For enterprises with hybrid workforces and ubiquitous cloud services, protecting the edge is no longer enough. Security teams must deliver safer access to business resources and enforce security policies consistently. A data-first SASE architecture goes beyond access to control usage of data everywhere and ensures only the right people have access to the right data, […]
Carding is one of the earliest forms of cybercrime. Since the 1980s, cybercriminals have developed various fraud tactics to steal and monetize credit card information. To prevent these types of attacks, financial institutions have developed anti-fraud measures to detect and prevent fraudulent transactions. These security precautions include checking various parameters like IP address, operating system, […]
The way we move our mouse, use our keyboard, and touch our phones is unique to us. Behavioral biometrics allows security systems to identify computer users across a wide variety of devices uniquely. While AI can help secure computer infrastructure, they are vulnerable to data-based type attacks. By capturing user interaction data, an attacker may […]
The decisions made in the seconds, minutes, and hours of a security breach carry long-term operational, legal, regulatory, and public relations repercussions. Making the wrong move in the heat of the moment can cost a fortune; it can even end a career. Featuring real-world best practices from the breach response team responsible for defending hundreds […]
During these years when a holiday just can’t be any scarier than the other 364 days, it’s easy to forget that some spectres aren’t what they seem. Some of them are Old Lady Nather under the ghost sheet. Others are clowns, but not the kind that inhabits your nightmares, just the expo halls. If you’ve […]
Bridge the Gap Between IT Security and Infrastructure Teams and Unify Your Security Efforts with a Vulnerability Management Solution. Chances are you know Tripwire as the progenitor of file integrity monitoring. But over the course of Tripwire’s history, we’ve focused on how we can help security teams maximize their productivity to more effectively address today’s […]
Over the last five years, we have publicly disclosed the details about dozens of software vulnerabilities with varying degrees of severity and their effect on a wide range of vendors including Oracle, Pulse Secure, Microsoft, Antidote, and Akamai. We have acquired hard-earned experience on the difficulty faced dealing with clients and vendors, the risks and […]
Responding to security incidents and vulnerabilities is an ongoing process which becomes increasingly more difficult to manage in a Hybrid environment. Reacting too slowly to a critical incident or vulnerability can have drastic consequences, but how do we make sure that we are working on the most critical threats first? Join us to learn how […]
With employees working remotely, the amount of data that flows through the cloud is exploding. The classic paradigm of corporate perimeters and traditional network architecture is now a thing of the past. Keeping up with this evolution is imperative and organizations are looking to implement an agile and holistic threat defense. SASE is a security […]
Perennial threats like ransomware have evolved to hold pace with our adoption and migration to cloud. They have continued to be a thorn in our sides even as platforms and user behaviour has changed. While cloud and malware security solutions have a major part to play, there is also a less intuitive initiative that has […]
This talk will uncover the amazing detection capability available from Azure AD Reports and how any organization can utilize it in the most efficient ways to help detect malicious actors. On top of that, the talk will walk attendants through a tool that can be used to help threat hunters and analysts anywhere to work […]
Rogue digital cinema server A15591 hadn’t just been modified to unlock encrypted feature films before release – it gave rise to a sprawling, parallel theatre distribution operation, one with its own insiders and security. How was it possible to unravel the heavily protected path from post-production to silver screen? Why did the scheme fail? At […]
This presentation will discuss how reliance on cloud services and traditional hardening practices leads to increased successful attacks. We’ll look at how even non-APT attackers now invest more time and effort into creating custom malware, and we’ll discuss the solution to how companies can adjust their security posture to address cloud environments’ continuously changing threat […]
The threat landscape is expanding, even though the cybersecurity community enhances the efforts to address cyberattacks. The majority of cyberattacks begin with a spear-phishing email, which is commonly used to infect organizations with ransomware. The importance of establishing a cybersecurity ecosystem has been acknowledged by all sectors. Currently, the Covid-19 pandemic has demonstrated the different […]
The use of artificial intelligence (AI) for cybersecurity, such as to detect insider threats and advanced attacks, is now an accepted and important tool for our industry. However, at the same time as we are realizing the power of AI, we need to become increasingly aware of its ethical challenges. To illustrate the importance of […]
Most AppSec programs forget that there is only one team that can fix security findings: the development team. While an AppSec strategy based on scanning will help you find flaws, the best approach also avoids creating flaws in the first place. Yet developers often don’t have the training they need to prevent, identify, or remediate […]
Today’s networks are expanding beyond on-prem to include cloud and hybrid deployments. While enterprises seek to balance agility and security, they are also faced with skills shortages and the need to work with the technology of multiple vendors. Automation is key to addressing these challenges while offering cloud, network, and security teams the ability to […]
XDR has extended Trend Micro’s detection and response capabilities by capturing more telemetry from more security controls than ever. Come to our presentation to learn how Vision One is extending its reach through the Open Cybersecurity Aliiance’s STIX-Shifter to query third-party data lakes providing a more comprehensive risk vision for your organization.
