Event Schedule

  • Your CEO Is Not Your CEO! How to Defend Against Email Fraud 9:35 am

    Presented by Proofpoint

    Email fraud leads to two main threats- one is Business Email Compromise (BEC) where attackers pretend to be you; the other one is Email Account Compromise (EAC) where attackers actually become you. BEC/EAC scams have cost the victimized businesses over $26 billion since 2016. What they have in common is that they both target people. They both rely on social engineering and are designed to solicit fraudulent wire transfers or payment. Unlike malware attacks, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable.

    Join our session and learn about:

    • What is BEC and EAC? And how do they work?
    • What are the common attack tactics regarding this new form of email threats?
    • Best practices to defend against BEC and EAC
    Click to Expand

    Speaker:

    Collapse This Item

  • How To Enable and Secure Your Remote Workforce 10:00 am

    Presented by BeyondTrust

    In times of crisis, good security practices are often the first thing to go. Organizations are being forced to revisit their “temporary” remote working policies and tools. An expanding remote workforce can increase your security risk, especially if your IT and Support employees use non-secure remote access tools as temporary measures. Are temporary remote access tools making your organization vulnerable to cyber-attacks?

    In this session you will learn:

    • Risks and security considerations related to an extended remote workforce
    • Vulnerabilities posed by remote working tools, such as BYOD and free Shadow IT solutions
    • Practical guide on how to quickly implement and scale strong security protocols to enable long-term remote work
    • Key Use Cases for a successful secure remote access strategy
    Click to Expand

    Speaker:

    Collapse This Item

  • A Modern Approach to Deception 10:40 am

    Presented by Attivo Networks

    Modern threat deception does not rely upon signatures nor behavioral patterns. It flips the paradigm on the attacker to be perfect or be detected. History and experience have shown us that human attackers can bypass next-gen perimeter and endpoint controls. Threat deception provides early detection of external, insider, and 3rd party attackers – protecting against new types of Active Directory attacks, delivering actionable alerts, strengthening overall defensive posture, while being simple to deploy and maintain with a small staff. Whether your organization is a Fortune 10 or one with less than 1000 employees, organizations across the globe are deploying modern Attivo Deception both on-prem and the cloud as a proactive measure to combat cyber criminals.

    Click to Expand

    Speaker:

    Jonathan Randall
    Jonathan Randall

    Jonathan Randall

    Regional Manager

    Collapse This Item

  • Shifting PAM into High Gear with Zero Standing Privilege (ZSP) 11:10 am

    Presented by Remediant

    Zero Standing Privilege (PAM) was a new term introduced in 2019 and might just be the best approach to shift your PAM strategy into high gear. In this short presentation, we’ll discuss how PAM projects were managed historically and highlight a new PAM approach to reduce the impact of compromised admin credentials.

    Do you know what admin credentials exist today or even how they change over time in your organization? This is just one of several challenges we’ll discuss, offer a solution and discuss the need and value of frequent scanning of admin rights, reporting on current standing privileges and the adoption of a ZSP and Just-In-Time administration.

    So, if you’re looking for quick wins in PAM, including removing local admin rights and support for DevOps+PAM use cases, join the discussion and learn how other organizations like yours have succeeded.

    Click to Expand

    Speaker:

    Paul Lanzi
    Paul Lanzi

    Paul Lanzi

    COO

    Collapse This Item

  • Q&A Session #1
  • Public Safety – Cyber Resilience Assessment Team: Introduction to Program and Resilience Assessments Tools 1:00 pm

    Presented by Public Safety Canada

    Since 2016, Public Safety Canada has been offering cyber resilience assessment reviews to critical infrastructure owners and operators throughout Canada. The Canadian Cyber Resilience Review (CCRR) has been deployed to over 120+ times since its inceptions into the Public Safety – Regional Resilience Assessment Program (RRAP). The RRAP offers both physical and cyber resilience assessment to critical infrastructure. A new tools has been added to address technical cyber resilience. The Network Security Resilience Analysis (NSRA) tools will be used to assess your network devices cyber hygiene, by analyzing its configurations against industry best practices and standards. Please join me while I explain each of Public Safety Canada’s CI Cyber Assessment tools

    Click to Expand

    Speaker:

    Collapse This Item

  • The EDR You Need vs. The EDR You Want 1:50 pm

    Presented by Kaspersky

    When evaluating and choosing an EDR solution, how can you be confident that the solution you want is the one you need?

