Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, April 23, 2019
    9:00 am
    SecureWorld PLUS - Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the Framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

    The class will help individuals and organizations acquire knowledge, skills, and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the instructor:

    • Larry Wilson is the CISO for UMass President’s Office since 2009.
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    9:00 am
    SecureWorld PLUS - 5 Steps to a Safer Online Presence for Yourself and Your Organization
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CEO & Founder, Cybercrime Support Network
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise. Cybersecurity is our shared responsibility. Participate in this training and leave with the tools necessary to educate within your organization and arm yourself with the skill set to bring education to your own audience. The material uses easy to understand language and shares no-cost resources so attendees feel empowered to secure their online lives.

  • Wednesday, April 24, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    7:30 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    8:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    8:30 am
    Engaging the Board on Cyber Security
    • session level icon
    speaker photo
    VP & CISO, Brookfield Asset Management
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 200C

    Boards of directors are increasingly interested more than ever in the organization’s cyber security posture and strategy. It’s important to engage them early and often with the right level of detail to maintain their confidence. This session will provide practical guidance on approaches that could be used to be successful when communicating with the Board.

    8:30 am
    IoT Defense: A Holistic Approach
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    Reviewing the current state of IoT devices, their cloud endpoints and the connection between them to understand the threat landscape and where our focus needs to be in the years ahead.

    8:30 am
    Privacy Impact Assessments and Emerging Technologies
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Privacy laws and regulations continue to evolve rapidly in the U.S. at the federal and state levels. Combined with the European Union GDPR, these emerging standards underline the need for businesses to manage data as a regulated asset. The risks are heightened when developing or implementing emerging technologies, such as artificial intelligence, blockchain and biometric technologies. A key part of governance, both to reduce risk and to enable new innovations, is to perform impact assessments when implementing new technologies into the business, and as part of any new product development or innovation operations. This presentation will focus on privacy regulatory issues associated with emerging technologies, trends in structuring impact assessments, approaches to and objectives of PIAs, and ways in which to integrate PIA processes into the business.
    8:30 am
    Data Breach Digest – Perspective is Reality
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Data breaches are complex affairs. Response activities are proportionately complex involving various stakeholders with slightly different perspective. This presentation covers the 2017 “Data Breach Digest – Perspective is Reality”; a compendium of data breach scenarios told from different stakeholder points of view covering their decisions, actions and crucial lessons learned.

    9:30 am
    OPENING KEYNOTE: The Evolving Role of CISOs and Their Importance to the Business
    • session level icon
    speaker photo
    Chairman and Founder, Ponemon Institute
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    What is a CISO and what do they do? As the leader of cyber defense for an organization, the CISO is rapidly becoming indispensable for an organization’s survival. This presentation is based on interviews with senior level IT professionals at 184 companies in seven countries. The goal of the research is to better understand how CISOs work, what their concerns are, and how they are improving their effectiveness in managing risks to the enterprise.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    11:15 am
    Securing the Taboo: Legal Cannabis, Privacy, and Online Sales
    • session level icon
    speaker photo
    Manager, Information Security, Ontario Cannabis Store
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    With the Canadian Government’s legalization of cannabis, a whole marketplace for a previously illegal product has exploded into existence, with unique challenges, regulations, and risks not faced by online retailers of more traditional products.

    Issues like customer and employee privacy, sale of data and reporting concerns, and problems with being both a retailer and wholesaler will be discussed.

    11:15 am
    [Radware] Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Security Evangelist, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Throughout 2018 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    IoT and Blockchain in Healthcare
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Tens of billions of connected devices will form the smart homes, cities and user experience of the future. The “Internet of Things” is a rich opportunity for IT Leaders but also presents some headaches, particularly when we think of medical and consumer devices in Healthcare. Hear the unique perspective from one of the nations largest healthcare providers on how they plan to step up to the challenge and how one notorious upstart technology, the “Blockchain”, can potentially benefit the “Smart Hospital.”

    11:15 am
    Incident Response: Once More Unto the Breach, Dear Friends
    • session level icon
    speaker photo
    CIO & CISO, Aptean
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    This presentation will cover some of the more challenging aspects of incident response and breach notification. Real world applications and why preparation is everything when it comes to recovery.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    12:15 pm
    LUNCH KEYNOTE: [Fireside Chat] Moving Forward at Equifax: A Personal Reflection of Lessons Learned and Challenges Overcome
    • session level icon
    speaker photo
    Vice President, Information Security , Equifax Canada
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Equifax is empowering everyone in the organization to understand, evaluate, and collaborate in risk management. However, getting to this point was extremely hard work. Don’t miss this fireside chat with Les Stevens, VP of Information Security at Equifax, as he shares his personal journey through difficult times, what he learned that can be passed along, and the ways he is a better security professional as a result.

    1:15 pm
    Panel: Knowledge Is Power (Encryption)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Encryption: the translation of data into a secret code. Very much like the codes that Elizebeth Friedman had cracked against the rum runners and bootleggers during the Prohibition days. Our heroine was able to smash their codes and determine when the next shipments were scheduled to arrive stateside. Knowledge truly was power as Friedman was able to effectively predict the future through her diligent code breaking. The level of sophistication may have changed but the point of encryption was and still is to safeguard the data from those that are not part of the group. Our experts will discuss the importance of using encryption to keep our information secure as well as address some of the best practices and pitfalls to watch out for.

