Threat Hunting in Azure AD with Azula

This talk will uncover the amazing detection capability available from Azure AD Reports and how any organization can utilize it in the most efficient ways to help detect malicious actors. On top of that, the talk will walk attendants through a tool that can be used to help threat hunters and analysts anywhere to work […]

Tools
Mangatas Tondang
13:00 - 13:40 Tech 3 '

The Story of Ghost One

Rogue digital cinema server A15591 hadn’t just been modified to unlock encrypted feature films before release – it gave rise to a sprawling, parallel theatre distribution operation, one with its own insiders and security. How was it possible to unravel the heavily protected path from post-production to silver screen? Why did the scheme fail? At […]

Tech
Tim Dafoe
Patrick von Sychowski
10:10 - 10:50 Tech 3 '

The Call Is Coming from Inside the House-The Truth About Linux and Cloud Security

This presentation will discuss how reliance on cloud services and traditional hardening practices leads to increased successful attacks. We’ll look at how even non-APT attackers now invest more time and effort into creating custom malware, and we’ll discuss the solution to how companies can adjust their security posture to address cloud environments’ continuously changing threat […]

Tech
Nicole Fishbein
Ell Marquez
13:00 - 13:40 Tech 2 '

Towards Developing the Human Risk Assessment Platform

The threat landscape is expanding, even though the cybersecurity community enhances the efforts to address cyberattacks. The majority of cyberattacks begin with a spear-phishing email, which is commonly used to infect organizations with ransomware. The importance of establishing a cybersecurity ecosystem has been acknowledged by all sectors. Currently, the Covid-19 pandemic has demonstrated the different […]

Tech
Maria Bada
11:20 - 11:50 Silver Track 1 '

Responsible and Ethical AI for Cyber: Why It’s Important, Why It’s Hard, How to Do It

The use of artificial intelligence (AI) for cybersecurity, such as to detect insider threats and advanced attacks, is now an accepted and important tool for our industry. However, at the same time as we are realizing the power of AI, we need to become increasingly aware of its ethical challenges. To illustrate the importance of […]

Sponsor Track
Stephan Jou
13:40 - 14:10 Silver Track 1 '

Tackling Developer Security Training

Most AppSec programs forget that there is only one team that can fix security findings: the development team. While an AppSec strategy based on scanning will help you find flaws, the best approach also avoids creating flaws in the first place. Yet developers often don’t have the training they need to prevent, identify, or remediate […]

Sponsor Track
Rey Bango
11:20 - 12:50 Silver Track 1 '

3 Essentials for Automating Security Across Hybrid Cloud

Today’s networks are expanding beyond on-prem to include cloud and hybrid deployments. While enterprises seek to balance agility and security, they are also faced with skills shortages and the need to work with the technology of multiple vendors. Automation is key to addressing these challenges while offering cloud, network, and security teams the ability to […]

Sponsor Track
Sattwik Gavli
10:00 - 10:30 Silver Track 2 '

Opening XDR to More Insight

XDR has extended Trend Micro’s detection and response capabilities by capturing more telemetry from more security controls than ever. Come to our presentation to learn how Vision One is extending its reach through the Open Cybersecurity Aliiance’s STIX-Shifter to query third-party data lakes providing a more comprehensive risk vision for your organization.

Sponsor Track
Peter Cresswell
10:40 - 11:10 Silver Track 1 '

Intelligence-Driven SOAR: Uniting Threat Intelligence and SOC Teams with Intelligence-Driven SOAR

How smart is your Security Orchestration, Automation, and Response (SOAR) platform? The answer to that question is critical to determining how protected your organization is from the next data breach or ransomware attack. Imagine for a moment that you’re sitting in a restaurant between sessions at a major industry conference and you receive an email […]

Sponsor Track
Chris Ralph
14:20 - 14:50 Silver Track 1 '

A Unified Approach to Discover, Protect and Control Your Sensitive Data

To meet the scale of current and future data security threats, evolving global and regional privacy regulations, and cloud adoption brought on by remote working, organizations need an easier and unified approach to discover, protect, and control their sensitive data. Let’s discuss how Thales has pushed the innovation envelope with its new CipherTrust Data Security […]

Sponsor Track
Stephen Kingston
13:00 - 13:30 Silver Track 1 '

Zero Trust Maturity: Where are Canadian Organizations Today

When adopting a Zero Trust approach to cybersecurity, there are several key things to consider. Join TELUS’ Marc Kneppers as he highlights the important things to think about when implementing a Zero Trust architecture. Find out how TELUS is implementing Zero Trust in our organization and hear about the results of a Zero Trust Assessment […]

Sponsor Track
Marc Kneppers
13:40 - 14:10 Silver Track 1 '

What Elon Musk and SpaceX Can Teach Us About Ransomware and Cybersecurity

As a kid I always assumed that when you shot a rocket into space, other than the capsule, all the other parts burned up on re-entry into the atmosphere. Elon Musk asked why couldn’t you just reuse the rocket? And SpaceX was launched. To change cybersecurity, we must change our mindset. In 30 minutes, I […]

Sponsor Track
Morgan Wright
11:10 - 11:40 Security Fundamentals '

Coverage: How to Get Results from Threat Detection and Response Solutions

The security market is full of solutions to support threat detection and response: EDR, NDR, SIEM, XDR, SOAR, you name it. But just deploying tools is not enough to get results. Organizations must ensure they have the appropriate coverage of threats and technologies to detect and respond to incidents and minimize impact. This session introduces […]

Sponsor Track
Augusto Barros
- Schedule Not Yet Finalized '