    Join us for this informative session and learn several ways on how you can answer this question, and make the most out of your investment in EDR.

    Click to Expand

    Speaker:

    Collapse This Item

  • Shift Left – Building Security Into the Application Development Lifecycle 2:15 pm

    Presented by Micro Focus

    By building security into your application development lifecycle you not only help reduce your attack surface, but also save roughly 30% in costs associated to resolving the application security vulnerabilities afterwards… never mind the costs associated to a breach, such as shareholder value and brand tarnishing.

    Click to Expand

    Speaker:

    Rob Aragao
    Rob Aragao

    Rob Aragao

    Chief Security Strategist

    Collapse This Item

  • Data-Driven Cyber Risk Management in 2020 3:00 pm

    Presented by Risk Recon

    This presentation will discuss some of the challenges faced by third-party risk practitioners, the inherent limitations of a questionnaire-only approach to TPRM as well as a strategy to follow as your mature your own programs. The presentation will also include discussion of how continuous monitoring tools can be utilized to build a more robust picture of the controls actually in place at your third parties.

    Click to Expand

    Speaker:

    Collapse This Item

  • A Centralized Identity Strategy Using Standards Helps Minimize Threats 3:25 pm

    Presented by Auth0

    Modern architectures continue to become more distributed and fractured. How can developers can continue to develop and build what they understand without having to become identity experts? How can they do that and ensure that their applications remain secure? A centralized, standards based identity management system can provide a system that is easy to interact with without requiring expertise or a reduced security footprint.

    Click to Expand

    Speaker:

    Carlos Mostek
    Carlos Mostek

    Carlos Mostek

    Principal Solution Architect

    Collapse This Item

  • Q&A Session #2
  • Day One Closing Session
  • Developing Your Identity Strategy 9:35 am

    Presented by SailPoint

    Remember when identity management meant creating new accounts and resetting user’s passwords? Over the years, digital identity has evolved into much, MUCH more. Your identity program now includes not just identity management, but also access management, privilege management, and even customer identity management, all of this falling under the umbrella of identity governance. More importantly, identity has shifted from being a basic operations function to the cornerstone for business enablement and digital transformation. In this presentation, Rob walks you through key considerations when developing your identity strategy to help you improve the current state of your program while building a solid foundation for the future of your identity program.

    Click to Expand

    Speaker:

    Rob Wilson
    Rob Wilson

    Rob Wilson

    Sr. Solution Engineer

    Collapse This Item

  • Risk Management – Insights in a World Gone Crazy 10:00 am

    Presented by Ivanti

    Join Phil Richards, CISO for Ivanti, as we discuss key concepts and strategies for Risk Management. A few of the questions to be addressed in this session include: Is risk always a bad thing? How do you categorize risk according to your company’s objectives? Do data breaches really impact the big companies? What are the steps to recognizing, assessing and managing risk? The answers to these and many other questions will be discussed in this very important and timely session.

    Click to Expand

    Speaker:

    Phil Richards
    Phil Richards

    Phil Richards

    CISO at Ivanti

    Collapse This Item

  • The IoT Storm… Will We Survive the Coming Deluge? 10:40 am

    Presented by Check Point Software Technologies

    IoT devices permeate the most intimate aspects of our everyday lives. Now more than ever we must address the risks associated with these always on, always connected devices!

    Click to Expand

    Speaker:

    Robert Falzon
    Robert Falzon

    Robert Falzon

    Engineering Office of the CTO

    Collapse This Item

  • Managing Digital Risk Amid Disruption 11:05 am

    Presented by RSA

    Digital transformation is not only changing how companies think about business. It is changing how we think about risk. We need to *act* on risk, not worry about it. We need to start and end with the basics. In this session we review several key areas of digital risk management to target as you are challenged to be a key contributor in your company’s digital journey.

    Click to Expand

    Speaker:

    Ben Smith
    Ben Smith

    Ben Smith

    Field CTO

    Collapse This Item

  • How Police Respond to Cyber Security Incidents 12:15 pm

    Presented by Royal Canadian Mounted Police

    The talk provides insight on policing structure within Canada, and cyber initiatives being implemented at all levels. To dispel some myths within the community, time will be spent on how police respond to Cyber Security Incidents and some of the common myths associated with report to Law Enforcement. The BC Cyber Team has formulated a Provincial strategy for which a major component is supporting our frontline investigators and connecting our partners.