    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing and hoping.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    Registration Level:
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    The Dark Web, Cyber Crimes, and Cyber Intelligence
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    In this presentation we will learn about trends in cyber fraud tactics and attacks, how dark web markets and forums fuel cyber crime, and how they can be investigated for threat intelligence. In addition, we will learn how cyber criminals utilize digital currencies, and how these transactions can intersect with the formal financial sector. In addition we will discuss cyber awareness and cyber literacy as well as an introduction to Cyber Intelligence.

    3:00 pm
    From Websites to Baby Monitors: The Emerging Battlefront in Consumer Privacy and Protection
    • session level icon
    speaker photo
    Internet Privacy & Security Analyst, The Internet Society's Online Trust Alliance
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    The battle for consumer data privacy and security is shifting, and organizations best take note or face the consequences. Encryption and other data practices are still critical, as our latest audit of more than 1,000 consumer-facing organizations shows. But the battle has opened a new front, and it’s in your home or office—specifically the smart devices surrounding us in a growing Internet of Things. Manufacturers, retailers, policymakers—and frankly, any organization that shares data or services across connected devices—stand to benefit from hearing the latest in a growing movement to secure the world of IoT.

    3:00 pm
    (ISC)2 Chapter Meeting: Open to All Attendees
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    Interested in your local associations? Join (ISC)2 for their monthly meeting meet & greet. This opportunity is open to all SecureWorld attendees.

Exhibitors
  • Big Switch Networks
    Booth: TBD

    Big Switch Networks is the next-gen networking company. Big Monitoring Fabric is an NPB that enables pervasive visibility and security across all workloads: physical, VM , container or cloud. Big Mon Inline enables pervasive security in the DMZ while offering lower-cost and SDN-centric operational simplicity. Tech partnerships include: A10, Palo Alto Networks, Symantec, FireEye, ExtraHop, Riverbed.

  • Bitdefender
    Booth: TBD

    Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. We are innovators, creating breakthrough technology that radically improves our customer’s experience with security.

    From IoT to Data Centers, from endpoints to hybrid infrastructures – Bitdefender plays a transformational role in how security is best consumed, deployed, and managed. We strive to deliver products and services that radically alter the customer’s experience with security, in terms of efficacy, performance, ease of use and interoperability.

  • Canadian Cyber Threat Exchange (CCTX)
    Booth: TBD

    The CCTX was created to build a secure Canada where all organizations, both private and public, collaborate to reduce cyber security risks. We do this in two ways.

    First, through the CCTX Data Exchange we gather, enrich, analyze and share cyber threat information across business sectors and from other Canadian and international cyber threat sharing hubs. And we provide actionable cyber threat intelligence with a Canadian focus.

    Second, our CCTX Collaboration Centre is a unique forum for cyber professionals to solve problems by exchanging best practices, techniques and insights.

  • Comodo Cybersecurity
    Booth: TBD

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • Darktrace
    Booth: TBD

    Darktrace is the world’s leading AI company for cyber defense. With over 7,000 deployments worldwide, the Enterprise Immune System is relied on to detect and fight back against cyber-attacks in real time. The self-learning AI takes one hour to install, works across the cloud, SaaS, corporate networks, IoT and industrial systems, and protects against the full range of cyber-threats and vulnerabilities, from insider threats and ransomware, to stealthy and silent attackers. Darktrace has 800 employees and 40 offices worldwide, with headquarters in San Francisco, and Cambridge, UK.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Global Cyber Alliance
    Booth: TBD

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • InfoSec-Conferences.com
    Booth: n/a

    We’re the InfoSec Community’s #1 ‘Go To’ resource for Cybersecurity Conferences. Since 2012 we’ve provided Cybersecurity Professionals with accurate event listings that are manually checked and updated every day.

  • ISACA Toronto
    Booth: TBD

    The ISACA Toronto Chapter, with 2800 plus members, is the largest chapter in Canada and the 5th largest in the world. As of 2017, it will have existed in the Toronto information systems audit, control and governance community for 40 years, and is one of the most active ISACA chapters serving IT Governance, Risk, Audit, and Security professionals.

    The aim of the Chapter is to sponsor local educational seminars and workshops, conducts regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the Greater Toronto Area.

    ISACA (previously the Information Systems Audit and Control Association) is a worldwide association of IS governance professionals. The association currently focuses on assurance, security, and governance and provides globally recognized certification in assurance (Certified Information Systems Auditor), security (Certified Information Security Manager), and governance (Certified in the Governance of Enterprise IT).

  • (ISC)2 Toronto
    Booth: TBD

    Founded in 2013, the (ISC)² Toronto Chapter is an official chapter of (ISC)².  Based in Toronto, our purpose is to provide educational opportunities for management, operational and technical aspects of the information security field, and to support the mission of (ISC)².

