Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, September 10, 2020
    8:30 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:00 am
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:00 am
    OPENING KEYNOTE:
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    9:45 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor
    10:00 am
    Practical Considerations When Verifying Your Vendors’ Cybersecurity Controls
    • session level icon
    speaker photo
    Sr. Director, Client Security, Equifax
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    As businesses grow, it becomes increasingly cheaper, more convenient, and more efficient to rely on third parties to take on certain business functions. However, the security of your organization’s assets is only as strong as the weakest link in your vendor chain.
    Embracing the “trust-but-verify” approach, this session offers helpful tips and areas to focus on when validating your vendors’ cybersecurity controls.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:00 am
    Y2Q Problem and Its Security and Operational Implications for the Enterprise
    • session level icon
    speaker photo
    Founder & Director, Cybersecurity Research Lab, Ryerson University
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am
    10:00 am
    Navigating Maze: Can You Recover from Ransomware?
    speaker photo
    IT Director & CISO, Maple Reinders Group
    Registration Level:
    10:00 am - 10:30 am
    One-fifth of companies have been hit with ransomware, and yet most companies still rely on hoping they won’t be hit rather than addressing shortcomings and following best practices. The industry has said for years that “it is not if, but when you will be breached,” so let’s set some goals and follow some simple steps to at least make ourselves a less desirable target than the companies that are “giving in.” If we agree that protection is not a guarantee, then we must also accept that recovery is CRITICAL and that the work starts now.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:00 am
    [Panel Discussion] What Our Security Team Learned During COVID-19
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    This panel features honest dialogue about securing an organization through the pandemic, so far. What changed at an organizational level that required security to pivot? What kind of immediate impacts did the security team face and how were those overcome? How did security maintain adequate communication and controls in the midst of this rapid change? What are the greatest lessons for security coming out of COVID-19? Where do we go from here?

    10:30 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am
    10:45 am
    5G: The Hype, the Reality, and Its Impact on Security
    • session level icon
    speaker photo
    VP, Product & Industrial Security, GE
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    There is a lot of hype around 5G. Wireless companies are advertising 5G networks as revolutionary, trade magazines promising 5G enables an IoT explosion, and enterprises and consumers alike are scrambling to gather information to make good decisions. In this talk, we’ll discuss the technology which enables 5G and how those technologies affect security for enterprises and end users.

    10:45 am
    New Remote Workforce: Privacy and Security Risks and Mitigations
    • session level icon
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    The sudden growth in the remote workforce exposed critical cybersecurity and privacy concerns that should be considered. This presentation will provide an overview of key legal considerations with remote work when it comes to privacy and security, as well as discuss some solutions to help mitigate risk as your employees work from home.

    10:45 am
    Incident Response in a Work from Home World
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Chris Shull, vCISO of Salem Medical Center and long-time Information Security consultant, will talk about how incident response has changed when so many people are working from home, so you’re ready for when it happens to you.

    This presentation will highlight the most critical preparations companies need to ensure they are up to the challenges of an incident when everyone is WFH.

    • How can you preparing to detect and respond to incidents using the 1-10-60 rule?
    • Who do you need to include in your Incident Response Team?
    • How do you prepare your IR Team for the incidents and breaches?
    • How do you prioritize between different kinds of incidents?
    • What to do if you can’t get interest, attention or resources?

    Common-sense processes and best-practices (to the extent they are known) will be discussed.

    Who should attend:
    Professionals looking to grow, build or enhance their organization’s readiness to respond to and handle cyber incidents.

    11:15 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am
    11:30 am
    [Mid-Day Keynote] The Changing Landscape of Cybercrime and Its Impact
    • session level icon
    speaker photo
    Detective Constable, Coordinated Cyber Centre (C3), Toronto Police Service, Former VP of IT at Capital G Bank
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:15 pm

    The average loss from a bank robbery is about $3,000. The average loss from a successful Business Email Compromise (BEC) attack is nearly $130,000. Numbers like that show why BEC and other cyber crimes are rampant and on the rise—and every type of organization is at risk.
    Join Kenrick Bagnall, Detective Constable of Toronto Police Service’s Coordinated Cyber Centre (C3), as he shares true crime examples of emerging cyber threats impacting both Canada and the U.S., as well as some of the challenges that are inherent in this space.