SOARing to New Heights with TheHive and Cortex

Cybersecurity pros’ time is in high demand, as such the need to automate information gathering and attribution becomes greater every day. One question that confounds many pros is how to get started, what do you need in your stack to help you get the answers you need quickly? SOAR, Threat Intelligence, a SIEM, EDR/XDR, IDS, […]

Sponsor Track
Geoffrey Roote
11:10 - 11:40 Management '

Reducing Ransomware at Scale: Exploring the Ransomware Task Force’s Recommendations

In 2020, ransomware attackers made more than $350 million and caused terrible disruption, particularly in healthcare. Combatting this blight requires a comprehensive, multi-faceted strategy adopted in collaboration by governments around the world. To this end, the Ransomware Task Force brought together experts from governments, private, and nonprofit sectors to identify actions that would help to […]

Sponsor Track
Jen Ellis
11:10 - 11:40 Tech 3 '

Deconstructing a Ransomware Attack: A Case Study in Privileged Account Misuse

Virtually every headline-generating breach is the result of misuse or abuse of privileged credentials. Proper PAM practices would have gone a long way towards preventing, speeding recovery, and minimizing damages from these incidents. In this session, we’ll discuss recent ransomware attacks, looking at what went wrong and how earlier detection of privileged account misuse could […]

Sponsor Track
Daniel Conrad
Bryan Patton
10:00 - 10:30 Silver Track 2 '

Is Your Defensive Stack Ready for a Targeted Attack?

With all the recent headlines, it seems the risk of ransomware has become an added certainty to the daily lives of Cybersecurity personnel. Adversaries are automating the initial stages of the cyber-attack lifecycle to identify the best bang for their buck. How do organizations with limited resources even keep up? Adding another tool to the […]

Sponsor Track
Arif Khan
11:10 - 11:40 Tech 2 '

Exposing Ransomware-As-a-Service and Where It’s Going Next

Ransomware attacks have been proliferating over the past five years, becoming an easy source of revenue for cybercriminals, and putting businesses at risk. How did we get here? What can security teams do differently to detect and respond to attacks more effectively? In this session, Ordr Evangelist Jamison Utter shares research on why ransomware exists […]

Sponsor Track
Jamison Utter
11:10 - 11:40 Tech1 '

Where is Cybercrime Really Coming From?

State, local, and federal government agencies have been dealing with benefit program fraud for as long as the programs have existed. But as these programs have moved online, fraudsters have increasingly become more sophisticated cybercriminals and employed cyber threat tactics to commit their crimes…but they have also begun leaving digital fingerprints. Join this session to […]

Sponsor Track
Luis Carvajal Kim
13:40 - 14:10 Silver Track 2 '

Global Privacy: Keeping Up and Staying Ahead

As the importance of data protection grows globally, several jurisdictions have introduced, or announced their intention to introduce, their first general data protection legislation. This presentation seeks to provide a global overview of the latest regulatory developments and upcoming data protection legislation, as well as the GDPR centric approach of many new data protection laws. […]

Sponsor Track
Liam McLaughlin
11:20 - 11:50 Silver Track 2 '

Triple Extortion Attacks on the Rise from Ransomware Gangs

Traditional ransomware attacks – where the cybercriminal breaches a network, encrypts data, and demands payment for a decryption code – is a tough challenge. Add a threat to expose data and the situation is even more critical. But if that was not enough, now threat actors are adding DDoS attacks to the mix to ratchet […]

Sponsor Track
Gary Sockrider
13:00 - 13:30 Silver Track 2 '

Why an Integrated Approach to Cybersecurity Is No Longer a Choice

The threat landscape is continually evolving with devastating speed and is continually changing focus to new targets. It’s not just your perimeter that is at risk, your employees are under attack, your supply chain is vulnerable, and your business reputation could be easily tarnished with just one breach. Single solutions will not stop all the […]

Sponsor Track
Andrew Williams
15:00 - 15:30 Silver Track 1 '

Defending Against Ransomware – Building a Future-Proof Architecture

Ransomware isn’t a new threat, but recent big-name attacks like Colonial Pipeline have brought it top-of-mind for security leaders. With limited time, budget, and expertise to work with, security teams are struggling to develop effective protection, detection, and response strategies for both known and unknown threat actors. The most effective ransomware defense strategies leverage a […]

Sponsor Track
Brian Brown
10:40 - 11:10 Silver Track 2 '

An Introduction to Risk-Based Vulnerability Management

Risk-Based Vulnerability Management (RBVM) encompasses more than you probably think. In this entertaining and informative talk, we will do a deep dive into the foundational concepts and underlining theories of quantifying risk, and then share how implementing practical RBVM programs are essential to secure the modern network.

Sponsor Track
Jerry Gamblin
10:00 - 10:30 Silver Track 1 '

Why the Future of DevOps Needs Hackers

Did you know that 80% of CISOs say that software projects have been hindered by concerns over inevitable security issues? Vulnerabilities don’t need to slow you down. Join HackerOne for a discussion on “Why the future of DevOps needs Hackers.” Key Takeaways: How organizations collaborate with hackers How bug bounty data insights empower development teams […]

Sponsor Track
Will Kapcio
11:10 - 11:40 Management '

The Prestige

This talk will examine how cybersecurity researchers gather threat intelligence using a variety of open-source tools and open-source intelligence techniques on hacker forums, darknet websites, Reddit, and other forums. Researchers are constantly being asked to look at threats and understand the relationship between threats and threat actors. We will head down the yellow brick road […]

Sponsor Track
Aamir Lakhani
11:10 - 11:40 Tech 2 '