How smart is your Security Orchestration, Automation, and Response (SOAR) platform? The answer to that question is critical to determining how protected your organization is from the next data breach or ransomware attack. Imagine for a moment that you’re sitting in a restaurant between sessions at a major industry conference and you receive an email […]
To meet the scale of current and future data security threats, evolving global and regional privacy regulations, and cloud adoption brought on by remote working, organizations need an easier and unified approach to discover, protect, and control their sensitive data. Let’s discuss how Thales has pushed the innovation envelope with its new CipherTrust Data Security […]
When adopting a Zero Trust approach to cybersecurity, there are several key things to consider. Join TELUS’ Marc Kneppers as he highlights the important things to think about when implementing a Zero Trust architecture. Find out how TELUS is implementing Zero Trust in our organization and hear about the results of a Zero Trust Assessment […]
As a kid I always assumed that when you shot a rocket into space, other than the capsule, all the other parts burned up on re-entry into the atmosphere. Elon Musk asked why couldn’t you just reuse the rocket? And SpaceX was launched. To change cybersecurity, we must change our mindset. In 30 minutes, I […]
The security market is full of solutions to support threat detection and response: EDR, NDR, SIEM, XDR, SOAR, you name it. But just deploying tools is not enough to get results. Organizations must ensure they have the appropriate coverage of threats and technologies to detect and respond to incidents and minimize impact. This session introduces […]
Cybersecurity pros’ time is in high demand, as such the need to automate information gathering and attribution becomes greater every day. One question that confounds many pros is how to get started, what do you need in your stack to help you get the answers you need quickly? SOAR, Threat Intelligence, a SIEM, EDR/XDR, IDS, […]
In 2020, ransomware attackers made more than $350 million and caused terrible disruption, particularly in healthcare. Combatting this blight requires a comprehensive, multi-faceted strategy adopted in collaboration by governments around the world. To this end, the Ransomware Task Force brought together experts from governments, private, and nonprofit sectors to identify actions that would help to […]
Virtually every headline-generating breach is the result of misuse or abuse of privileged credentials. Proper PAM practices would have gone a long way towards preventing, speeding recovery, and minimizing damages from these incidents. In this session, we’ll discuss recent ransomware attacks, looking at what went wrong and how earlier detection of privileged account misuse could […]
With all the recent headlines, it seems the risk of ransomware has become an added certainty to the daily lives of Cybersecurity personnel. Adversaries are automating the initial stages of the cyber-attack lifecycle to identify the best bang for their buck. How do organizations with limited resources even keep up? Adding another tool to the […]
Ransomware attacks have been proliferating over the past five years, becoming an easy source of revenue for cybercriminals, and putting businesses at risk. How did we get here? What can security teams do differently to detect and respond to attacks more effectively? In this session, Ordr Evangelist Jamison Utter shares research on why ransomware exists […]
State, local, and federal government agencies have been dealing with benefit program fraud for as long as the programs have existed. But as these programs have moved online, fraudsters have increasingly become more sophisticated cybercriminals and employed cyber threat tactics to commit their crimes…but they have also begun leaving digital fingerprints. Join this session to […]
As the importance of data protection grows globally, several jurisdictions have introduced, or announced their intention to introduce, their first general data protection legislation. This presentation seeks to provide a global overview of the latest regulatory developments and upcoming data protection legislation, as well as the GDPR centric approach of many new data protection laws. […]
Traditional ransomware attacks – where the cybercriminal breaches a network, encrypts data, and demands payment for a decryption code – is a tough challenge. Add a threat to expose data and the situation is even more critical. But if that was not enough, now threat actors are adding DDoS attacks to the mix to ratchet […]
The threat landscape is continually evolving with devastating speed and is continually changing focus to new targets. It’s not just your perimeter that is at risk, your employees are under attack, your supply chain is vulnerable, and your business reputation could be easily tarnished with just one breach. Single solutions will not stop all the […]
Ransomware isn’t a new threat, but recent big-name attacks like Colonial Pipeline have brought it top-of-mind for security leaders. With limited time, budget, and expertise to work with, security teams are struggling to develop effective protection, detection, and response strategies for both known and unknown threat actors. The most effective ransomware defense strategies leverage a […]
Risk-Based Vulnerability Management (RBVM) encompasses more than you probably think. In this entertaining and informative talk, we will do a deep dive into the foundational concepts and underlining theories of quantifying risk, and then share how implementing practical RBVM programs are essential to secure the modern network.