    Kenrick will share insight into how the Toronto Police Service Cybercrime Unit is evolving to better support the community it serves. He will also discuss industry best practices that can help organizations prepare to face and respond to inevitable predatory cyber threats.

    The key audience take away will be how to avoid complacency when it comes to defense against cyber threats and to always have a response plan that is current, robust, tested, and involves law enforcement in the process.

    12:15 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 12:30 pm
    12:30 pm
    Security for, from, and with Machine Learning and Artificial Intelligence Technologies
    • session level icon
    speaker photo
    Director of Information Security, NFI
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    As companies look to increase their operational efficiencies and competitive advantage, many are turning to machine learning (ML) and artificial intelligence (AI) to make better decisions faster. With this shift comes new challenges for businesses and security professionals to ensure these technologies remain effective, safe, unbiased, and ethical. Additionally, as AI and ML become more accessible to the masses, there is a growing risk that these technologies could be leveraged to launch sophisticated attacks. In this presentation, we will explore emerging threats related to AI and ML, as well as how security leaders can utilize these emerging technologies to better defend their organizations and respond to sophisticated attacks.
    Presentation Level: MANAGERIAL (security and business leaders)

    12:30 pm
    Another Brick in the Wall
    • session level icon
    speaker photo
    Americas Lead for Secure Culture Activation, Ernst & Young LLP
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    Security awareness and training. The Human Element. Change Management. All of these have resulted in extraneous mandatory learning for employees, often without regard to a role- or risk-based education profile. Employees are experiencing learning fatigue at a rapid pace, without significant results on an organization’s overall risk profile. It’s time to stop educating and start engaging, for significant, measurable information security behavior change in your organization. This session will cover learning trends, opportunities for engagement, and examples you can implement immediately.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)
    12:30 pm
    Cybersecurity in Canada: The Evolution of Legal Trends & How to Respond
    • session level icon
    speaker photo
    Partner/ Attorney, Blake, Cassels & Graydon LLP
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    As cybersecurity and privacy laws evolve, there is a growing need to stay abreast of the changing regulations and compliance obligations. This session will provide an overview of recent legal developments in Canada and best practices for addressing these regulatory changes within your organization.
    We will explore:

    • Recent cybersecurity and privacy legal developments in Canada
    • Governance-related best practices for responding to these new developments
    • Best practices for managing vendors
    • Making strategic decisions regarding cyber insurance
      Presentation Level:GENERAL (InfoSec best practices, trends, solutions, etc.)

    12:30 pm
    [Panel] No Perimeter: Security in the Cloud
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    Worldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment.

    1:00 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:15 pm
    1:15 pm
    When Cyber Attacks Get Physical
    • session level icon
    speaker photo
    CISO, Analytics 4 Life
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm
    Advancements in technology, especially over the past decade, have resulted a significant increase in the number of connected devices worldwide. While there are plenty of conversations on cybersecurity of connected devices, they are mainly around data protection and privacy issues. The fact of the matter is, a percentage of these cyberattacks can cause physical harm to humans. Although this issue is important, it does not often get the attention it deserves.
    This presentation focuses on a few cyberattack scenarios on connected devices which may pose safety risks for the user/operator,
    including: connected cars, medical devices, collaborative robots and home networks.
    Increasing public awareness of these risks not only helps consumers make more informed decisions, but it also raises expectations of manufacturers to take cybersafety seriously.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)
    1:15 pm
    Integrated Intelligence: Ideas on Proactive Threat Intelligence
    • session level icon
    speaker photo
    Threat Intel Engineer, Cardinal Health
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm
    Integrated threat intelligence can empower your organization and help your team be more proactive in its defense measures. This presentation will offer attendees an opportunity to think about threat intelligence in a unique way and identify a customized approach that is tailored to their company’s industry and overall structure. In addition, we will explore how integrated threat intelligence can influence discussions and decision-making within other teams in the organization.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

     

