Whether you’re just starting out in Cybersecurity, looking for a job change or seeking professional development advice, this year’s Career Panel will be a valuable investment in your time. We’ve put together a panel of seasoned industry experts who we guarantee will represent an experienced cross-section of career paths. You will walk away with advice, […]
It’s 2022 and we’re in an “all cloud all the time” environment – even traditional enterprises are heavily invested in hybrid cloud environments and Software as a Service. But what happens when it’s a sunny day (you know… with no clouds) and you need to figure out how to keep things running and how to […]
In this Q&A ThreatConnect will cover the evolution of security operations and the increasing importance of threat intelligence operations to help enterprises become more proactive in defending their increasing attack surface.
As adversaries become more advanced with their techniques and tactics, security professionals must draw on effective tools, processes, and emerging technologies to mount a successful defense. In this talk, we will review the challenges and the current state of threat management and threat intelligence sharing. We will also discuss how AI-based threat management can help […]
Digital Forensics, Incident Response, Troubleshooting, Compliance, and Deep Packet Inspection are important use cases for packet capture. However, as environments continue to adopt virtualized, cloud-based infrastructure, network security practitioners will find it necessary to understand the specific tactics and protocols available for use in each environment. This paper catalogs and details the state of packet […]
Application security architecture reviews are used to identify and assess security weaknesses due to architectural flaws in an application. This effort results in specific mitigation or remediation advice meant to strengthen the security posture of the application and reduce risk to the organization. As organizations increase their cloud adoption and innovate at an ever-increasing pace […]
Most Canadian organizations have a backup and recovery plan for disasters such as blackouts or flooding, but surprisingly few are prepared for an arguably greater – and more likely – threat to their livelihood: cyberattacks. While 90 percent of Canadian organizations reported falling victim to cyberattacks such as ransomware over the past year, according to […]
We often hear the attackers are successful, the company has been breached and data has been stolen or held ransom. We hear when the defends beat the attackers! In this session hear from two leaders in Cyber Security talk real world examples of the defenders defeating the attackers. You will hear from Stephan Jou, CTO […]
Every organization gets compromised – it’s how fast you detect and respond to an incident that counts. This is especially important when you look at trends like the overnight move to remote work, the rise in encrypted traffic and acceleration of cloud adoption, as well as the proliferation of enterprise IoT that have expanded the […]
In July 2022, Cloudflare was targeted in a sophisticated SMS phishing scheme in such a way that we believe most organizations would be likely to be breached. In this session we’ll detail the recent targeted phishing attack we saw at Cloudflare and more importantly, how we stopped it and steps you can take to protect […]
The Cyberconflict between Russia and Ukraine has spurred numerous “Shields up” warnings from CISA, Certs, our own CCCC, and other agencies. What is the real risk for Canadian businesses? This talk presents the current state of affairs on the cyberwar and some of the tools that can be used to mitigate this new elevated risk.
In a world of media chaos and disinformation, how do you differentiate truth from lies? How do you choose your sources of information? Never before have nation-states had a tool as far-reaching as the internet to tell stories, spread messages, and deceive friends and foes alike. Today, over 95% of Canadians and Americans are connected […]
Ransomware has evolved from a relatively minor annoyance with negligible costs into a multi-billion-dollar international criminal economy. With the advent of nation-state sponsored support for these evolving campaigns, it’s important to understand the various mitigation options so you never have to rely upon the “honour amongst thieves” in order to recover your data. Based on […]
The rise of ransomware and other tactics for cyber criminals over the past few years is an ever-growing problem that has quickly become an extremely lucrative criminal enterprise. Targeted organizations often believe that paying the ransom is the most cost-effective way to get their data back — and, unfortunately, this may also be the reality. […]
Securing code at each point in the software development lifecycle is never-ending work. Development and security teams need a way to determine what’s vulnerable, understand how to fix it and be able to scale that work as their threat landscape evolves. But what does that really mean in a world where software development moves at […]
Today’s companies must enable their customers to engage with their apps or services at any time, from any device, in a secure and safe manner. While the importance of identity within an organization’s security posture has been clear for many years, the digital rush has accelerated timeframes by dissolving security perimeters with unprecedented swiftness. As […]
A key challenge for organizations is determining if the investment in detection and response tools are performing and meeting their objective. Security teams struggle with red team and security validation processes performed in a continuous and efficient manner. How can security teams remove assumptions and shift their organization’s security program to one centered around the […]
Attackers know that the majority of modern application code is composed of open source software. Today, Checkmarx researchers witness, in real-time, attackers planting packages with malicious code into open source software supply chains. As a result, as application developers perform builds, malicious code becomes part of the applications you are publishing. Making matters even worse, […]
For over 20 years, Vulnerability Management has gone completely unchanged; sure, we have new ways to scan, detect, and report, but the ineffective process has stayed the same. What this means in today’s organizations is a flood of tickets, slow remediation, missed SLAs and constant conflict between IT and Security teams. Meanwhile, common vulnerabilities remain […]