Building a Response Strategy to Advanced Threats

The SolarWinds SUNBURST attack was a rude awakening for many security teams, and it won’t be the last time Security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With threats persisting inside the network for months, security teams need a new plan. In this session, CISO Jeff Costlow discusses strategies, […]

Sponsor Track
Jeff Costlow
10:40 - 11:10 Silver Track 1 '

Poking Around at Scale: One Year of Scanning the Internet

When researching malware, we often find ways to remotely identify if a system is compromised, especially when looking at server-side threats. This requires thoroughly reverse engineering the network protocol of malware to understand how to properly trigger a behaviour or response that could be used as a fingerprint. This presentation will show how we built […]

Sponsor Track
Marc-Etienne Léveillé
- Schedule Not Yet Finalized '

How to Maximize ROI with Frictionless Zero Trust

Security used to be easier when everything could be put into a datacenter and always protected. In today’s modern digital transformation, people can work anywhere, and apps live everywhere – on-prem, in the cloud, and multi-cloud, complex environments. This has forced security to go through its own transformation. As security deployment gets more complicated, it […]

Sponsor Track
Stephane Asselin
11:10 - 11:40 Tech1 '

Getting Started With SASE: Connect, Control and Converge with Confidence

Digital business transformation and the shift to a distributed workforce are driving networking and security to the cloud. The Secure Access Service Edge (SASE) model consolidates networking and security functions – traditionally delivered in siloed point solutions – into a single integrated cloud-delivered service. Join this session to hear pitfalls to avoid when starting the […]

Sponsor Track
Najib Hatahet
12:00 - 12:40 Diamond '

A Technical Deep Dive Into: Supply Chain Based Triple Extortion Ransomware with DDoS and Scrambled Voice Phone Blackmail and A Review of Successful Prevention Tactics and Strategies

This talk will technically review the latest Supply Chain and Ransomware attacks, some new Financial Sector Specific threats, the steep rise in “Triple Extortion Events” and the advanced and automatic requirements for event prevention strategy and tactics. This presentation will use public and anonymized private information as well as technical analysis from Check Point Research. […]

Sponsor Track
Pete Nicoletti
13:00 - 13:30 Silver Track 1 '

Best Practices: PAM Security & Data Privacy

What is best practice? Best practices range from organization to organization as a result of each organizations risk appetite and risk tolerance. Learn about an effective approach to the most often asked questions surrounding access management strategy, maturity and priorities, and security risks. In this revealing presentation you’ll learn how to answer the question of […]

Sponsor Track
Christopher Hills
- Schedule Not Yet Finalized '

XDR and SIEM on a Collision Course: What Remains When the Dust Settles?

Detection and response is ripe for disruption or at least better tool integration. In this context, XDR makes sense as a means to help security analysts reduce dwell time and conduct more threat hunting. Looking ahead, how do security operations change, and what is the role of SIEM, SOAR, EDR, and NDR in an XDR […]

Sponsor Track
Corey Still
10:40 - 11:10 Silver Track 2 '

Security Operations and the End of Cyber Risk

Cyber risk is a business risk. Unfortunately, the cybersecurity industry has shown an effectiveness problem in reducing it for organizations. Every year new technologies, vendors, and solutions emerge, and yet despite this constant innovation we continue to see high profile breaches in the headlines. In this session we will cover the practical approaches you can […]

Sponsor Track
Matthew Trushinski
10:00 - 10:30 Silver Track 1 '

Detection at Scale – Realize Cyber Resilience Using Intelligence-Driven XDR

Is your lack of automation holding your threat intelligence, security operations, and the rest of your organization back? Many of today’s organizations understand the value of intelligence-driven extended detection and response or XDR but are running into challenges when leveraging it. Anomali’s Chief Product Officer, Mark Alba, will share how XDR allows you to identify […]

Sponsor Track
Mark Alba
15:00 - 15:40 Tech 3 '

Many Stunts, One Design: A Crash Course in Dissecting Native IIS Malware

Internet Information Services (IIS) is a Microsoft web server software for Windows with an extensible, modular architecture, allowing developers to replace or extend core IIS functionality. This session looks at how the same extensibility is misused by malicious threat actors to intercept or modify network traffic flowing through the IIS servers. These powers allow IIS […]

Tech
Zuzana Hromcová
14:00 - 14:40 Tech 2 '

How We Automated Ourselves Out of On-Call Burnout … and You Can Too!

The repetitive nature of response tasks is one of the biggest causes of fatigue and burnout among Incident Responders. Anyone who’s been on-call on a Security team can remember how many hours they’ve spent opening the same tabs, clicking the same buttons, copy+pasting the same indicator data, and performing other similar tasks repeatedly. Imagine if […]

Tech
Prima Virani
14:00 - 14:40 Tech 3 '

Secure and Scalable Development with Microsoft 365 and Azure AD

In this talk we’ll focus on leveraging Azure AD in Platform as a Service projects. We’ll start with Logic Apps as a no-code Web API platform for implementing your privileged code in a zero-trust architecture. Azure AD provides secure authentication between low-trust client-side code and Logic Apps, and Logic Apps should use delegated or service […]

Tech
Peter Carson
15:00 - 15:40 Tech 2 '

JavaScript Obfuscation – It’s All About the Packers

The use of JavaScript obfuscation techniques has become prevalent in today’s threats. From phishing pages to Magecart, supply chain injection to JavaScript malware droppers, they all use JavaScript obfuscation techniques on some level. The use of JavaScript obfuscation enables evasion from detection engines and poses a challenge to security professionals, as it hinders them from getting […]

Tech
Or Katz
14:00 - 14:40 Tech1 '

BioHackers: The Invisible Threat

Biohackers exist and walk among us. Most security professionals would not allow users into their environment with offensive security tools. How do you address individuals who have surgically implanted such devices into their bodies? I have multiple sub-dermal implants that range from NFC, HID/Prox and RFiD devices. This allows me to become the attack vector. […]

Tech
Len Noe

Sponsors


Check Point

Diamond

Checkmarx

Diamond

Qualys

Diamond

Sophos

Diamond

CrowdStrike

Gold+

Securonix

Gold+

Cisco

Gold

ExtraHop Networks, Inc.