Did you know that 80% of CISOs say that software projects have been hindered by concerns over inevitable security issues? Vulnerabilities don’t need to slow you down. Join HackerOne for a discussion on “Why the future of DevOps needs Hackers.” Key Takeaways: How organizations collaborate with hackers How bug bounty data insights empower development teams […]
This talk will examine how cybersecurity researchers gather threat intelligence using a variety of open-source tools and open-source intelligence techniques on hacker forums, darknet websites, Reddit, and other forums. Researchers are constantly being asked to look at threats and understand the relationship between threats and threat actors. We will head down the yellow brick road […]
The SolarWinds SUNBURST attack was a rude awakening for many security teams, and it won’t be the last time Security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With threats persisting inside the network for months, security teams need a new plan. In this session, CISO Jeff Costlow discusses strategies, […]
When researching malware, we often find ways to remotely identify if a system is compromised, especially when looking at server-side threats. This requires thoroughly reverse engineering the network protocol of malware to understand how to properly trigger a behaviour or response that could be used as a fingerprint. This presentation will show how we built […]
Security used to be easier when everything could be put into a datacenter and always protected. In today’s modern digital transformation, people can work anywhere, and apps live everywhere – on-prem, in the cloud, and multi-cloud, complex environments. This has forced security to go through its own transformation. As security deployment gets more complicated, it […]
Digital business transformation and the shift to a distributed workforce are driving networking and security to the cloud. The Secure Access Service Edge (SASE) model consolidates networking and security functions – traditionally delivered in siloed point solutions – into a single integrated cloud-delivered service. Join this session to hear pitfalls to avoid when starting the […]
This talk will technically review the latest Supply Chain and Ransomware attacks, some new Financial Sector Specific threats, the steep rise in “Triple Extortion Events” and the advanced and automatic requirements for event prevention strategy and tactics. This presentation will use public and anonymized private information as well as technical analysis from Check Point Research. […]
What is best practice? Best practices range from organization to organization as a result of each organizations risk appetite and risk tolerance. Learn about an effective approach to the most often asked questions surrounding access management strategy, maturity and priorities, and security risks. In this revealing presentation you’ll learn how to answer the question of […]
Detection and response is ripe for disruption or at least better tool integration. In this context, XDR makes sense as a means to help security analysts reduce dwell time and conduct more threat hunting. Looking ahead, how do security operations change, and what is the role of SIEM, SOAR, EDR, and NDR in an XDR […]
Cyber risk is a business risk. Unfortunately, the cybersecurity industry has shown an effectiveness problem in reducing it for organizations. Every year new technologies, vendors, and solutions emerge, and yet despite this constant innovation we continue to see high profile breaches in the headlines. In this session we will cover the practical approaches you can […]
Is your lack of automation holding your threat intelligence, security operations, and the rest of your organization back? Many of today’s organizations understand the value of intelligence-driven extended detection and response or XDR but are running into challenges when leveraging it. Anomali’s Chief Product Officer, Mark Alba, will share how XDR allows you to identify […]
Internet Information Services (IIS) is a Microsoft web server software for Windows with an extensible, modular architecture, allowing developers to replace or extend core IIS functionality. This session looks at how the same extensibility is misused by malicious threat actors to intercept or modify network traffic flowing through the IIS servers. These powers allow IIS […]
The repetitive nature of response tasks is one of the biggest causes of fatigue and burnout among Incident Responders. Anyone who’s been on-call on a Security team can remember how many hours they’ve spent opening the same tabs, clicking the same buttons, copy+pasting the same indicator data, and performing other similar tasks repeatedly. Imagine if […]
In this talk we’ll focus on leveraging Azure AD in Platform as a Service projects. We’ll start with Logic Apps as a no-code Web API platform for implementing your privileged code in a zero-trust architecture. Azure AD provides secure authentication between low-trust client-side code and Logic Apps, and Logic Apps should use delegated or service […]
Biohackers exist and walk among us. Most security professionals would not allow users into their environment with offensive security tools. How do you address individuals who have surgically implanted such devices into their bodies? I have multiple sub-dermal implants that range from NFC, HID/Prox and RFiD devices. This allows me to become the attack vector. […]
Benoît H. Dicaire leads the Canadian Sales Engineering at Forcepoint. Being just as much at ease in the boardroom, then a war room or even the server room, he collaborates with senior managers and specialists to bring clarity to your information protection program. Benoît is a former independent consultant with 30 years of experience. He believes that cybersecurity builds trust and sets businesses apart.