  • Ixia, a Keysight Business
    Booth: TBD

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Mimecast
    Booth: TBD

    Mimecast Is Making Email Safer For Business.

    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service. Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • OWASP Toronto
    Booth: TBD

    The Toronto area chapter of The Open Web Application Security Project. Our core purpose: Be the thriving global community that drives visibility and evolution in the safety and security of the world’s software.

  • Pulse Secure
    Booth: TBD

    Pulse Secure provides easy, comprehensive software-driven Secure Access solutions for people, devices, things and services that improve visibility, protection and productivity for our customers. Our suites uniquely integrate cloud, mobile, application and network access to enable hybrid IT in a Zero Trust world. Over 20,000 enterprises and service providers across every vertical entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance.

  • Radware
    Booth: TBD

    Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

  • Sonatype
    Booth: TBD

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • Synack
    Booth: TBD

    Synack is the leader in smart crowdsourced security testing: One comprehensive platform includes vulnerability scanning, vetted red-teaming, bug bounty incentives, risk scoring analytics, insightful reports to ease remediation and compliance checks. Reduce your cyber risk with Synack as part of your security team.

  • TASK
    Booth: TBD

    Toronto’s Security User Group TASK (Toronto Area Security Klatch) provides a forum for experts to encourage discussion and share expertise in understanding the latest trends and security threats facing computer networks, systems and data.

    Our membership includes Information Security practitioners, managers, network administrators, students, and anyone who is interested in learning more about securing information.

    We meet to discuss issues that we all share in common, including:

    • New technologies and products that impact information security
    • Emerging threats, and the vulnerabilities being exploited
    • Managing security
    • New laws and regulations
  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Women Who Code Toronto
    Booth: TBD

    Our mission is to inspire women to excel in technology careers. We envision a world where women are proportionally represented as technical leaders, executives, founders, VCs, board members, and software engineers.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Kristin Judge
    CEO & Founder, Cybercrime Support Network

    Kristin Judge founded the nonprofit Cybercrime Support Network and works with federal, state, and local law enforcement and consumer protection agencies to help consumers and small businesses affected by cybercrime. As a thought leader, Kristin has been seen on the C-SPAN Network, local news outlets, and called on by technology publications such as SecureWorld, SC Magazine, and Government Technology to share best practices for online safety. She was named an SC Media “Women in IT Security Influencer” in 2017.

  • speaker photo
    Zaki Abbas
    VP & CISO, Brookfield Asset Management

    An accomplished Information Security and Technology leader with proven ability to develop and align strategies with business priorities and establish strong, trust-based partnerships across executive teams, key stakeholders and board members. Zaki has extensive experience in the insurance, real estate, banking, infrastructure, energy, investment management and IT services sectors. Previous to joining Brookfield Asset Management, Zaki was the Assistant Vice President - Information Security & IT Planning at Economical Insurance. Previous to Economical, Zaki worked as an Information Security Officer at Great-West Life for over 8 years and an Information Security Advocate at IBM for 10 years.

  • speaker photo
    Larry Ponemon
    Chairman and Founder, Ponemon Institute

    Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

    Ponemon Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

    Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

    Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

  • speaker photo
    Craig Newell
    Manager, Information Security, Ontario Cannabis Store

    Craig is in the business of mitigating privacy and data loss disasters. Constantly keeping abreast of new challenges and developments in the industry, he has evangelized risk-based security and control through the banking and utility industries, private business, governmental agencies, and now, online sale of a really exciting product. A believer in the value of collaboration and knowledge sharing, Craig loves to share his experiences, thoughts, concerns, and stories with peers and executives to provide fresh insight and new ideas to existing problems.

  • speaker photo
    Ron Winward
    Security Evangelist, Radware

    Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.

  • speaker photo
    Jason Barr
    CIO & CISO, Aptean

    Jason is currently the CIO and CISO of Aptean, leading the IT, security and governance, cloud hosting services, and business systems teams. He's been in the technology sector for over 20 years and has a passion for taking things apart and making them better.

  • speaker photo
    Les Stevens
    Vice President, Information Security , Equifax Canada

    As Vice President of Information Security at Equifax Canada, Les Stevens is responsible for the identification, assessment, and mitigation of inherent, residual, regulatory, security, and compliance risks specifically associated with the business operations of Equifax International business units. His experience building and maintaining information security and organizational compliance programs has made him a recognized expert at translating complex technical controls into business decisions and strategies.

  • speaker photo
    Kenneth Olmstead
    Internet Privacy & Security Analyst, The Internet Society's Online Trust Alliance

    Kenneth (Kenny) Olmstead is the Internet Security & Privacy Analyst that helps research, analyze, write, and review technical content relating to The Internet Society's Online Trust Alliance issues—identity, security, privacy, and data stewardship. He also helps with communications and engages the OTA Committees on technical and techno-policy issues. Before joining the Internet Society, Kenny spent 12 years at the Pew Research Center studying how the internet affects American life. In that time, he studied various topics ranging from how the internet changed the business of journalism, to how Americans view cybersecurity, to privacy issues in the Android ecosystem. He has a Master’s degree in Communications, Culture & Technology from Georgetown University.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!