Gold

Forcepoint

Gold

Fortinet

Gold

GoSecure

Gold

Optiv

Gold

Ordr

Gold

Quest

Gold

Rapid7

Gold

Anomali

Silver

Arctic Wolf

Silver

Bell

Silver

BeyondTrust

Silver

Calian

Silver

ESET

Silver

Hackerone

Silver

iSecurity Consulting Inc.

Silver

Kenna Security

Silver

ManageEngine

Silver

McAfee

Silver

Micro Focus

Silver

Mimecast

Silver

NETSCOUT

Silver

OneTrust

Silver

Pentera

Silver

Risk IQ

Silver

SentinelOne

Silver

ServiceNow

Silver

Telus

Silver

Thales

Silver

ThreatConnect

Silver

Trend Micro

Silver

Tripwire

Silver

Tufin Technologies

Silver

Veracode

Silver

Zscaler

Silver

3M

Bronze

Accedian

Bronze

AppViewX

Bronze

Barracuda

Bronze

BlackBerry

Bronze

BSI Group Canada

Bronze

CDW Canada

Bronze

Cobalt.io

Bronze

Speakers


Benoît H. Dicaire

Benoît H. Dicaire

Sales Engineer


Benoît H. Dicaire leads the Canadian Sales Engineering at Forcepoint. Being just as much at ease in the boardroom, then a war room or even the server room, he collaborates with senior managers and specialists to bring clarity to your information protection program. Benoît is a former independent consultant with 30 years of experience. He believes that cybersecurity builds trust and sets businesses apart.

Bryan Oliver

Bryan Oliver

Senior Analyst


Bryan Oliver is a senior analyst at Flashpoint focusing on threat intelligence within dark web communities. Prior to coming to Flashpoint, he spent two years as a consultant in Moscow, Russia, where he had the privilege to work with some of Russia's largest companies in technology and finance. He received an MA from the University of Chicago in 2019 focusing on International Relations and Economics and has a background in software development.

Justin Macorin

Justin Macorin

Cybersecurity Researcher


Justin is an independent cybersecurity researcher focusing on cyber-fraud. His main interests revolve around cyber-fraud data management, analytics, behavioral biometrics, natural language processing, and adversarial machine learning. Justin supports organizations in strengthening their data and machine learning capabilities to better defend against next-generation cyber threats.

Iain Paterson

Iain Paterson

Managing Director, Cycura Inc.


Iain is a Cyber Security veteran with more than 17 years of experience in Information Security. He has designed and run security operations programs in large Banking, Healthcare, and Government organizations. His experience as a practitioner brings a critical understanding of the needs and challenges of organizations to Cycura's consulting practice. As Managing Director of Cycura’s professional services group, Iain acts as project executive on Offensive Security and Incident response initiatives. Iain holds information security designations from ISC2, SABSA, and ISACA and an MBA from Athabasca University in Alberta, Canada.

Matthew Hickey

Matthew Hickey

Sr Director of System Engineering


Matthew Hickey is a Director of Engineering, Enterprise, at Sophos. He got his start in the field of Information Security working for Securities Industry Automation Corporation (SIAC), at the time, a subsidiary of the New York and American Stock Exchanges. After working several years on Wall Street, he continued honing his skills in this field at Lockheed Martin. There he worked on several projects for the Department of Defense. This work included conducting security audits, penetration testing, and firewall deployments guides for very high profile, security conscious customers. Most recently Matthew has been working for [...]

Wendy Nather

Wendy Nather


Wendy Nather leads the Advisory CISO team at Cisco. She was previously the Research Director at the Retail ISAC, and Research Director of the Information Security Practice at 451 Research. Wendy led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS), and served as CISO of the Texas Education Agency. She was inducted into the Infosecurity Europe Hall of Fame in 2021. Wendy serves on the advisory board for Sightline Security, and is a Senior Cybersecurity Fellow at the Robert Strauss Center [...]

Chad Reaney

Chad Reaney

Sales Engineer


Chad Reaney is a sales engineer at Tripwire. He has over 20 years of experience in the infrastructure and security with experiences ranging from IT administration to consulting to system architecture. At Tripwire, he is responsible for delivering security solutions and services to help organizations protect and detect changes in cyber threats. He is based in Montreal.

Laurent Desaulniers

Laurent Desaulniers

Penetration Testing Team Director


Laurent is the Director of Penetration Testing for GoSecure. He has conducted over 400 pentesting and red team engagements over the span of 10 years and is still enthusiastic about it. Laurent is also a challenge designer for NorthSec and has given talks at RSAC, CQSI, NCFTA, HackFest, RSI, Montrehack, Owasp Montreal and NorthSec. Besides security, Laurent is interested in lockpicking, magic and pickpocketing.

Olivier Bilodeau

Olivier Bilodeau

Cybersecurity Research Lead


Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 10 years of infosec experience, he enjoys luring malware operators into his traps, writing tools for malware research, reverse-engineering all-the-things and vulnerability research. Olivier is passionate communicator having spoken at several conferences inlcluding Black Hat, Defcon, Botconf, SecTor, Derbycon, and HackFest. Invested in his community, he co-organizes MontréHack, a monthly workshop focused on hands-on CTF problem solving, and NorthSec, a large non-profit conference and CTF based in Montreal.