    1:15 pm
    The DoD’s Cybersecurity Maturity Model Certification (CMMC) Is Coming – Are You Ready?
    • session level icon
    speaker photo
    Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    Supply chain risks are at the top of everyone’s mind today, and the US Department of Defense (DoD) is no different. That is why the DoD created its Cybersecurity Maturity Model Certification (CMMC). CMMC is a five level, third-party validated maturity certification. CMMC includes both technical and process/procedural requirements. Organizations in the Defense Supply Chain will be required to obtain CMMC certification before contract award. Requests for Proposals (RFPs) containing CMMC requirements are expected in October 2020. This session provides an overview of CMMC and the corresponding industry-led ecosystem that is being created, spearheaded by the CMMC Accreditation Body (CMMC-AB).
    Presentation Level: MANAGERIAL (security and business leaders)

    1:15 pm
    [Panel] Threat Landscape in Flux: Emerging Threats
    Registration Level:
    1:15 pm - 1:45 pm

    The attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.

    1:45 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:45 pm - 2:00 pm
    Location / Room: Exhibitor Floor
    2:00 pm
    Closing Keynote
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm
Exhibitors
  • Alert Logic
    Booth:

    Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.

  • AmeriNet
    Booth:

    AmeriNet is a total solutions provider of networking, telephony, storage and security products from the best partners and service providers. Our strength is derived from a combination of technical and engineering experience and product excellence. Our engineers will deploy the right solution and technology to ensure the continued success of day-to-day operations and objectives of our clients.

  • Arctic Wolf Networks
    Booth:

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOCTMservice is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.

  • Armis, Inc
    Booth:

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Cincinnati Tri-State ASIS
    Booth:

    The Cincinnati Tri-State Chapter and its members are committed to not only their own professional careers, but the security industry as a whole. The chapter promotes networking, education, and friendship with those in the fields of security and law enforcement. Our membership is comprised of professionals that work in different aspects of security and law enforcement.

    If you are interested in joining ASIS, the Cincinnati Chapter, or attending a meeting to see what we are all about please contact us to find out more information. We look forward to hearing from you and growing with you professionally!

  • BitSight
    Booth:

    BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter

  • Canadian Cyber Threat Exchange (CCTX)
    Booth:

    The CCTX was created to build a secure Canada where all organizations, both private and public, collaborate to reduce cyber security risks. We do this in two ways.

    First, through the CCTX Data Exchange we gather, enrich, analyze and share cyber threat information across business sectors and from other Canadian and international cyber threat sharing hubs. And we provide actionable cyber threat intelligence with a Canadian focus.

    Second, our CCTX Collaboration Centre is a unique forum for cyber professionals to solve problems by exchanging best practices, techniques and insights.

  • Checkmarx
    Booth:

    Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive software security platform that unifies with DevOps and provides static and interactive application security testing, SCA and developer AppSec training to reduce and remediate risk from software vulnerabilities. www.checkmarx.com

  • Cincinnati Networking Professionals Association
    Booth:

    Established in 1991, the non-profit Network Professional Association (NPA) is a professional association for computer network professionals. Members adhere to a code-of ethics, demonstrate continual professional development and knowledge, adhere to the latest best practice standards, and strive for continual growth. International awards for professionalism honor individuals for outstanding achievements and meeting the values of professionalism.

    The NPA offers a Certified Network Professional CNP credential and provides advocacy for workers in the field. Members receive a certificate of membership, quarterly journal publications, chapters and programs, and opportunities to volunteer and publish.

  • Cobalt.io
    Booth:

    Cobalt’s Pentest as a Service (PtaaS) Platform transforms traditional pentesting into a data-driven vulnerability management engine. Fueled by a global talent pool of certified freelancers, our modern pentest platform delivers actionable results that empowers agile teams to pinpoint, track, and remediate vulnerabilities.

  • Corelight
    Booth:

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • Digital Shadows
    Booth:

    Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation.

  • ECTF
    Booth:

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Endace
    Booth:

    Customers choose Endace products for one primary reason: they deliver, where competitor products fail. Whether it is capture accuracy, fidelity of time stamps, write-to-disk performance or speed of traffic retrieval, Endace is famous for delivering the very best performing products. Telcos, broadcasters, governments, defence departments, investment banks and many other large enterprises trust our products to help them manage their critical data networks.