Bryan Oliver is a senior analyst at Flashpoint focusing on threat intelligence within dark web communities. Prior to coming to Flashpoint, he spent two years as a consultant in Moscow, Russia, where he had the privilege to work with some of Russia's largest companies in technology and finance. He received an MA from the University of Chicago in 2019 focusing on International Relations and Economics and has a background in software development.
Justin is an independent cybersecurity researcher focusing on cyber-fraud. His main interests revolve around cyber-fraud data management, analytics, behavioral biometrics, natural language processing, and adversarial machine learning. Justin supports organizations in strengthening their data and machine learning capabilities to better defend against next-generation cyber threats.
Managing Director, Cycura Inc.
Iain is a Cyber Security veteran with more than 17 years of experience in Information Security. He has designed and run security operations programs in large Banking, Healthcare, and Government organizations. His experience as a practitioner brings a critical understanding of the needs and challenges of organizations to Cycura's consulting practice. As Managing Director of Cycura’s professional services group, Iain acts as project executive on Offensive Security and Incident response initiatives. Iain holds information security designations from ISC2, SABSA, and ISACA and an MBA from Athabasca University in Alberta, Canada.
Sr Director of System Engineering
Matthew Hickey is a Director of Engineering, Enterprise, at Sophos. He got his start in the field of Information Security working for Securities Industry Automation Corporation (SIAC), at the time, a subsidiary of the New York and American Stock Exchanges. After working several years on Wall Street, he continued honing his skills in this field at Lockheed Martin. There he worked on several projects for the Department of Defense. This work included conducting security audits, penetration testing, and firewall deployments guides for very high profile, security conscious customers. Most recently Matthew has been working for [...]
Wendy Nather leads the Advisory CISO team at Cisco. She was previously the Research Director at the Retail ISAC, and Research Director of the Information Security Practice at 451 Research. Wendy led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS), and served as CISO of the Texas Education Agency. She was inducted into the Infosecurity Europe Hall of Fame in 2021. Wendy serves on the advisory board for Sightline Security, and is a Senior Cybersecurity Fellow at the Robert Strauss Center [...]
Chad Reaney is a sales engineer at Tripwire. He has over 20 years of experience in the infrastructure and security with experiences ranging from IT administration to consulting to system architecture. At Tripwire, he is responsible for delivering security solutions and services to help organizations protect and detect changes in cyber threats. He is based in Montreal.
Penetration Testing Team Director
Laurent is the Director of Penetration Testing for GoSecure. He has conducted over 400 pentesting and red team engagements over the span of 10 years and is still enthusiastic about it. Laurent is also a challenge designer for NorthSec and has given talks at RSAC, CQSI, NCFTA, HackFest, RSI, Montrehack, Owasp Montreal and NorthSec. Besides security, Laurent is interested in lockpicking, magic and pickpocketing.
Cybersecurity Research Lead
Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 10 years of infosec experience, he enjoys luring malware operators into his traps, writing tools for malware research, reverse-engineering all-the-things and vulnerability research. Olivier is passionate communicator having spoken at several conferences inlcluding Black Hat, Defcon, Botconf, SecTor, Derbycon, and HackFest. Invested in his community, he co-organizes MontrÃ©Hack, a monthly workshop focused on hands-on CTF problem solving, and NorthSec, a large non-profit conference and CTF based in Montreal.
Director of Product Marketing, Security Operations
Karl is ServiceNow’s Senior Director of Product Marketing for Security and Risk and has over 15 years of experience in product positioning and marketing of enterprise security platforms, most recently from Product Marketing roles at RSA and McAfee, where he was responsible for the positioning of their security operations and automation platforms. While at RSA and McAfee he managed product positioning, launches, analyst relations and development and delivery of sales tools and online webinars.
Sr. Technical Evangelist
Jay Reddy has been associated with ManageEngine for over 5 years. As a technical evangelist, he helps IT leaders and global enterprises to outmaneuver complex cybersecurity challenges. He is a sought-after speaker on the latest Cybersecurity trends in international conferences. He has authored numerous e-books and conducted research studies that help business leaders with insight and advice on leveraging the latest technology for better IAM and cybersecurity.
Diana John is a passionate technologist who has deployed, operated, and troubleshot the traditional legacy infrastructure. Diana is largely vocal about the Imperative transformation as a Sales Engineer at Zscaler focusing on the Public Sector in Central Canada. Diana, who started her career with Route/Switch, broadened her horizons working on Adobe's network, Wide Area Network, Wireless, Network Access Controls, Risk Management, Cloud Migrations with multiple vendors. Large and medium sized businesses benefit from her strategy planning, roadmap visions, technical assessments, and trade off sessions. Diana inherently understands that the customer [...]