Karl Klaessig

Karl Klaessig

Director of Product Marketing, Security Operations


Karl is ServiceNow’s Senior Director of Product Marketing for Security and Risk and has over 15 years of experience in product positioning and marketing of enterprise security platforms, most recently from Product Marketing roles at RSA and McAfee, where he was responsible for the positioning of their security operations and automation platforms. While at RSA and McAfee he managed product positioning, launches, analyst relations and development and delivery of sales tools and online webinars.

Jay Reddy

Jay Reddy

Sr. Technical Evangelist


Jay Reddy has been associated with ManageEngine for over 5 years. As a technical evangelist, he helps IT leaders and global enterprises to outmaneuver complex cybersecurity challenges. He is a sought-after speaker on the latest Cybersecurity trends in international conferences. He has authored numerous e-books and conducted research studies that help business leaders with insight and advice on leveraging the latest technology for better IAM and cybersecurity.

Diana John

Diana John


Diana John is a passionate technologist who has deployed, operated, and troubleshot the traditional legacy infrastructure. Diana is largely vocal about the Imperative transformation as a Sales Engineer at Zscaler focusing on the Public Sector in Central Canada. Diana, who started her career with Route/Switch, broadened her horizons working on Adobe's network, Wide Area Network, Wireless, Network Access Controls, Risk Management, Cloud Migrations with multiple vendors. Large and medium sized businesses benefit from her strategy planning, roadmap visions, technical assessments, and trade off sessions. Diana inherently understands that the customer [...]

Mangatas Tondang

Mangatas Tondang

Senior Consultant


Mangatas is currently a Senior Consultant in EY Canada's Managed Detection and Response team, where he is responsible for elevating EY's Threat Hunting and Detection Engineering capabilities. He enjoys tinkering with defensive security tools and breaking offensive security tools and finding ways to detect them in his lab. Mangatas is actively involved in numerous security communities such as Sheridan College's ISSessions, Open Security Collaborative Development (OSCD) Initiative, Cyber Defense Community - Indonesia (CDEF.ID) and is a TheDFIRReport Contributor. He has presented at numerous international conferences such as HackFest, SANS TH [...]

Tim Dafoe

Tim Dafoe


Tim has more than 20 years of experience in information security, with duties ranging from C-suite briefings to red team engagements abroad. As a member of Canada's mirror committee to ISO/IEC JTC 1/SC 27 and the Cloud Security Alliance OCF WG, Tim also works to advance security standards for industry and the public sector. He has previously spoken at events including BSides Toronto, InnovationTO, GovSym, the MISA Ontario Security Conference, and the Chief Security Officer Summit.

Patrick von Sychowski

Patrick von Sychowski

Co-Founder Cultpix


Patrick von Sychowski has worked in the cinema and media industry for over 20 years. He is the Editor of the cinema news and analysis site Celluloid Junkie and co-founder of the streaming platform Cultpix.

Nicole Fishbein

Nicole Fishbein

Malware Researcher


Nicole Fishbein has spent the last six years entrenched in the security world as part of the IDF and currently discovering new malware as a part of the Intezer research team. Nicole has been part of research that led to discovering previously undetected malware such as Doki and ties between Rocke Group and the evolution of tools and techniques to target Linux-based cloud environments.

Ell Marquez

Ell Marquez

Security Researcher


Ell, a former SysAdmin, cloud builder, podcaster and container advocate has always been a security enthusiast. This enthusiasm and driven curiosity have helped her become an active member of the InfoSec community, leading her to explore the exciting world of Genetic Software Mapping at Intezer.

Maria Bada

Maria Bada

Senior Research Associate


Maria Bada is a Senior Research Associate at the Cambridge Cybercrime Centre of Cambridge University and a RISCS Fellow on cybercrime. She received her PhD from Panteion University of Athens, UK in 2013. Her research focuses on the human aspects of cybercrime and cybersecurity, as well as the effectiveness of cyber security awareness campaigns and their impact in changing online behaviour. She has collaborated with governments and International Organisations to assess national level cybersecurity capacity. She has a background in cyberpsychology, and she is a member of the British Psychological [...]

Stephan Jou

Stephan Jou

CTO Interset


Stephan Jou is CTO of Interset, a Micro Focus company, a leading-edge cybersecurity and In-Q-Tel portfolio company that uses machine learning and behavioral analytics. Jou currently leads both Interset and various analytics-related initiatives for Micro Focus’ security division. Previous to Interset, Jou has been at IBM and Cognos where he led the development of over 10 products in the areas of cloud computing, mobile, visualization, semantic search, data mining and neural networks. Jou holds a M.Sc. in Computational Neuroscience and Biomedical Engineering, and a dual B.Sc. in Computer Science and [...]

Rey Bango

Rey Bango

Sr. Director, Developer and Security Relations


Rey is a developer and security advocate at Veracode focused on helping the community build secure software and being a voice for developers within the company.

Sattwik Gavli

Sattwik Gavli

Director of Cloud Products


Sattwik is the Director of Cloud Products at Tufin. Prior to working at Tufin, Sattwik helped enterprises with their digital transformation journey into the cloud while working for companies like Oracle, Ribbon Communications, and most recently for a cloud-native security startup, Privafy Inc. At Tufin, Sattwik continues to work with Fortune 1000 companies to accelerate their adoption of security policy management in cloud.