  • Fortinet
    Booth:

    Fortinet secures the largest enterprise, service provider, and government organizations around the world. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 300,000 customers trust Fortinet to protect their businesses.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • Gigamon
    Booth: w/ AmeriNet

    Gigamon is leading the convergence of network and security operations to reduce complexity and increase efficiency of security stacks. Our GigaSECURE® Security Delivery Platform is a next generation network packet broker that makes threats more visible – across cloud, hybrid and on-premises environments, deploy resources faster and maximize the performance of security tools.

  • Gradient Cyber
    Booth:

    We uniquely visualize an organization’s cybersecurity risks, reduce logs and alert noise to actionable insights and establish a cyber health roadmap for immediate value and long term improvements to its security posture.

  • InfraGard Cincinnati
    Booth:

    The mission of the InfraGard Cincinnati Members Alliance is to increase the security of the United States’ national infrastructure through information exchange, education, outreach, and similar efforts. To accomplish our goal, we strive to maintain a close working relationship between federal agencies such as the Federal Bureau of Investigation and the Department of Homeland Security, law enforcement agencies, subject matter experts such as cybersecurity and physical security professionals, industry-specific experts, and numerous other professionals.

  • Insight Cloud + Data Center Transformation
    Booth:

    Insight Cloud + Data Center Transformation is a complete IT services and solution provider that helps organizations transform technology, operations, and service delivery to meet challenges and future-proof the business. As a client-focused integrator, we’re free to recommend the most appropriate solutions — across cloud, IT transformation, next-generation technology, and security.

  • ISACA Cincinnati
    Booth:

    The Greater Cincinnati ISACA® Chapter is a not-for-profit professional association serving the information technology audit, security, and control community. We support the areas of Cincinnati & Dayton, Ohio and Northern Kentucky. The chapter consists of over 450 professionals that represent a cross-section of the public, private, and not-for-profit business sectors at all levels within those industries.

    Purpose: To promote the education of individuals for the improvement and development of their capabilities relating to the auditing of and/or management consulting in the field of Information Technology audit and control.

  • ISACA Toronto
    Booth:

    The ISACA Toronto Chapter, with 2800 plus members, is the largest chapter in Canada and the 5th largest in the world. As of 2017, it will have existed in the Toronto information systems audit, control and governance community for 40 years, and is one of the most active ISACA chapters serving IT Governance, Risk, Audit, and Security professionals.

    The aim of the Chapter is to sponsor local educational seminars and workshops, conducts regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the Greater Toronto Area.

    ISACA (previously the Information Systems Audit and Control Association) is a worldwide association of IS governance professionals. The association currently focuses on assurance, security, and governance and provides globally recognized certification in assurance (Certified Information Systems Auditor), security (Certified Information Security Manager), and governance (Certified in the Governance of Enterprise IT).

  • (ISC)2 Cincinnati Tri-State Chapter
    Booth:

    Follow us on Twitter: https://twitter.com/Cinci_Tri_ISC2

  • (ISC)2 Toronto
    Booth:

    Founded in 2013, the (ISC)² Toronto Chapter is an official chapter of (ISC)².  Based in Toronto, our purpose is to provide educational opportunities for management, operational and technical aspects of the information security field, and to support the mission of (ISC)².

  • ISSA Greater Cincinnati Chapter
    Booth:

    The Greater Cincinnati Information Systems Security Association is a non-profit group dedicated to providing educational and networking opportunities to promote the exchange of ideas, knowledge, and member’s growth within the information security profession. The Greater Cincinnati Chapter will host monthly meetings with a variety of security professionals. Please check our events page for further information on upcoming events.

  • Leading Cyber Ladies – Toronto Chapter
    Booth:

    Leading Cyber Ladies is a global non-profit organization who focuses on bringing more women into the cyber field through educational cybersecurity sessions, mentorship, speaking opportunities, networking and career opportunities through close partnership with the business sector and other groups in the cybersecurity community.

    While we are focusing on educating women, we are welcoming everyone, all genders and identities! Here we support each other in a friendly and encouraging environment. We are proud to partner with many sponsor companies across Toronto to bring our events to the community free of charge. Join our Meetup group for details on upcoming events!

    We are proud to partner with many sponsor companies across Toronto to bring our events to the community free of charge. Join our Meetup group for details on upcoming events!

  • Malwarebytes
    Booth:

    Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.