Mangatas is currently a Senior Consultant in EY Canada's Managed Detection and Response team, where he is responsible for elevating EY's Threat Hunting and Detection Engineering capabilities. He enjoys tinkering with defensive security tools and breaking offensive security tools and finding ways to detect them in his lab. Mangatas is actively involved in numerous security communities such as Sheridan College's ISSessions, Open Security Collaborative Development (OSCD) Initiative, Cyber Defense Community - Indonesia (CDEF.ID) and is a TheDFIRReport Contributor. He has presented at numerous international conferences such as HackFest, SANS TH [...]
Tim has more than 20 years of experience in information security, with duties ranging from C-suite briefings to red team engagements abroad. As a member of Canada's mirror committee to ISO/IEC JTC 1/SC 27 and the Cloud Security Alliance OCF WG, Tim also works to advance security standards for industry and the public sector. He has previously spoken at events including BSides Toronto, InnovationTO, GovSym, the MISA Ontario Security Conference, and the Chief Security Officer Summit.
Patrick von Sychowski has worked in the cinema and media industry for over 20 years. He is the Editor of the cinema news and analysis site Celluloid Junkie and co-founder of the streaming platform Cultpix.
Nicole Fishbein has spent the last six years entrenched in the security world as part of the IDF and currently discovering new malware as a part of the Intezer research team. Nicole has been part of research that led to discovering previously undetected malware such as Doki and ties between Rocke Group and the evolution of tools and techniques to target Linux-based cloud environments.
Ell, a former SysAdmin, cloud builder, podcaster and container advocate has always been a security enthusiast. This enthusiasm and driven curiosity have helped her become an active member of the InfoSec community, leading her to explore the exciting world of Genetic Software Mapping at Intezer.
Senior Research Associate
Maria Bada is a Senior Research Associate at the Cambridge Cybercrime Centre of Cambridge University and a RISCS Fellow on cybercrime. She received her PhD from Panteion University of Athens, UK in 2013. Her research focuses on the human aspects of cybercrime and cybersecurity, as well as the effectiveness of cyber security awareness campaigns and their impact in changing online behaviour. She has collaborated with governments and International Organisations to assess national level cybersecurity capacity. She has a background in cyberpsychology, and she is a member of the British Psychological [...]
Stephan Jou is CTO of Interset, a Micro Focus company, a leading-edge cybersecurity and In-Q-Tel portfolio company that uses machine learning and behavioral analytics. Jou currently leads both Interset and various analytics-related initiatives for Micro Focus’ security division. Previous to Interset, Jou has been at IBM and Cognos where he led the development of over 10 products in the areas of cloud computing, mobile, visualization, semantic search, data mining and neural networks. Jou holds a M.Sc. in Computational Neuroscience and Biomedical Engineering, and a dual B.Sc. in Computer Science and [...]
Sr. Director, Developer and Security Relations
Rey is a developer and security advocate at Veracode focused on helping the community build secure software and being a voice for developers within the company.
Director of Cloud Products
Sattwik is the Director of Cloud Products at Tufin. Prior to working at Tufin, Sattwik helped enterprises with their digital transformation journey into the cloud while working for companies like Oracle, Ribbon Communications, and most recently for a cloud-native security startup, Privafy Inc. At Tufin, Sattwik continues to work with Fortune 1000 companies to accelerate their adoption of security policy management in cloud.
Sr. Security Consultant, Architect
Peter Cresswell has over 25 years of IT Security experience, from a diverse background as an IT Manager, Security Solution Architect, Practice Manager, Security Instructor, Product Manager, and Security Auditor. With Trend Micro, Peter has focused on the big migration from perimeter to system-based security controls, across Physical, Virtual, and Cloud environments. Currently, Peter focuses on Canadian companies migrating to the Cloud, and the architectures, processes, and technologies that get them there safely. Peter is often called upon to speak to Security as it applies to Cloud and related Security [...]
Chris is a Senior Security Architect at ThreatConnect and consults with Fortune 500 customers on deploying their products to solve the most common and sometimes challenging use cases. Chris has over 20 years of experience in cyber security, product integrations, threat intelligence, networking, and security operations.
Senior Product Manager
Steve Kingston has been responsible for Thales’ enterprise key management offerings for the last 9 years. In his role as Senior Product Manager for Key Management, Steve has led the effort to launch CipherTrust Manager, Thales' next generation key management and data encryption platform. He has led initiatives within Thales to broaden its partner ecosystem for its product offerings, engaged with partners and customers globally, and has pioneered efforts for Product Operations within his organization. In addition, he has worked in the technology sector for over 20 years, spanning a [...]