Peter Cresswell

Peter Cresswell

Sr. Security Consultant, Architect


Peter Cresswell has over 25 years of IT Security experience, from a diverse background as an IT Manager, Security Solution Architect, Practice Manager, Security Instructor, Product Manager, and Security Auditor. With Trend Micro, Peter has focused on the big migration from perimeter to system-based security controls, across Physical, Virtual, and Cloud environments. Currently, Peter focuses on Canadian companies migrating to the Cloud, and the architectures, processes, and technologies that get them there safely. Peter is often called upon to speak to Security as it applies to Cloud and related Security [...]

Chris Ralph

Chris Ralph

Security Architect


Chris is a Senior Security Architect at ThreatConnect and consults with Fortune 500 customers on deploying their products to solve the most common and sometimes challenging use cases.  Chris has over 20 years of experience in cyber security, product integrations, threat intelligence, networking, and security operations.

Stephen Kingston

Stephen Kingston

Senior Product Manager


Steve Kingston has been responsible for Thales’ enterprise key management offerings for the last 9 years. In his role as Senior Product Manager for Key Management, Steve has led the effort to launch CipherTrust Manager, Thales' next generation key management and data encryption platform. He has led initiatives within Thales to broaden its partner ecosystem for its product offerings, engaged with partners and customers globally, and has pioneered efforts for Product Operations within his organization. In addition, he has worked in the technology sector for over 20 years, spanning a [...]

Marc Kneppers

Marc Kneppers

Chief Security Architect, TELUS


Security was not the original plan. Marc started in Astrophysics, getting degrees from the University of Calgary and Western Ontario before finally quitting with his MSc to scrounge for money in the private sector. Luckily, the Internet was waiting. Starting as a UNIX system administrator and working his way through Internet services, dot coms and the core networking teams, Marc ended up as the Security prime for TELUS' core networks. With a nod to his 20 years of experience in IT/networking security Marc was appointed a TELUS Fellow and is [...]

Morgan Wright

Morgan Wright

Chief Security Advisor


Morgan is an internationally recognized expert on cybersecurity strategy, cyberterrorism, national security, and intelligence. He currently serves as a Senior Fellow at The Center for Digital Government, Chief Security Advisor for SentinelOne, and is the chief technology analyst for several national news organizations. Morgan's landmark testimony before Congress on Healthcare.gov changed how the government collected personally identifiable information. Previously Morgan was a Senior Advisor in the US State Department Antiterrorism Assistance Program and was the Senior Law Enforcement Advisor for the 2012 Republican National Convention. In addition to 18 years [...]

Augusto Barros

Augusto Barros

VP Cybersecurity Evangelist


Augusto Barros is VP of Solutions at Securonix. Augusto is a former Gartner analyst with 20 years of experience in cybersecurity-related roles and consulting for enterprises in finance, retail, manufacturing, and healthcare. Augusto has worked on a variety of information security projects and initiatives, from security awareness campaigns to penetration testing, to security infrastructure design. The challenges of threat detection and response are his main interests and the focus of his research. He has also ventured into the application of behavior economics concepts to the security space.

Geoffrey Roote

Geoffrey Roote

Solutions Architect


Geoff has worked in the IT and IS industries for over 16 years in both red and blue team roles. In his current role as a Solutions Architect @ RiskIQ, Geoff’s focus is helping his clients from major Canadian banks achieve the best possible perimeter defenses. Based out of Toronto, he works closely alongside clients to identify unknowns, derive insights from external assets, and supports security teams to help them achieve their defensive goals. When not obsessing over the latest threats, Geoff enjoys drumming, traveling, and playing with his Boston [...]

Jen Ellis

Jen Ellis

Vice President, Community and Public Affairs


Jen Ellis is the vice president of community and public affairs at Rapid7 where she works to advance cybersecurity by building productive collaboration between those in the security community and those operating outside it. She partners extensively with security researchers, technology providers and operators, and various government entities to drive greater understanding and awareness of cybersecurity challenges. She believes effective collaboration is our best path forward to reducing cybercrime and protecting consumers and businesses. Jen is a nonresident senior fellow of the Atlantic Council, sits on the boards of the [...]

Daniel Conrad

Daniel Conrad

IAM Strategist


Dan Conrad is an IAM Strategist with One Identity.  He has been with Quest since 2007 where his roles have included Solutions Architect, Federal CTO, and IAM Strategist.  Dan’s experience started in the US Air Force working in information management.  He retired from the Air Force in 2004 and returned to government IT as a contractor to the US Army.  He is an experienced SysAdmin having administered organizations ranging from 10,000 to 150,000 users.  This experience led him to focus on large enterprises with complex solutions.  Dan holds a BS [...]

Bryan Patton

Bryan Patton

Principal Strategic Systems Consultant


Bryan Patton is a Principal Strategic Systems Consultant at Quest Software. For nearly 20 years he has helped customers shape their Microsoft environments. With particular emphasis on Active Directory and Office 365 environments, Bryan specializes in Identity and Access Management, Data Governance, Migration, and Security, including Certified Information Systems Security Professional (CISSP) certification.

Arif Khan

Arif Khan

Senior Director, NA Technical Services


Mr. Khan has over 12 years of experience designing and implementing complex security solutions. He has provided computer forensic and incident response support to Fortune 500 organizations, financial institutions, and law enforcement agencies. His experience also includes the delivery of offensive security services such as red team operations, penetration testing, and architecture review.