In recent years the number of vulnerabilities, threat actors, tools, tactics, and techniques has grown exponentially. Keeping track of what is important is a daunting task for an organization of any size. At Qualys, the research team is looking at the threat landscape around the clock to prioritize what is important for our customers. This […]
Security Operations Center (SOC) teams are being stress-tested today like never before. With increasing pressure to respond to a variety of signals demanding their attention, optimizing a security operations center has proven to be increasingly challenging. The SOC strategy you implement can not only help to prevent threats from causing harm, but it can also […]
Malware that is capable of monitoring hardware devices poses a significant threat to the privacy and security of users and organizations. Common capabilities of such malware include keystroke logging, clipboard monitoring, sampling of microphone audio, and recording of web camera footage. All modern operating systems implement APIs that provide hardware access to processes and all […]
In 2021, the Canadian Center for Cyber Security released the top 10 mitigating actions that organizations should take to protect its Internet-connected networks and sensitive information from cyber security threats. Together, we will understand what these 10 actions are and validate what their impact could be on the protection of your most critical assets. This […]
In the last few years cybercriminals have, upped their monetization demands, attacked critical infrastructure, utilized supply chain attacks, and continued to inflict untold damage on businesses and consumers. The woes don’t stop there, the conflict in Ukraine has seen attacks on power grid infrastructure and destructive data wipers, causing heightened potential cyber-attack alerts to be […]
No organization can ever be complacent and think that their cybersecurity strategies are impenetrable. Regardless of how thorough the precautions, establishing a perimeter and defending it is never enough. Cyberattacks are growing in number and sophistication, with adversaries becoming more experienced at bypassing even the most sophisticated measures. Waiting for a “You’ve Been Breached Notification” […]
As part of a vendor security research team, a lot of time is spent reading up on documents released by various standards bodies. These standards are useful guides to securing the environment, but they often become the driving force behind “checkbox security.” This happens, in part, because these documents are looked down upon as boring […]
Microsoft’s efforts to aid Ukraine’s response to Russia’s attacks are tied to our commitment to security, defence of democracy, and protecting people. Join us for this session to learn how our threat intelligence and security teams are working closely with the government of Ukraine and other partners to protect organizations and citizens. Protection against cyber-attacks […]
The information security space is awash in point technology solutions. As a defender, how does one choose where to spend a limited security budget when faced with this sea of choices? How can we minimize overlap within the highly dynamic toolset we already own, rationalize vendor relationships, and decommission tools that overlap or no longer […]
The cloud is here and growing. Securing the cloud isn’t the same as securing on-premise deployments. According to recent Elastic research, 1-in-2 CISOs expect misconfigurations to be a leading cause of breaches, while an ESG research highlights that 89% of negative outcomes occur between detection and investigation. In this session James Spiteri, Product Marketing Director […]
In the face of skyrocketing cyber risk, detecting and responding to attacks is no longer enough. Organizations must take proactive steps to prevent threats before they happen, and to recover if compromised. In this session, Darktrace unveil an ambitious new approach to security, with core engines powering AI technologies to prevent, detect, respond, and ultimately […]
Software Bill of Materials (SBOMs) provide numerous security benefits such as software transparency, software integrity, and software identity. SBOMs are being included in a lot of regulatory requirements, such as the U.S. Presidential Executive Order 14028 and the U.S. Food and Drug Administration (FDA) for medical devices. Come learn about the specific benefits SBOMs provide, […]
In 2022, most of us have bought goods and services online or using mobile apps, for convenience, for safety (e.g., pandemic) or as a matter of personal preference. As mobile payments and integrations with third-party payment processors become more and more prevalent, common AppSec mistakes from the past reappear under new forms. Merchants who overlook […]
At the intersection between business and pleasure, mobile social applications access the most sensitive information about us and the world we live in. Hackers are focused on Mobile attacks now more than ever, as they represent the next frontier for security risk.
We are reliant upon cryptography for so much, yet new and exciting technologies are poised to up-end the world we know. The most celebrated current issue in the use of cryptography is quantum computing but this is only one of many. To be successful, it is important that we understand what quantum computing, quantum key […]
For years, organizations have struggled to meet the requirements of regulatory compliance, incident response, security, and best practice for their critical data. And now, with the huge upsurge in the number of innovative fintech applications in use and the pressure to migrate to the cloud or to manage a hybrid solution, data security and compliance […]
By effectively communicating the association between cyber and physical and human systems, SRM leaders effectively improve senior stakeholders’ awareness, gain buy-in and get their risk management initiatives funded to better protect human and physical systems. As our networks continue to become more hybrid and the number of endpoints increases logarithmically due to the explosion of […]
Cloud security requires different tools, processes and skills than on-prem. How are organizations progressing in their security capabilities along this cloud transition? To find out, we collaborated with research firm IDC on a Canada-wide study to benchmark cloud security activity and outcomes. During this session we will discuss the security gaps that can appear as […]
The layers of security we’ve deployed over the last 30 years must be re-evaluated since many organizations have fallen victim to cyber-attacks. How will today’s cyber security solutions solve the many business problems? This discussion highlights the pros and cons of the past solutions vs the present.