Chief Security Architect, TELUS
Security was not the original plan. Marc started in Astrophysics, getting degrees from the University of Calgary and Western Ontario before finally quitting with his MSc to scrounge for money in the private sector. Luckily, the Internet was waiting. Starting as a UNIX system administrator and working his way through Internet services, dot coms and the core networking teams, Marc ended up as the Security prime for TELUS' core networks. With a nod to his 20 years of experience in IT/networking security Marc was appointed a TELUS Fellow and is [...]
Chief Security Advisor
Morgan is an internationally recognized expert on cybersecurity strategy, cyberterrorism, national security, and intelligence. He currently serves as a Senior Fellow at The Center for Digital Government, Chief Security Advisor for SentinelOne, and is the chief technology analyst for several national news organizations. Morgan's landmark testimony before Congress on Healthcare.gov changed how the government collected personally identifiable information. Previously Morgan was a Senior Advisor in the US State Department Antiterrorism Assistance Program and was the Senior Law Enforcement Advisor for the 2012 Republican National Convention. In addition to 18 years [...]
VP Cybersecurity Evangelist
Augusto Barros is VP of Solutions at Securonix. Augusto is a former Gartner analyst with 20 years of experience in cybersecurity-related roles and consulting for enterprises in finance, retail, manufacturing, and healthcare. Augusto has worked on a variety of information security projects and initiatives, from security awareness campaigns to penetration testing, to security infrastructure design. The challenges of threat detection and response are his main interests and the focus of his research. He has also ventured into the application of behavior economics concepts to the security space.
Geoff has worked in the IT and IS industries for over 16 years in both red and blue team roles. In his current role as a Solutions Architect @ RiskIQ, Geoff’s focus is helping his clients from major Canadian banks achieve the best possible perimeter defenses. Based out of Toronto, he works closely alongside clients to identify unknowns, derive insights from external assets, and supports security teams to help them achieve their defensive goals. When not obsessing over the latest threats, Geoff enjoys drumming, traveling, and playing with his Boston [...]
Vice President, Community and Public Affairs
Jen Ellis is the vice president of community and public affairs at Rapid7 where she works to advance cybersecurity by building productive collaboration between those in the security community and those operating outside it. She partners extensively with security researchers, technology providers and operators, and various government entities to drive greater understanding and awareness of cybersecurity challenges. She believes effective collaboration is our best path forward to reducing cybercrime and protecting consumers and businesses. Jen is a nonresident senior fellow of the Atlantic Council, sits on the boards of the [...]
Dan Conrad is an IAM Strategist with One Identity. He has been with Quest since 2007 where his roles have included Solutions Architect, Federal CTO, and IAM Strategist. Dan’s experience started in the US Air Force working in information management. He retired from the Air Force in 2004 and returned to government IT as a contractor to the US Army. He is an experienced SysAdmin having administered organizations ranging from 10,000 to 150,000 users. This experience led him to focus on large enterprises with complex solutions. Dan holds a BS [...]
Principal Strategic Systems Consultant
Bryan Patton is a Principal Strategic Systems Consultant at Quest Software. For nearly 20 years he has helped customers shape their Microsoft environments. With particular emphasis on Active Directory and Office 365 environments, Bryan specializes in Identity and Access Management, Data Governance, Migration, and Security, including Certified Information Systems Security Professional (CISSP) certification.
Senior Director, NA Technical Services
Mr. Khan has over 12 years of experience designing and implementing complex security solutions. He has provided computer forensic and incident response support to Fortune 500 organizations, financial institutions, and law enforcement agencies. His experience also includes the delivery of offensive security services such as red team operations, penetration testing, and architecture review.
Sr Director Product and Solution Evangelism
Jamison brings over 25 years of IT/Security experience spanning large organizations like Sprint, SUN Microsystems, and Palo Alto Networks where he led the OT/IoT business development unit and startups like Infoblox, where he was the security evangelist for many years. His deep desire to understand a customer’s internal and external problem set make him an empathic speaker and his experience in many roles spanning sales, channel, BD, and evangelism make him a capable and competent industry visionary. With hundreds of public speaking engagements including the EU congress at the Hague, and [...]
Director, Cyber Strategy & Transformation
Luis leads teams of cybersecurity professionals as they work alongside clients to navigate the ever-evolving landscape of cyber threats to support their strategic goals and business objectives. He strives to help clients illuminate the connections between cyber risks with critical business functions to enable clients to identify, mitigate, and inform senior leaders of how threats in cyberspace manifest in threats to business operations. Prior to joining Optiv, Luis was a Senior Manager at Deloitte & Touche LLP, where he was a leader in cyber wargaming, cyber risk quantification, and cyber [...]