Jamison Utter

Jamison Utter

Sr Director Product and Solution Evangelism


Jamison brings over 25 years of IT/Security experience spanning large organizations like Sprint, SUN Microsystems, and Palo Alto Networks where he led the OT/IoT business development unit and startups like Infoblox, where he was the security evangelist for many years. His deep desire to understand a customer’s internal and external problem set make him an empathic speaker and his experience in many roles spanning sales, channel, BD, and evangelism make him a capable and competent industry visionary. With hundreds of public speaking engagements including the EU congress at the Hague, and [...]

Luis Carvajal Kim

Luis Carvajal Kim

Director, Cyber Strategy & Transformation


Luis leads teams of cybersecurity professionals as they work alongside clients to navigate the ever-evolving landscape of cyber threats to support their strategic goals and business objectives. He strives to help clients illuminate the connections between cyber risks with critical business functions to enable clients to identify, mitigate, and inform senior leaders of how threats in cyberspace manifest in threats to business operations. Prior to joining Optiv, Luis was a Senior Manager at Deloitte & Touche LLP, where he was a leader in cyber wargaming, cyber risk quantification, and cyber [...]

Liam McLaughlin

Liam McLaughlin

Privacy Consultant


Liam McLaughlin serves as a Privacy Consultant at OneTrust – the #1 most widely used privacy, security, and governance technology platform. In his role, McLaughlin advises companies large and small on EU GDPR, California Consumer Privacy Act (CCPA), Brazil LGPD, and hundreds of the world's privacy laws. He is focused on formulating efficient and effective responses to data protection requirements as well as building and scaling privacy programs. McLaughlin is a Certified Information Privacy Professional (CIPP/E, CIPM) and earned a B.A in Criminology & Law Studies from Marquette University.

Gary Sockrider

Gary Sockrider

Director, Security Technologists


Gary is an industry veteran bringing over 20 years of broad technology experience including routing and switching, wireless, mobility, collaboration, and cloud but always with a focus on security. His previous roles include solutions architect, security SME, sales engineering, consultancy, product management, IT, and customer support. Gary seeks to understand and convey the constantly evolving threat landscape, as well as the techniques and solutions that address the challenges they present. Prior to joining Netscout in 2012, he spent 12 years at Cisco Systems and held previous positions with Avaya and [...]

Andrew Williams

Andrew Williams


Andrew has over 20 years’ experience in the IT industry and joined Mimecast just under three years ago. His experience is built across the knowledge gained while in South Africa and the UK, where engagements with customers ranged from large health care providers to insurance giants and governments agencies. Having been in the IT industry for an extended period has afforded Andrew the opportunity to work in varying roles focused on deploying or architecting secure solutions prior to moving across to Mimecast. This experience has been invaluable, as he took [...]

Brian Brown

Brian Brown

Regional Solution Architect


Brian is an Enterprise Architect for McAfee Enterprise’s North America business unit. He’s been in IT since 1992 first as a customer in healthcare at the largest hospital consortium in Canada where he was Director of Security and Operations, and in a technical sales role since 2000 at various organizations such as Sun Microsystems, Bell Canada and finally at McAfee for the past 14 years. As a Certified Information Security Manager Brian brings the depth of experience necessary to help customers navigate a fast-evolving threat landscape.

Jerry Gamblin

Jerry Gamblin

Security Researcher


Jerry Gamblin is an influential security researcher and analyst, focusing on the enterprise network and application security with over 15 years of experience. His research has been presented on numerous blogs, podcasts, and security conferences. When not at work, his personal research focuses on IoT & embedded automotive systems.

Will Kapcio

Will Kapcio

Security Solutions Engineer


Will Kapcio is a Security Solutions Engineer at HackerOne — the world's most trusted hacker-powered security platform. His primary focus is on empowering government agencies and enterprise organizations to run successful bug bounty and disclosure programs to help make the internet more secure. Prior to joining HackerOne, Will was a cybersecurity consultant at EY. Will has earned a bachelor’s degree in Electrical Engineering from Villanova University, a master’s degree in Cybersecurity from Villanova University, and the CISSP certification.

Aamir Lakhani

Aamir Lakhani

Senior Security Strategist


Aamir Lakhani is a researcher at FortiGuard Labs specializing in threat actor research, reverse malware engineering, and incident response. He has over 15 years of experience as a senior security researcher and consultant. In his spare time, he is trying to master the floss dance, he has everything mastered except for the arm, legs, and hip movements.

Jeff Costlow

Jeff Costlow

Chief Information Security Officer


As a security technologist and leader for over 20 years, Jeff’s deep experience securing information and technology assets, as well as years of successful engineering leadership, have resulted in secure product deployments to thousands of customers. As the Deputy CISO at ExtraHop Networks, Jeff leads the team towards groundbreaking security and privacy services in ExtraHop's best of breed network detection and response tool.

Marc-Etienne Léveillé

Marc-Etienne Léveillé

Malware Researcher


Marc-Etienne M.Léveillé is a malware researcher at ESET. He joined ESET in 2012 and currently specializes in malware attacking unusual platforms, whether it’s fruity hardware or software from south pole birds. M.Léveillé focused his research on the reverse engineering of server-side malware to discover their inner working and operation strategy. His research led to the publication of the Operation Windigo white paper that won Virus Bulletin’s Péter Szőr Award for best research paper in 2014. While still keeping eyes open on crimeware, M.Léveillé now focuses on the analysis of targeted [...]

Stephane Asselin

Stephane Asselin

Senior Manager


Stephane Asselin, with his 29 years of experience in IT, is a Senior Manager for the entire Crowdstrike Canada Technical Team. He has national responsibility for Canada for a team that works with customer at planning, designing, and implementing Security solutions and all processes involved. At Crowdstrike, Mr. Asselin works with top Canadian strategic customers and partners, enabling them on all Modules of the Crowdstrike platform, developing technical expertise and helping them secure their local and remote workforce. Prior to Crowdstrike, Mr. Asselin worked at VMware for 10 years with [...]