  • Mimecast
    Booth:

    Mimecast (NASDAQ: MIME) was born in 2003 with a focus on delivering relentless protection. Each day, we take on cyber disruption for our tens of thousands of customers around the globe; always putting them first, and never giving up on tackling their biggest security challenges together. We are the company that built an intentional and scalable design ideology that solves the number one cyberattack vector—email. We continuously invest to thoughtfully integrate brand protection, security awareness training, web security, compliance and other essential capabilities. Mimecast is here to help protect large and small organizations from malicious activity, human error and technology failure; and to lead the movement toward building a more resilient world.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • OWASP Cincinnati
    Booth:

    OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas.

    The Cincinnati chapter leads are Andy Willingham and Allison Shubert. Chapter meetings are free and open to anyone interested in information security, risk management, data protection and application security.

  • OWASP Toronto
    Booth:

    The Toronto area chapter of The Open Web Application Security Project. Our core purpose: Be the thriving global community that drives visibility and evolution in the safety and security of the world’s software.

  • Rapid7
    Booth:

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • RedSeal
    Booth:

    At RedSeal, our vision is to become the essential analytics and decision-making platform for building digitally resilient organizations people can trust. We do this by becoming the measure by which every organization can quantify its digital resilience. As thought leaders on resilience, we envision every organization starting the security discussion with the question “What’s our Digital Resilience Score?” Founded in 2004, RedSeal is headquartered in Sunnyvale, California.

  • RSA a Dell Technologies Company
    Booth:

    RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions.  With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.

  • SailPoint
    Booth:

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Stratejm, Inc.
    Booth:

    Stratejm is one of North America’s Premier Next-Generation Managed Security Services Provider (NGMSSP) delivering an innovative Cloud-based Security-as-a-Service (SECaaS); an end-to-end security platform that offers enterprise clients world-class Managed Detection & Response (MDR). Leveraging true Security Orchestration, Automation and Response (SOAR), Stratejm’s SECaaS implies machine learning and artificial intelligence to effectively and efficiently solve the “Security Challenge.” We’re bending the cost curve associate with building, evolving, operationalizing and optimizing an enterprise cybersecurity program.

  • TASK
    Booth:

    Toronto’s Security User Group TASK (Toronto Area Security Klatch) provides a forum for experts to encourage discussion and share expertise in understanding the latest trends and security threats facing computer networks, systems and data.

    Our membership includes Information Security practitioners, managers, network administrators, students, and anyone who is interested in learning more about securing information.

    We meet to discuss issues that we all share in common, including:

    • New technologies and products that impact information security
    • Emerging threats, and the vulnerabilities being exploited
    • Managing security
    • New laws and regulations
  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth:

    Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

  • The Circuit
    Booth:

    Our goal is to deliver education and informational programs; enable members to connect and foster collaboration between IT solution and service providers, corporate IT departments, the individuals within these organizations and the businesses that support them.

  • ThreatConnect
    Booth:

    Designed by analysts but built for the team, ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. To learn more about our TIP and SOAR solutions, visit www.ThreatConnect.com.

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

  • Women Who Code Toronto
    Booth:

    Our mission is to inspire women to excel in technology careers. We envision a world where women are proportionally represented as technical leaders, executives, founders, VCs, board members, and software engineers.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Arif Hameed
    Sr. Director, Client Security, Equifax

    Arif Hameed is Senior Director at Equifax, where he leads a team that handles client cybersecurity due diligence activities including questionnaires, audits, remediation support, security schedules, etc. Prior to his role at Equifax, he worked at two of the largest banks in Canada in Security Advisory, IT Risk, Third Party Cyber Risk, and IT Audit.

  • speaker photo
    Dr. Atefeh (Atty) Mashatan
    Founder & Director, Cybersecurity Research Lab, Ryerson University

    Dr. Atefeh (Atty) Mashatan is the Founder and Director of the Cybersecurity Research Lab at Ryerson University. SC Magazine recognized her as one of top five Women of Influence in Security globally in 2019. She joined the School of Information Technology Management of Ryerson University in 2016 focusing on Information Systems Security, Cryptography, and Combinatorics. Prior to joining Ryerson, Dr. Mashatan was a Senior Information Security Consultant and Solutions Architect at CIBC (Canadian Imperial Bank of Commerce) with a focus on cryptography and enterprise architecture, evaluating proposed and existing security systems. Prior to that Dr. Mashatan was a Scientific Collaborator at the Security and Cryptography Laboratory of School of Computer and Communication Sciences, EPFL (Swiss Federal Institute of Technology, Lausanne), where she conducted research into cryptographic protocols. She is a Certified Service Oriented Architect (SOA) with Honours and holds a Certified Information Systems Security Professional (CISSP) certification from the International Information Systems Security Certification Consortium (ISC2).