Businesses today rely heavily on technology and data. Though most organizations have developed strategies to access critical data during an outage caused by natural disasters or power disruptions, these strategies have proven to be ineffective during a cyber-attack. Interconnected users, servers, cloud devices, and continuous web access results in an environment that is open for […]
The discovery of the Log4Shell vulnerability was a wake-up call for many organizations. It was an opportunity not only for criminals, but also for hackers who look to help organizations uncover vulnerabilities before they can be exploited. Log4Shell forced many organizations to address how they use third-party and open-source software. Most organizations have recovered from […]
Today, all companies are susceptible to cyberattacks. Despite the presence of SOC teams monitoring for zero day threats, vulnerabilities, and unusual activities 24/7. So what can you do to help your team accelerate incident response? Join me to discuss how you can: Quickly assess your risk exposure to identify CIs in zero day vulnerabilities, such as […]
Feedback from Canadian organizations in the 2022 TELUS Canadian Ransomware Study highlighted the importance of having a comprehensive Vulnerability Management Program (VMP) in order to defend against ransomware. Today, approximately 50% of Canadian organizations have a formal VMP in place, but how can these organizations take their programs from good to great? Join Kim Schreader, […]
Global and technological uncertainty is being weaponized by adversaries. Digital Transformation, Global Supply Chain issues, Mandated Lockdowns, and State Sponsored attacks are creating windows of opportunities for adversaries to exploit. We will discuss evolving attack trends and how defenders can employ core security pillars to mount a rigorous defense. Rigid defenses are obsolete and easily […]
At a time when work was still a place to go to, apart from a thing to get done, organizations could afford to protect their most sensitive data using firewalls, IDS and IPS systems, and VPNs. But today, when there are no corporate network boundaries, and data can be stored and accessed from anywhere, traditional […]
Even though cloud computing isn’t all that new anymore, learning how to use it effectively can be overwhelming. It’s unfortunately very easy to make mistakes. The vast majority of cloud security failures are configuration mistakes of some kind or another, so developing the discipline of correct configuration is the best thing companies can do to […]
With each passing year, the number of cybersecurity events continues to increase despite record breaking spend on cybersecurity tools. So why do threats continue to be successful even if we are investing heavily in detecting them? The answer is simple, we are not always monitoring in the correct places. This session will discuss the 5 […]
Compliance with industry standards as well as various government regulations also requires a robust servicing and patching strategy. Beyond compliance, you must understand the risk to your resources from poor servicing. To help with this effort, standards exist to help assess risk. However, vendors can manipulate these standards, which can lead to errors when enterprises […]
The blistering pace and expanding scope of cyberthreats and ransomware attacks is forcing cyber insurance companies to steeply increase their rates and premiums, and even drop coverage for high-risk organizations. Underwriting requirements to be approved for cyber insurance are becoming more stringent. In this upcoming session with Chris Hills, Chief Security Strategist at BeyondTrust hear […]
New Operational Technology (OT) systems support TCP/IP connectivity and are often interfaced with corporate IT networks. While this convergence brings many advantages from an operational perspective, it also exposes companies to considerable cyber risks if not managed properly. In his presentation, the speaker will highlight the main differences between IT and OT systems, most of which […]
Expressions such as “the growing threat landscape” are commonplace in cybersecurity conversations. In fact, organizations are living in a world where “threat inflation” is the reality and there is no reason to believe it will change anytime soon. How can we handle this without making our cybersecurity teams become the highest number in our budget? […]
By day Max Cizauskas is the manager of Threat Prevention at IGM Financial, implementing blue team policies and practices and advising on how projects can apply security across their cloud dev ops endeavours. By night Max focuses on helping people bridge the gap to get into information security. He shares his perspective on the most important practices that can be implemented across all practices through being a committee member of the Toronto Area Security Klatch (TASK) and the BSides Toronto annual conference, as well as the host of the infrequent [...]
CEO at Autohost.ai
Roy is a strategist, seasoned hacker and expert in cyber security, business development and project management. He has a background in security, programming, research, management, marketing and sales with a unique ability to manage multi-disciplinary projects while navigating complex cyber challenges. Roy’s passion lies in Big Data and Machine Learning, especially when applied to cyber security. As a multi-linguist of technology-driven business, he speaks fluent geek, marketer, designer, salesperson and investor.
Assistant VP Cloud Computing
Andrea is currently the CISO at Oanda which provides innovative trading, currency data and analytics solutions to our customers. She is a #1 International Best Selling author of two books "Empowering Women to Succeed- Leap" and "365 empowering stories". As a transformation leader with 30 years of experience in the financial sector she specializes in Security, Cloud and Dev Ops. Andrea is a passionate advocate and ally for Diversity and Inclusion in STEM throughout her career by mentoring and coaching others to succeed. Organizations have a very long way to [...]