Najib Hatahet

Najib Hatahet

Global SASE Go-To-Market Lead


Najib leads the newly formed Secure Access Service Edge (SASE) team at Cisco. SASE is a key part of Cisco’s future as a leader in the Network and Security industry and Hatahet is responsible for the Go-To-Market and Sales Acceleration of Cisco’s SASE, a converged network and security offering. Since joining Cisco in 2017, Hatahet has led the Cloud Security business in the Canadian market helping industry leaders adopt Cloud Security solutions to facilitate the business transformation of many customers into the cloud-first, mobile-first era. Prior to Cisco, Hatahet served [...]

Pete Nicoletti

Pete Nicoletti

CISO


Pete has 31 years of IT and MSSP experience and has been a hands-on CISO for the last 17 years. He recently joined Check Point as Field CISO of the Americas. Pete’s experience and leadership was most recently at Cybraics Defense as CISO. This company is an advanced Artificial Intelligence and Machine Learning Analytics formed as a DARPA funded project. Pete is the former CISO of Hertz Global, successfully protecting the brand in over 150 countries, 20,000 employees and 10,000 locations. Pete led Virtustream’s (now a Dell company) efforts as [...]

Christopher Hills

Christopher Hills

Deputy CTO


Christopher Hills has over 15 years of experience as a Senior Security and Architecture Engineer operating in highly sensitive environments. Chris started with BeyondTrust after his most recent role leading a Privileged Access Management (PAM) team as a Technical Director within a Fortune 500 organization. In his current position, he has responsibilities as a Senior Solutions Architect consulting on PAM implementations and reports to the Office of the CTO/CISO as acting Deputy CTO & CISO.

Corey Still

Corey Still

Security Product Lead


Corey Still is the Security Product Lead with Bell Business Markets. He leads the security product team for all Professional Service and Managed Services security products and services delivered to the market. He and his team establish strategic direction, development, and support for offerings across all layers of a customer’s infrastructure including endpoint, on premise, network, and cloud. In addition, Corey also started and led the Cyber Threat Intelligence program at Bell Canada. He joined Bell Canada in 2011 with over 15 years of experience as a senior leader at [...]

Matthew Trushinski

Matthew Trushinski

Director of Product Marketing


Matthew Trushinski is the Director of Product Marketing at Arctic Wolf where he specializes in Managed Detection and Response. Matthew has a diverse technology background, including security, IoT, AI, and carrier networks. He is passionate about the application of new technologies to solve persistent problems and the important role people play in applying them.

Mark Alba

Mark Alba

Chief Product Officer


Mark Alba is Chief Product Officer at Anomali. He joined the company in 2020 bringing with him over 20 years of experience building, managing, and marketing disruptive products and services. His proven track record includes bringing to market the security industry’s first fully integrated appliance firewall, leading the integration of global threat intelligence into perimeter security technologies, and introducing advanced analytics in support of cybersecurity operations. Throughout his career, Mark has been on the front lines of innovation, leading product efforts in both startups and large enterprise organizations, including Check [...]

Zuzana Hromcová

Zuzana Hromcová

Malware Researcher


Zuzana Hromcová is a malware researcher with ESET’s Montréal research team. Her professional journey has been shaped by both her studies – she holds a master’s degree in computer science – as well as her interest in solving logical puzzles and challenges. Three-times a Slovak sudoku champion, with numerous appearances at World Sudoku and World Puzzle Championships, she spent a decade sharpening her analytical skills for a job that was yet to come. In 2016, she joined @ESETResearch and moved on from solving logical puzzles to dissecting malicious binaries and [...]

Prima Virani

Prima Virani

Senior Security Engineer


Prima is a seasoned Security professional who has worked in a variety of industries such as Consumer Tech, Oil & Gas, Media, and Fin-tech. She is a Senior Security Engineer on the SIRT team at Segment where she enjoys creating automation tooling for Incident Response and occasionally dabbles in Security DevOps. She loves sharing her experiences with the industry and has spoken at many meetups and conferences globally including, but not limited to, Agile India 2020, MacDevOpsCon Vancouver 2019, and Grace Hopper Conference 2017.

Peter Carson

Peter Carson

President of Envision IT


Peter is President of Envision IT and Extranet User Manager, a Microsoft Office Apps & Services MVP since 2011. He is also President of the Toronto SharePoint User Group. Peter leads his team at Envision IT in the use and deep customization of Microsoft 365 and Azure, Agile, Secure Development, and CI/CD. He is well recognized as an evangelist in the Microsoft community, speaking regularly at user group meetings, conferences, Microsoft events, and local universities.

Or Katz

Or Katz

Security Researcher


Or Katz is a security veteran, with years of experience at industry leading vendors. He currently serves as Principal Lead Security Researcher for Akamai. Katz is a frequent speaker at security conferences and has published several articles and white papers on threat intelligence and defensive techniques.

Len Noe

Len Noe

White Hat Hacker


Len Noe is a White Hat Hacker and part of the Global Enablement Team for CyberArk Software; they are responsible for enabling internal staff and the starting point for escalation for all SEs in the field. They are also responsible for the global templates used by all SEs and partners, building new integrations, and use cases for all engineers. Len is an international security speaker has presented in over 20 countries and at multiple major security conferences worldwide. Prior to 2001 Len was a Black/Grey Hat Hacker and learned most [...]