    The Cybersecurity Research Lab (CRL) is an academic research lab at Ted Rogers School of Management at Ryerson University. The CRL conducts cutting-edge information security research, provides training for the next generation of cybersecurity experts, and is spearheading a crucial and ongoing dialogue with the Information and Computer Technology (ICT) industry in Canada. The lab is led by Dr. Atefeh (Atty) Mashatan, and is recognized for its strong partnerships and linkages to industry. Its mission is to help organizations, large and small, to find innovative and cost effective cyber risk mitigation strategy and solutions. The lab’s research expertise is in Cryptography, Blockchain Technology, Quantum-resistant solutions, Machine Learning and its applications in Cybersecurity, Enterprise Security Architecture, and Security of Internet of Things (IoT).

  • speaker photo
    Kevin Dreyer
    IT Director & CISO, Maple Reinders Group

    Kevin Dreyer is an IT Director and CISO with over 25 years of industry experience for a General Contractor securing a national network and its 400 users across a hybrid cloud infrastructure. He fell in love with computers at age 12 when a cousin introduced him to programming, and has never looked back. Having dropped out of college due to the lures of the darker side of computer security, he has spent his adult life working on the defensive side while finishing a college diploma and working on certifications from IBM, Cisco, Novell, Microsoft, Mile2, and finally CISSP about two years ago.

  • speaker photo
    Nick Ritter
    VP, Product & Industrial Security, GE

    Nick Ritter is the leader for Product & Industrial Security teams within GE. He is responsible for the product security program across GE commercial products, third party and supply chain security, manufacturing security, application security, and attack simulation (Red Team). Nick is also a key risk advisor to GE’s global CISO. He has almost 20 years enterprise and industrial security experience.
    Prior to joining GE, Nick spent 2 years at a large financial institution as head of cyber defense and security operations. Immediately prior to that he spent 14 years at a global industrial conglomerate, culminating as one of the 3 global CISOs. There, Nick originated the centralized cyber defense program, built the technical security organization and helped establish the commercial OT security practice.
    While living in Germany, Nick was frequent lecturer at the George C. Marshall European Center for Strategic Studies. There he taught classes on Securing Critical Infrastructure, Cyber Security Policy, and Strategic Cyber Defense. Nick also served as an advisor to NATO in the development of their cyber command training curriculum.
    Nick attended Purdue University and University of Kentucky for undergrad and graduate studies. He resides in Ft. Mitchell, Kentucky, a suburb of Cincinnati, with his wife and two daughters.

  • speaker photo
    Jordan Fischer
    Managing Partner, XPAN Law Group, LLC

    Jordan L. Fischer is co-founder and managing partner of XPAN Law Group, LLC, a boutique international cybersecurity and data privacy law firm, and certified Women-Owned. She focuses her practice on international data privacy and cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations, the GDPR, and the CCPA. Jordan has extensive experience in the intersection of law and technology. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University.

  • speaker photo
    Kenrick Bagnall
    Detective Constable, Coordinated Cyber Centre (C3), Toronto Police Service, Former VP of IT at Capital G Bank

    Kenrick has been a member of the Toronto Police Service since April of 2006 and currently serves as an investigator in the Coordinated Cyber Centre (C3) section of Intelligence Services. Before this Kenrick spent 20 years in the Information Technology industry primarily in the financial services sector, holding positions of Senior Network Analyst, Information Technology Manager and Senior Vice President of Information Technology.
    Kenrick is also an Associate Professor at George Brown College where he instructs the Cybersecurity Security Certificate program and also lectures on the University of Toronto Global Professional Master of Laws, Innovation, Law and Technology program.
    Kenrick’s background in Information Technology combined with his Law Enforcement experience has uniquely positioned him as an investigator, instructor and presenter on technology, information security and cyber investigations.