Tom Tran is penetration tester and cybersecurity expert who provides expert advice and ethical hacking services to the Government of Ontario and its various agencies, boards, and commissions. Tom has had a passion for the cybersecurity space since the early BBS days, trading hacking text files on his brand new 386 over his 2400 baud modem. More recently, his work involves convincing software companies that getting an NT Authority\SYSTEM terminal is a security vulnerability instead of a feature.
Afeerah Waqar is a Security Operations Intern at Aiven.io, and is one of the youngest member on the team. She is currently finishing her Honours Bachelor in Cyber Security as well as working on earning her certifications to become a strong and well versed member of the world that is Cyber Security. Afeerah is a talented individual who is inquisitive, passionate, results-driven and brings a bright spark to all her ideas. Professionally, she is aspiring to be a threat hunter who focuses on abuse operations in hopes to one day [...]
James Arlen is Aiven.io’s CISO bringing a mix of security and engineering background to DBaaS (database as a service). Over the past twenty plus years, James has been delivering information security solutions to Fortune 500, TSE 100, and major public-sector organizations. James is best described as: “Infosec geek, hacker, social activist, author, speaker, and parent.” His areas of interest include organizational change, social engineering, blinky lights and shiny things. In addition to his work at Aiven.io, James is a Contributing Analyst at the research firm Securosis, blogger/podcaster with Liquidmatrix Security [...]
VP, Sales Engineering
Lara Meadows is a Vice President of Sales Engineering for ThreatConnect, a risk, threat and response solution provider. She has worked in the cybersecurity industry for 20 years, starting in network security and expanding more broadly into Security Operations. She began as a security systems engineer for McAfee and has worked with great companies like Cisco, Symantec, ArcSight (Hewlett Packard/Micro Focus) to build and deploy custom cybersecurity solutions for Fortune 500 companies and Federal agencies. As an engineering leader, she has built cyber security teams who support worldwide security operations. [...]
Director of Product Management
Devin Somppi leads the team that combines advanced technologies, products, and systems to develop and deliver Decisive’s technology- and vendor-agnostic network security solutions. He brings extensive experience in security architectures, based on his work as an IT security operations analyst at Export Development Canada, a senior network security analyst at Bell Canada, and a server administrator at BoxFabric. Devin has conducted in-depth network security audits, developed and deployed cybersecurity protection and response systems (including IBM QRadar), implemented zero-trust networks, and trained as a white-hat hacker.
Ida Siahaan is a Research Director in the Security & Privacy practice at Info-Tech Research Group. Ida has a breadth of experience in research and development in the areas of operational technology security, threat intelligence, and security and privacy. She has worked in research and development, project management, and education where she led multiple cybersecurity research teams and contributed to several research projects funded by European Union to research on Security and Services for Mobile Systems, Threat Intelligence, and Privacy Policies.
Sr. Product Manager
Chris Boucek is a Sr. Product Manager at eSentire, The Authority in Managed Detection and Response, where he has been focused on XDR markets and protecting the critical data and applications of organizations globally. Chris has a diverse background in cybersecurity, digital forensics, incident response and has served as a skilled liaison between C-suite stakeholders and technical teams. Prior to working in product management, Chris covered various roles within the industry and has a decade of experience in IT leadership, infrastructure support and holds several industry certifications from ITIL, Cisco, [...]
Bernardo Santos Wernesback is a Sr. Security Consultant with over 20 years of experience in the areas of information security, security architecture, cloud, risk management and incident management. His deep knowledge of cloud infrastructure and applications support the development and deployment of cloud security initiatives. Bernardo also has extensive technical experience in performing cybersecurity risk assessments and investigating cybersecurity breaches. Bernardo has supported the public sector, start-ups, and the manufacturing, financial and technology sectors. Bernardo is a Certified Information System Security Professional (CISSP), CompTIA Security+, and a Project Management Professional [...]
Principal Field Security Architect
As a Principal Field Security Architect at CDW, Nyron has over 18 years in the field of cybersecurity and holds a degree in Electrical Engineering, Master’s in Computer Networks, is SABSA certified and holds various vendor certificates. During the last 10 years he has been involved in designing, deploying and consulting in some of Canada’s largest organizations (including legal, financial, news and media, manufacturing, etc.), government agencies and cities, and national defence, by helping them improve their security posture, reduce cyber risk, meet compliance and develop roadmap and/or strategies for [...]
CTO Security Analytics
Stephan Jou is CTO Security Analytics at Interset, Micro Focus, and leads AI for cyber strategy and development of ArcSight Intelligence, a leading-edge cybersecurity and In-Q-Tel funding project that uses machine learning and behavioral analytics. Previous to Interset, Jou has been at IBM and Cognos where he led the development of over 10 products in the areas of cloud computing, mobile, visualization, semantic search, data mining and neural networks. Jou holds a M.Sc. in Computational Neuroscience and Biomedical Engineering, and a dual B.Sc. in Computer Science and Human Physiology, all [...]