Liam McLaughlin serves as a Privacy Consultant at OneTrust – the #1 most widely used privacy, security, and governance technology platform. In his role, McLaughlin advises companies large and small on EU GDPR, California Consumer Privacy Act (CCPA), Brazil LGPD, and hundreds of the world's privacy laws. He is focused on formulating efficient and effective responses to data protection requirements as well as building and scaling privacy programs. McLaughlin is a Certified Information Privacy Professional (CIPP/E, CIPM) and earned a B.A in Criminology & Law Studies from Marquette University.
Director, Security Technologists
Gary is an industry veteran bringing over 20 years of broad technology experience including routing and switching, wireless, mobility, collaboration, and cloud but always with a focus on security. His previous roles include solutions architect, security SME, sales engineering, consultancy, product management, IT, and customer support. Gary seeks to understand and convey the constantly evolving threat landscape, as well as the techniques and solutions that address the challenges they present. Prior to joining Netscout in 2012, he spent 12 years at Cisco Systems and held previous positions with Avaya and [...]
Andrew has over 20 years’ experience in the IT industry and joined Mimecast just under three years ago. His experience is built across the knowledge gained while in South Africa and the UK, where engagements with customers ranged from large health care providers to insurance giants and governments agencies. Having been in the IT industry for an extended period has afforded Andrew the opportunity to work in varying roles focused on deploying or architecting secure solutions prior to moving across to Mimecast. This experience has been invaluable, as he took [...]
Regional Solution Architect
Brian is an Enterprise Architect for McAfee Enterprise’s North America business unit. He’s been in IT since 1992 first as a customer in healthcare at the largest hospital consortium in Canada where he was Director of Security and Operations, and in a technical sales role since 2000 at various organizations such as Sun Microsystems, Bell Canada and finally at McAfee for the past 14 years. As a Certified Information Security Manager Brian brings the depth of experience necessary to help customers navigate a fast-evolving threat landscape.
Jerry Gamblin is an influential security researcher and analyst, focusing on the enterprise network and application security with over 15 years of experience. His research has been presented on numerous blogs, podcasts, and security conferences. When not at work, his personal research focuses on IoT & embedded automotive systems.
Security Solutions Engineer
Will Kapcio is a Security Solutions Engineer at HackerOne — the world's most trusted hacker-powered security platform. His primary focus is on empowering government agencies and enterprise organizations to run successful bug bounty and disclosure programs to help make the internet more secure. Prior to joining HackerOne, Will was a cybersecurity consultant at EY. Will has earned a bachelor’s degree in Electrical Engineering from Villanova University, a master’s degree in Cybersecurity from Villanova University, and the CISSP certification.
Senior Security Strategist
Aamir Lakhani is a researcher at FortiGuard Labs specializing in threat actor research, reverse malware engineering, and incident response. He has over 15 years of experience as a senior security researcher and consultant. In his spare time, he is trying to master the floss dance, he has everything mastered except for the arm, legs, and hip movements.
Chief Information Security Officer
As a security technologist and leader for over 20 years, Jeff’s deep experience securing information and technology assets, as well as years of successful engineering leadership, have resulted in secure product deployments to thousands of customers. As the Deputy CISO at ExtraHop Networks, Jeff leads the team towards groundbreaking security and privacy services in ExtraHop's best of breed network detection and response tool.
Marc-Etienne M.Léveillé is a malware researcher at ESET. He joined ESET in 2012 and currently specializes in malware attacking unusual platforms, whether it’s fruity hardware or software from south pole birds. M.Léveillé focused his research on the reverse engineering of server-side malware to discover their inner working and operation strategy. His research led to the publication of the Operation Windigo white paper that won Virus Bulletin’s Péter Szőr Award for best research paper in 2014. While still keeping eyes open on crimeware, M.Léveillé now focuses on the analysis of targeted [...]
Stephane Asselin, with his 29 years of experience in IT, is a Senior Manager for the entire Crowdstrike Canada Technical Team. He has national responsibility for Canada for a team that works with customer at planning, designing, and implementing Security solutions and all processes involved. At Crowdstrike, Mr. Asselin works with top Canadian strategic customers and partners, enabling them on all Modules of the Crowdstrike platform, developing technical expertise and helping them secure their local and remote workforce. Prior to Crowdstrike, Mr. Asselin worked at VMware for 10 years with [...]