    Click to Expand

    Speaker:

    Collapse This Item

  • Cyber Resilience: Rethinking Your Data Protection Strategy in the Age of Ransomware 1:05 pm

    Presented by Zerto

    Ransomware threats increased by 300% last year, and the industry is expecting it to get worse. Ransomware victims’ greatest pains are downtime and data loss. Current DR and Backup solutions aren’t equipped to help you manage it at the speed of business. Join us for this discussion on how to transform your data protection approach to ensure you can protect your data and resume operations almost instantly when facing a ransomware attack. See you there!

    Click to Expand

    Speaker:

    Andy Fernandez
    Andy Fernandez

    Andy Fernandez

    Senior Technology Evangelist at Zerto

    Collapse This Item

  • Rise of the Machines: Best Practices for Securing Unmanaged and IoT Devices 1:30 am

    Presented by Ordr

    For many years now, enterprise networks have seen an explosive rise in devices that are challenging for security teams to secure. These include not only unmanaged devices, but also the extensive portfolio of Internet of Things (IoT) in enterprises such IP cameras, conference room TVs, smart building systems, manufacturing machines and medical devices.

    Join Ordr’s CSO Jeff Horne in this webinar to learn:

    • Risks and vulnerabilities associated with unmanaged and IoT devices
    • Why traditional networking and security tools fall short
    • Security best practices to protect these devices without impacting business operations
    Click to Expand

    Speaker:

    Jeff Horne
    Jeff Horne

    Jeff Horne

    CSO

    Collapse This Item

  • Credential Harvesting as a Service: How This Dark Web Organization Steals Your Microsoft Credentials 2:10 pm

    Presented by Avanan

    In this presentation, we will analyze the attack methods of a single advanced persistent threat organization that guarantees its dark-web customers that their messages will bypass Microsoft security. We will review the software they use to send email from anywhere in the world, their techniques that take advantage of both short- and long-lived vulnerabilities and the infrastructure to harvest credentials and perform attacks almost instantaneously.

    You will be surprised by the sophistication of the tools as well as their ease of use. Updated regularly with release notes and training videos, they are not ‘hackers’, so much as software developers with a very clear product offer: 100% access to your inbox. We will watch them over time and show how the tricks they use provide us with the indicators-of-attack we need to stop them.

    Click to Expand

    Speaker:

    Michael Landewe
    Michael Landewe

    Michael Landewe

    Cofounder

    Collapse This Item

  • Offensive AI vs. Defensive AI: Battle of the Algorithms 2:35 pm

    Presented by Darktrace

    Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyber-attacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyber-attacks leveraged at scale. To protect against Offensive AI attacks, organizations are turning to defensive cyber AI, which can identify and neutralize emerging malicious activity, no matter when, or where, it strikes.

    In this session, learn about:

    • Paradigm shifts in the cyber landscape
    • Advancements in offensive AI attack techniques
    • The Immune System Approach to cyber security and defensive, Autonomous Response capabilities
    • Real-world examples of emerging threats that were stopped with Cyber AI
    Click to Expand

    Speaker:

    David Masson
    David Masson

    David Masson

    Director of Enterprise Security at Darktrace

    Collapse This Item

  • Confessions of a Rogue FBI Agent 3:50 pm

    1999 – the early days of cybercrime. Identity theft was a new idea, and the FBI birthed a new division to handle it.  It had never been done before – but a few agents started it, flew by the seat of their pants, and traversed the federal law enforcement landscape to blaze a new path, fighting criminals that worked outside our boarders.

    EJ Hilbert was there at the beginning. In this keynote presentation, he’ll talk about case studies from that time, and walk through the scintillating story of his own travelais, which led him to bring down the first major Russian CyberHacker, and later land him squarely in the crosshairs of an international spy thriller: corporate espionage, rouge agents, questionable officials and bad actors.

    You’ll be excited and enlightened by the story, and in the process learn more about today’s threat landscape.  Moreover, you’ll understand why the current cybersecurity environment goe beyond traditional law enforcement – requiring vigilance on the part of corporations and especially cybersecurity professionals.

    Click to Expand

    Speaker:

    E.J. Hilbert
    E.J. Hilbert

    E.J. Hilbert

    Former FBI Cyber Agent, CISO & Founder at KCECyber

    Collapse This Item

  • Summit Closing Session
Partners