Director of Threat Hunt
Paul Reid is the Director of Threat Hunt, at CyberRes. Paul is veteran of the complex, fast-paced world of cybersecurity, having served as a technology strategist for more than two decades for innovative technology companies. In these roles, he leveraged his deep expertise in cybersecurity, biometrics, network security, cryptography, and more, to guide customers, partners, industry analysts, and journalists through the intricate cybersecurity landscape. Paul has been published numerous times and has shared his perspectives as keynote speakers at prominent industry conferences, such as the NATO Information Assurance Symposium, SANS@Night, [...]
Kanen Clement Director, Specialist Sales Engineering
Kanen is an experienced systems engineer based out of Nashville, TN with a degree in computer science and a strong background in Healthcare IT operations and higher education. Prior to joining ExtraHop Kanen worked as a Systems Architect for a large healthcare system. He prides himself with having a broad technical skill-set and a knack for problem-solving. Most of all, he enjoys exploring the world of wire data with his customers and watching their reactions to the unbelievable insights it provides.
Field Chief Technology Officer
John Engates joined Cloudflare in September of 2021 as Field Chief Technology Officer and is responsible for leading the Field CTO organization globally. Prior to Cloudflare, John was Client CTO at NTT Global Networks and Global CTO at Rackspace Technology, Inc. Earlier in his career, John helped launch one of the first Internet service providers in his hometown of San Antonio, Texas. John is a graduate of the University of Texas at San Antonio and lives in Texas with his wife and two daughters. He is passionate about technology and [...]
Executive Vice President
David Poellhuber is an entrepreneur with a background in technology. In the aftermath of the dotcom bubble, in 2003, he founded Zerospam. Which has grown rapidly to become a recognized leader in the Canadian messaging security market. In 2021, Zerospam was acquired by Hornetsecurity and extended its cybersecurity services to offer a full suite of security, data protection and compliance solutions. David enjoys as much a good challenge as sharing his vision on new cybersecurity issues along with the high level expertise of his team. He has remained on board [...]
Threat Intelligence Analyst
Charity Wright is a threat intelligence analyst with over fifteen years of experience in the US Army and the National Security Agency, where she served as a Chinese Linguist and Intelligence Analyst. She has been analyzing cyber threats in the private sector since 2015, with a focus on Chinese state-sponsored threats and dark web cybercrime. Charity now researches Chinese state-sponsored threats, influence operations, and strategic intelligence at Recorded Future. Charity lives near Dallas, Texas with her 2 kids and 3 dogs.
Fernando is a Senior Principal Analyst on Omdia’s cybersecurity research team, based in Toronto, Canada. He focuses on the Infrastructure Security Intelligence Service, which provides vendors, service providers, and enterprise clients with insights and data on network security, content security, and more. Fernando’s experience in enterprise security environments includes network security, security architecture, cloud security, endpoint security, content security, and antifraud. He has a deep interest in the economic aspects of cybersecurity and is a regular speaker at industry events. Before joining Omdia in 2021, Fernando was an industry analyst [...]
Partner, Cybersecurity Risk & Advisory Services
Raheel Qureshi is a Partner leading Cybersecurity Portfolio at iSecurity Inc (a Calian Company) and has over 15 years of experience helping organizations excel in the areas of cybersecurity, Cloud and Digital IT architecture in a variety of industries including financials, Public, private, and healthcare sector. He has an established record in leading Digital Forensics and Incident Response (DFIR) along with Threat Hunting Services with a view on assisting organizations manage Cyber Risk and get out of the woods.
Carson Pickens leads product management at Veracode. In this role he is responsible for the conception of and execution against Veracode’s product roadmap. A relative new-comer to the application security space, Carson has led product organizations in a number of industries including bio-technology, consumer healthcare and insurance. In all of these roles consistently found strong that applying data products to solve difficult challenges has been an effective strategy in delivering value. Carson resides in the Boston metropolitan area with his wife and three young children.
Senior Director of Product
Matt is the Senior Director of Product Marketing at Okta, focused on helping organizations deliver a customizable balance between security, privacy, and convenience for end users. Matt has worked directly with customers and partners in more than 40 countries, and over his 20-year career, has held senior security marketing and cyber security roles at Arctic Wolf, Bell Canada, Sandvine, and Miovision. He spends his spare time with his family, golfing, snowboarding, and cheering on the Toronto Blue Jays and Kansas City Chiefs.
Stephen has been working in the cybersecurity industry for nearly a decade helping organizations find solutions for email, perimeter, application, and network security. Currently he strives to enhance all aspects of a security strategy by empowering teams and individuals to utilize offensive tactics and techniques on various layers of a security stack to better understand adversary behavior.
When I was younger, I was blown away when a friend showed me a Commodore 64 computer. It was at the point; I knew I would work in the IT industry. I have over 20 years of development experience in my career in various technologies. I brought that experience with me to Checkmarx to take on new challenges in the DevAppSec space.