  • speaker photo
    Joshua Cloud
    Director of Information Security, NFI

    Joshua Cloud is currently serving as the director of information security for NFI. He has over 20 years of infrastructure and security leadership experience spanning professional services, manufacturing, retail, and logistics industries in countries all over the world. Cloud is a transformational security leader with a business focus who evangelizes the value of pragmatic cyber risk management and executive alignment. He currently leads a team of security professionals at the new NFI headquarters on the Camden, NJ, waterfront.

  • speaker photo
    Alexandra Panaretos
    Americas Lead for Secure Culture Activation, Ernst & Young LLP

    Alexandra Panaretos is the Americas Cybersecurity Lead Secure Culture Activation at Ernst & Young LLP. With a background in sports broadcasting and operational security, she specializes in security communications and education, awareness program development, the psychology of social engineering, and behavior analytics. She has over 11 years of experience developing and implementing security awareness and education strategies in Fortune 50/100 companies, state government, military family services, the Department of Defense and many other global enterprises. In her free time, she is a mother of three and volunteers with local law enforcement agencies educating schools and parents on information security and social media safety.

  • speaker photo
    Imran Ahmad
    Partner/ Attorney, Blake, Cassels & Graydon LLP

    Imran has a business law practice with a specialization in technology, cybersecurity, and privacy law. As part of his cybersecurity practice, Imran works closely with clients to develop and implement practical strategies related to cyber threats and data breaches. He advises on legal risk assessments, compliance, due diligence and risk allocation advice, security, and data breach incident preparedness and response. In addition, Imran acts as “breach counsel” in the event of a cybersecurity incident, such as a data or privacy breach. He also provides representation in the event of an investigation, an enforcement action, or a litigation.

    Imran has an active technology practice. He advises on licensing, outsourcing and service-provider arrangements, as well as on other commercial matters with respect to carrying on business over the internet, the cloud and the digital environment.
    In his privacy law practice, he advises clients on compliance with all Canadian federal and provincial privacy and data management laws. He has a particular focus on cross-border data transfer issues and enterprise-wide governance programs related to privacy and information governance.

    Imran is the author of Canada’s first legal incident preparation and response handbook titled "Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management" (LexisNexis, August 2017). He is fluent in English, French, and Hindi.

  • speaker photo
    Adel Danesh
    CISO, Analytics 4 Life

    Adel Danesh has over 20 years of experience in IT and information security. Over the course of his professional career, he has been holding information security leadership roles in various organizations and spearheaded mission critical security and infrastructure projects. In his current job, Adel is a CISO at Analytics For Life, a medical research firm that is developing an innovative medical device for diagnosis of cardiovascular diseases. He is leading the information security program which is aimed at implementing cybersecurity best practices in the design and operation of the medical device as well as protecting the organization against cyberattacks . Adel is the first elected president of (ISC)2 Toronto Chapter. The chapter has grown exponentially since it’s inception in 2012 and now has over 1500 members. Adel also has written articles that are published in a renowned information security magazine.

  • speaker photo
    Samara Williams
    Threat Intel Engineer, Cardinal Health

    Samara works for Cardinal Health, as a Threat Intelligence Engineer. As an engineer, Samara collects and assesses a wide range of threats to the healthcare industry. She specializes in MITRE ATT&CK, threat actor reporting, strategic program design/implementation, and fostering relationships within the organization. Samara is passionate about mentorship, giving back to the community, and encouraging kids, women and minorities in the technology and cybersecurity fields. Samara is very involved in the Columbus Community as Treasurer of the International Consortium of Minority Cybersecurity Professionals - Columbus Chapter, Treasurer of EmpoWE-R, and Vice President of the Ohio Cyber Women (OCW) organization.

  • speaker photo
    James Goepel
    Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body

    James Goepel is Treasurer and Member, Board of Directors for the CMMC-AB. He is also an adjunct professor of Cybersecurity at Drexel University and CEO of Fathom Cyber, a trusted agent for senior management and developer of defensible cybersecurity strategies. Jim earned his BSECE from Drexel and his JD and LLM degrees from George Mason University. He worked in the IT and security industries for nearly two decades, including as a Network Administrator for the US House of Representatives and as a lawyer and technologist for a wide range of cybersecurity companies, including system developers, research institutions, and software vendors.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!