Global SASE Go-To-Market Lead
Najib leads the newly formed Secure Access Service Edge (SASE) team at Cisco. SASE is a key part of Cisco’s future as a leader in the Network and Security industry and Hatahet is responsible for the Go-To-Market and Sales Acceleration of Cisco’s SASE, a converged network and security offering. Since joining Cisco in 2017, Hatahet has led the Cloud Security business in the Canadian market helping industry leaders adopt Cloud Security solutions to facilitate the business transformation of many customers into the cloud-first, mobile-first era. Prior to Cisco, Hatahet served [...]
Pete has 31 years of IT and MSSP experience and has been a hands-on CISO for the last 17 years. He recently joined Check Point as Field CISO of the Americas. Pete’s experience and leadership was most recently at Cybraics Defense as CISO. This company is an advanced Artificial Intelligence and Machine Learning Analytics formed as a DARPA funded project. Pete is the former CISO of Hertz Global, successfully protecting the brand in over 150 countries, 20,000 employees and 10,000 locations. Pete led Virtustream’s (now a Dell company) efforts as [...]
Christopher Hills has over 15 years of experience as a Senior Security and Architecture Engineer operating in highly sensitive environments. Chris started with BeyondTrust after his most recent role leading a Privileged Access Management (PAM) team as a Technical Director within a Fortune 500 organization. In his current position, he has responsibilities as a Senior Solutions Architect consulting on PAM implementations and reports to the Office of the CTO/CISO as acting Deputy CTO & CISO.
Security Product Lead
Corey Still is the Security Product Lead with Bell Business Markets. He leads the security product team for all Professional Service and Managed Services security products and services delivered to the market. He and his team establish strategic direction, development, and support for offerings across all layers of a customer’s infrastructure including endpoint, on premise, network, and cloud. In addition, Corey also started and led the Cyber Threat Intelligence program at Bell Canada. He joined Bell Canada in 2011 with over 15 years of experience as a senior leader at [...]
Director of Product Marketing
Matthew Trushinski is the Director of Product Marketing at Arctic Wolf where he specializes in Managed Detection and Response. Matthew has a diverse technology background, including security, IoT, AI, and carrier networks. He is passionate about the application of new technologies to solve persistent problems and the important role people play in applying them.
Chief Product Officer
Mark Alba is Chief Product Officer at Anomali. He joined the company in 2020 bringing with him over 20 years of experience building, managing, and marketing disruptive products and services. His proven track record includes bringing to market the security industry’s first fully integrated appliance firewall, leading the integration of global threat intelligence into perimeter security technologies, and introducing advanced analytics in support of cybersecurity operations. Throughout his career, Mark has been on the front lines of innovation, leading product efforts in both startups and large enterprise organizations, including Check [...]
Zuzana Hromcová is a malware researcher with ESET’s Montréal research team. Her professional journey has been shaped by both her studies – she holds a master’s degree in computer science – as well as her interest in solving logical puzzles and challenges. Three-times a Slovak sudoku champion, with numerous appearances at World Sudoku and World Puzzle Championships, she spent a decade sharpening her analytical skills for a job that was yet to come. In 2016, she joined @ESETResearch and moved on from solving logical puzzles to dissecting malicious binaries and [...]
Senior Security Engineer
Prima is a seasoned Security professional who has worked in a variety of industries such as Consumer Tech, Oil & Gas, Media, and Fin-tech. She is a Senior Security Engineer on the SIRT team at Segment where she enjoys creating automation tooling for Incident Response and occasionally dabbles in Security DevOps. She loves sharing her experiences with the industry and has spoken at many meetups and conferences globally including, but not limited to, Agile India 2020, MacDevOpsCon Vancouver 2019, and Grace Hopper Conference 2017.
President of Envision IT
Peter is President of Envision IT and Extranet User Manager, a Microsoft Office Apps & Services MVP since 2011. He is also President of the Toronto SharePoint User Group. Peter leads his team at Envision IT in the use and deep customization of Microsoft 365 and Azure, Agile, Secure Development, and CI/CD. He is well recognized as an evangelist in the Microsoft community, speaking regularly at user group meetings, conferences, Microsoft events, and local universities.
Or Katz is a security veteran, with years of experience at industry leading vendors. He currently serves as Principal Lead Security Researcher for Akamai. Katz is a frequent speaker at security conferences and has published several articles and white papers on threat intelligence and defensive techniques.
White Hat Hacker
Len Noe is a White Hat Hacker and part of the Global Enablement Team for CyberArk Software; they are responsible for enabling internal staff and the starting point for escalation for all SEs in the field. They are also responsible for the global templates used by all SEs and partners, building new integrations, and use cases for all engineers. Len is an international security speaker has presented in over 20 countries and at multiple major security conferences worldwide. Prior to 2001 Len was a Black/Grey Hat Hacker and learned most [...]