VP of Managed Security Services
Mitchell is the VP of Managed Security Services at White Tuque. Mitch’s career has focused on Vulnerability Management, helping hundreds of customers properly implement and optimize programs for increased value and reduced risk. With the needs of modern organizations expanding, Vulnerability management as a practice needs to adapt as well, and the team at White Tuque, run by Mitch, is at the leading edge of modern risk-based vulnerability management programs.
Director, Malware Threat Research
Travis is the Director of Malware Threat Research at Qualys. He has spent the past 15 years in the security industry with a focus on digital forensics and incident response. He holds a wide array of certifications ranging from GIAC Certified Penetration Tester to the CISSP, as well as an MBA with a concentration in information security. Travis has presented his research at conferences worldwide at venues such as BlackHat, RSA, and SecTor.
Principal Sales Engineer
As Principal Security Engineer at Sophos, Andrew focuses on threat prevention and investigation technologies. He provides security teams and CISOs from wide-ranging industries with practical, real-world advice on preventing, detecting and responding to the latest cybersecurity threats. Prior to joining Sophos in 2008, Andrew held positions overseeing infrastructure and innovation technologies at the United Kingdom's Office of Communications and providing infrastructure engineering for a leading global provider of information services.
Andrew Case is a senior incident response handler and malware analyst. He has conducted numerous large-scale investigations that span enterprises and industries. Andrew's previous experience includes penetration tests, source code audits, and binary analysis. Andrew is the co-developer of Registry Decoder, a National Institute of Justice funded forensics application, as well as a developer on the Volatility memory analysis framework. He is a co-author of the highly popular and technical forensics analysis book "The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory". He has [...]
Victor has worked in the security field for the past 9 years and specialized in information security for the last 5. He holds a B.Sc. and a M.Eng. in cyber security. Victor is fond of anything-technology and is primarily focused on helping organizations protect critical systems and sensitive information from attackers. In his spare time, Victor enjoys writing blog posts on his Medium and practice various sports.
Chief Security Evangelist
Tony Anscombe is the Chief Security Evangelist for ESET, an industry-leading IT security software and services company for businesses and consumers worldwide. With over 20 years of security industry experience, Anscombe is an established Author, Blogger and Speaker on the current threat landscape, security technologies and products, data protection, privacy and trust, and Internet safety. His speaking portfolio includes industry conferences RSA, CTIA, MEF, GlobSEC and Child Internet Safety (CIS). He has been quoted in security, technology and business media, including BBC, the Guardian, the Times and USA Today, with broadcast appearances on Bloomberg, BBC, [...]
Country Manager, Exabeam
Steven Flowers is a 20+ year veteran of the cybersecurity industry, currently serving as the Country Manager of Canada for Exabeam. He will be sharing his insights on how automation, machine learning and analytics can accelerate Threat Detection, Investigation and Response (TDIR).
Matt is a member of Tripwire's security research team and a frequent presence on the Tripwire State of Security blog. A graduate of the University of North Georgia and Kennesaw State University, Matt has contributed to much of Tripwire’s research including accurately detecting and reporting on the existence of Log4Shell and Spring4Shell vulnerabilities. On the Tripwire State of Security blog, some of Matt’s more popular articles have included his deep dives into the CIS Controls and his write-up on the Drovorub malware.
National Security Officer,Microsoft Canada
John Hewie is the National Security Officer at Microsoft Canada leading the company’s strategy in country to develop trust in Microsoft. In this role John, provides thought leadership and innovation partnering with internal teams to build cybersecurity programs that help protect Canadian organizations and comply with Canadian government and regulatory security and privacy requirements. John also works extensively with Canadian regulators to align rules with modern technology capabilities using a transparent and risk balanced approach. In addition, he manages cyber security collaboration and joint R&D programs with governments and the [...]
Jeff is the CTO of GoSecure. His twenty-year information security career started at the Microsoft Corporation where he spearheaded the first internal malicious testing of Windows 2000. In 1998, Jeff worked with the FBI to create the InfraGard Program, receiving commendations from the Attorney General and the Director of the FBI. He authored “The Microsoft Windows 2000 Security Handbook” and contributed to several books including “The Cyber Security Policy Guidebook.” In 2014, while under contract with the Internet Corporation for Assigned Names and Numbers (ICANN), Jeff’s team found the serious [...]
Product Marketing Director
James is a Product Marketing Director at Elastic, focusing on Security. Previous to that, he served as a security specialist on our Solutions Architecture team for two years, helping customers and users across the globe architect their Elastic deployments for Security analytics. Before joining Elastic, James had been building custom SIEM platforms for security operations centers (SOCs) across various different sectors and industries. James is also the creator of whichphish.com, eqlplayground.io and log4shell.threatsearch.io
Director of Enterprise Security
David Masson is Darktrace’s Director of Enterprise Security, and has over two decades of experience working in fast moving security and intelligence environments in the UK, Canada and worldwide. With skills developed in the civilian, military and diplomatic worlds, he has been influential in the efficient and effective resolution of various unique national security issues. David is an operational solutions expert and has a solid reputation across the UK and Canada for delivery tailored to customer needs. At Darktrace, David advises strategic customers across North America and is also a [...]
Principal PM Manager
Adrian Diglio has 15+ years of cybersecurity experience across the public sector, defense industrial base, intelligence community, and commercial sector. Currently, he is a Principal PM Manager at Microsoft and leads the Secure Software Supply Chain (S3C) team to drive the central end-to-end supply chain security strategy at scale for Microsoft. In 2020, he was involved in the CISQ Tool-to-Tool (3T) SBOM industry working group and led the development of the vulnerability schema. In 2021, he led the SBOM implementation at Microsoft to conform to the U.S. Presidential Executive Order. [...]
Craig is an experienced security consultant & researcher who specializes in infrastructure and application penetration testing and threat and vulnerability management. He has extensive experience with mobile testing, specifically API and Android testing. In his spare time, he enjoys finding vulnerabilities in everyday household apps. Craig previously was the President of the (ISC)2 Toronto Chapter.
Information Security Professional
Yuk Fai is an information security consultant with proven experience advising clients on application security, vulnerability management, threat modelling, penetration testing, incident response, breach preparedness, and cyber security programs. He has also been the Co-Leader of the Open Web Application Security Project (OWASP) Toronto Chapter since 2011.
Head of Engineering, Office of the CTO
Robert Falzon is currently the Head of Engineering within the office of the CTO for Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 25 years of experience in large scale network security architecture, design, and deployment projects for government and business organizations spanning the globe. Currently leading a large team of the most talented cyber security engineers in the industry, Robert and his team are responsible for educating the market and media on the latest cyber security trends, while architecting solutions for [...]
Dr. Whitfield Diffie is best known for his discovery of the concepts of public key cryptography and digital signatures; which he developed along with Stanford University Electrical Engineering Professor Martin Hellman. Public key cryptography, which revolutionized not only cryptography but also the cryptographic community, now underlies the security of internet commerce. Diffie is winner of the 2015 Turing Award, often referred to as the Nobel Prize of Computing. Among his many other honors, Diffie is also an elected Foreign Member of the Royal Society, a IEEE Hamming Medal winner, a [...]
SVP Data Security GTM and Field CTO
Terry Ray is SVP of Data Security GTM and Field CTO, he’s also an Imperva Fellow for Imperva Inc. Uniquely, organizations today have very strict regulations, steep fines, complex environments and highly valued data that attracts bad behavior. Terry applies his decades of security experience to these organizations and their cyber security challenges. As a technology SVP & Fellow, Terry supports all of Imperva’s business functions with his more than 2 decades of security industry experience and expertise. Previously he served as Imperva’s Chief Technology Officer where he was responsible [...]
Principal Solutions Architect
David Ortega has been a cybersecurity professional for more than 20 years, with deep expertise in digital innovation utilizing modern cloud, data, and security solutions. David has had the pleasure of working with various industry leaders in finance, healthcare, government, higher education, and manufacturing services. His highly sought-after expertise is in security advisory services, architecture and solutions engineering, and digital transformation data-centric solutions that drives business value and manages risks.
National Cybersecurity Strategist
David Senf is the National Cybersecurity Strategist at Bell. He is responsible for analyzing the long arch of technology trends to help define Bell’s security services roadmap and help large business customers meet their complex security objectives. Prior to Bell, David was Vice President of security research at IDC where he gained extensive leadership experience in researching / quantifying market trends as well as benchmarking Canadian organizations' capabilities. David is a frequent speaker at conferences, webinars, and podcasts and is a sought-after resource with media, namely CBC, The Star, Globe [...]
Principal Sales Engineer
Elie Nasrallah is a Principal Sales Engineer at SentinelOne, a software security company providing AI-powered solutions. Elie is a CISSP with over 27 years of experience in Cyber Security. His security career began in the 90's when he managed a firewall for the Canadian Cable Television Association. Since then, he has designed and implemented large scale security solutions across various industry sectors and all security domains including PKI, Sandboxing, Enterprise and Cloud etc... He's been a speaker at security conferences such as RSA, HITRUST, EPIC, Data Connectors, Healthcare Security Summit, [...]
Senior Manager, Cybersecurity
Jessica is a senior cyber security leader with more than a decade of experience in crisis management, incident response, and security operations. As a strategic leader, she has created, managed, and led cyber security operations programs for global organizations, including in the financial, industrial, logistics, and real estate industries, and more. She effectively integrates strategy, program design, governance, and operations to implement resilient enterprise solutions. Prior to joining Optiv, Jessica directed global incident response teams at Cisco during crises and provided strategic leadership to reduce risk and improve processes and [...]
Jobert Abma is a co-founder and principal engineer at HackerOne, the leader in Attack Resistance Management. He is an avid hacker, developer, and advocate for transparent and safe vulnerability disclosure. As a hacker himself, Jobert has reported critical vulnerabilities to GitLab, Yahoo!, Slack, and Snapchat, among others. Before founding HackerOne, he was a successful penetration tester for a company he founded, with customers including Twitter, Facebook, Evernote, and Airbnb. He studied computer science at Hanze University Groningen.
Director of Product Marketing, Security Operations
Karl is an accomplished and results-oriented professional with over 20 years experience in software Product Marketing. He has demonstrated success in product positioning and launches, design and production of sales tools, analyst relations, and campaign development and execution for enterprise solutions (including cyber security and threat intelligence platforms). Karl has developed strong relationships throughout the cybersecurity industry with leading analysts, technology partners and peers to drive thought leadership and customer adoption. and has identified, implemented, and executing go-to-market strategies that drive sales and customer success.
Director, Cybersecurity Professional Services
Kim Schreader is Director of the Cybersecurity Professional Services team at TELUS. She has more than 15 years of experience in Information Security and Professional Services, working with a variety of clients in both the Public and Private Sector. She has completed certifications in Certified in the Governance of Enterprise IT (CGEIT) and is a Payment Card Industry Professional (PCI), in addition to completing a Baccalaureate in Social Sciences, Honours Criminology. She has a proven track record supporting client security posture and challenges in Governance Risk and Compliance (GRC), Payment [...]
Director of Systems Engineering
Rafi Wanounou is an accomplished security executive with 20 years of experience working with Fortune 25 companies to analyze, decode, and respond to Advanced adversaries from North America’s premier Security Operations and Threat Intelligence Centres. Rafi has implemented and created advanced security and monitoring infrastructure protecting sensitive corporate and government data on a global basis. Rafi holds several advanced industry certifications from the SANS institute.
Cybersecurity Technical Consultant
Ram Vaidyanathan is a Cybersecurity technical consultant at ManageEngine, the IT management division of Zoho Corporation. He keeps himself updated about the latest techniques attackers use to compromise organizations and how we can defend ourselves. His responsibility includes informing product roadmap decisions and helping customers deploy and get the most value from ManageEngine Log360, a comprehensive SIEM solution.
Steve Riley is a Field CTO at Netskope. Having worked at the intersection of cloud and security for pretty much as long as that’s been an actual topic, Steve offers that perspective to field and executive engagements and also supports long-term technology strategy and works with key industry influencers. A widely-renowned expert speaker, author, researcher, and analyst, Steve came to Netskope from Gartner, where for five years he maintained a collection of cloud security research that included the Magic Quadrant for Cloud Access Security Brokers and the Market Guide for [...]
Christopher Fielder has been in the cybersecurity world for over 22 years with experience from a range of military, government, and corporate environments. Christopher holds 18 industry certifications including the CISSP, GPEN, GISP, GCFE, GSEC, GCIH, CEH, and more; along with a Master’s Degree in Information Security. Today he is Field, CTO for Arctic Wolf where he enjoys researching emerging security trends and highlighting the expertise of the Arctic Wolf team
Dustin C. Childs is a part of Trend Micro’s Zero Day Initiative (ZDI), which is the world's largest vendor-agnostic bug bounty program. In his current role, Mr. Childs creates, implements, and oversees communications programs that promote the work of ZDI and its researchers. He also heads the team’s threat awareness and vulnerability management efforts. The ZDI team augments Trend Micro’s security products with 0-day research through a network of over 10,000 independent researchers around the world. Dustin began his infosec journey in the late 1990's at the Air Force Information [...]
Chief Security Strategist
Christopher L. Hills has more than 20 years’ experience as a Technical Director, Senior Solutions Architect, and Security Engineer operating in highly sensitive environments. Chris is a military veteran of the United States Navy and started with BeyondTrust after his most recent role leading a Privileged Access Management (PAM) team as a Technical Director within a Fortune 500 organization. In his current position, he has responsibilities as a Chief Security Strategist (America’s) working with Customer, Marketing, and Executives on Thought Leadership, Market Trends, Company Vision and Strategy reporting to the [...]
Gaétan is a CISO Advisor in Cisco’s Security Organization. As part of his 35 years of experience in all aspects of security, he has held several senior positions in the Canadian Federal Government, including Chief Engineer in Communications Security with the Department of National Defence, Director Corporate Security with the Department of Foreign Affairs and Consul at the Canadian Embassy in Peru, following the 1996-97 terrorist crisis in Lima. In the private sector, he has worked as Chief Security Officer for several multinational corporations such as Bombardier Aerospace, Airbus Group [...]
VP Cybersecurity Evangelist
Augusto Barros is VP, Cyber Security Evangelist at Securonix. Augusto is a former Gartner analyst with 20 years of experience in different cybersecurity-related roles. Augusto has worked on a variety of information security projects and initiatives, from security awareness campaigns, to penetration testing, to security infrastructure design. The challenges of threat detection and response are his main interests and the focus of his research. He has also ventured into the application of behavior economics concepts to the security space. Augusto has taught courses and presented at numerous security conferences, including Black Hat Europe, RSA Conference, and Gartner [...]