ISMG Engage - Toronto
Engage March 7, 2023
ISMG Engage Toronto will leverage the largest community of industry leaders, including members of ISMG’s CISO community, CybereEdBoard, professionals will meet in a boardroom setting to hear from peers within the region.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.
Toronto, ON
Name :
Toronto, ON
Samer Adi
IT Security Leader
Green Shield Canada
Ragulan Sinnarajah
VP, IT & Head of Cyber Security
Sobeys
David Pollino
Former CISO
PNC Bank
Anna Delaney
Director, ISMG Productions
ISMG
Kush Sharma
CIO
Aptitude 360 Inc
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Rachel Guinto
AVP, Information Risk Management
Manulife
Arif Hameed
CISO and VP
Munich Re New Ventures
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Ireen Birungi
CISO
Interac Corp
Tom Field
Chief Executive of Editorial
ISMG
Simon Brown
Director of Cyber Security
Weston Foods
Mat Schwartz
Executive Editor
ISMG
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Ruth Promislow
Partner
Bennett Jones LLP
Michael Novinson
Managing Ediitor
ISMG
Adam Evans
VP, Cyber Operations & CISO
RBC
Adam Evans is VP, Cyber Operations and Chief Information Security Officer (CISO) for RBC. As CISO, Adam sets RBC’s cyber vision, strategy and program to reduce cyber risks and keep clients, employees, and systems safe. He is responsible for developing...
Chris Holden
CISO
Crum & Forster
As CISO for Crum & Forster, Holden is responsible for maintaining the day-to-day security of the organization's information systems and data while adhering to regulatory requirements. He started his career as a forensics analyst for Hewlett-Packard’s global cybersecurity team, where...
Martin Dinel
Assistant Deputy Minister and Chief Information Security Officer
Government of Alberta
Martin Dinel is a trusted and experienced information technology and cybersecurity professional with over 33 years of leadership experience in the industry. As CISO for the Government of Alberta since August 2015, he defines the province's vision and strategy to...
Imran Ahmad
imran.ahmad@nortonrosefulbright.com
Norton Rose Fullbright
Imran Ahmad is the Canadian head of the technology sector and co-head of the information governance, privacy and cybersecurity practice at Norton Rose Fulbright. He advises clients across all industries on a wide array of technology-related matters, including outsourcing, cloud...
Manny Cancel
SVP and CEO
E-ISAC
Cancel became NERC senior vice president and chief executive officer of the Electricity Information Sharing and Analysis Center (E-ISAC) in January 2020. He is responsible for the management and oversight of the E-ISAC and leads security operations and information sharing,...
Karen Habercoss
Chief Privacy Officer
U. Chicago Medicine
Habercoss is the chief privacy officer for The University of Chicago Medicine and Clinical Biological Sciences Division. She is responsible for the enterprise multiyear strategy and day-to-day operations of the Health System Privacy Program, which has a workforce of more...
Keri Glitch
VP and CISO
MISO Energy
As vice president and chief information security officer for Midcontinent Independent System Operator, Glitch leads both the security and technology organizations and is responsible for MISO's comprehensive strategy, execution and operations. Previously, she was chief security officer at AVANGRID, where...
Alex Foord
CIO and VP
ISEO
As chief information officer and vice president of information and technology services at IESO, Foord's responsibilities include being accountable for the company's IT solutions and strategies, leading its enterprisewide cybersecurity management program and ensuring oversight of the Smart Metering Entity....
View Agenda
Welcome and Keynote Address
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
  • 05:00 PM
  • 05:59 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 05:00 PM
  • 05:59 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 05:00 PM
  • 05:59 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 05:00 PM
  • 05:59 PM
Deep Dive Discussions: 10 Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Zero Trust
  • OT
  • Cybercrime
  • Ransomware
  • Fraud
  • IAM
  • Cryptocurrency
  • Payments
  • Critical Infrastructure
  • Incident Response
  • 05:00 PM
  • 05:59 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 05:00 PM
  • 05:59 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 05:00 PM
  • 05:59 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 05:00 PM
  • 05:59 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 05:00 PM
  • 05:59 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 05:00 PM
  • 05:59 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 05:00 PM
  • 05:59 PM
Risk Management for a New Era: Maturity Models and Evolution of Security ProgramsGovernance (Duplicated)

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
Refreshment Break
  • 06:00 PM
  • 06:29 PM
  • 06:30 PM
  • 07:29 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 06:30 PM
  • 07:29 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 06:30 PM
  • 07:29 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces

Regulatory and compliance issues rising from third-party partnerships

  • 06:30 PM
  • 07:29 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 06:30 PM
  • 07:29 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 06:30 PM
  • 07:29 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 06:30 PM
  • 07:29 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 06:30 PM
  • 07:29 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 06:30 PM
  • 07:29 PM
Deep Dive Discussions: 10 Topic-Based Intimate Sessions (Duplicated)

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Zero Trust
  • OT
  • Cybercrime
  • Ransomware
  • Fraud
  • IAM
  • Cryptocurrency
  • Payments
  • Critical Infrastructure
  • Incident Response
Closing Comments
  • 07:30 PM
  • 07:59 PM

ISMG Engage Toronto will leverage the largest community of industry leaders, including members of ISMG’s CISO community, CybereEdBoard, professionals will meet in a boardroom setting to hear from peers within the region.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.

Toronto, ON
Name :
Toronto, ON

Samer Adi
IT Security Leader
Green Shield Canada
Ragulan Sinnarajah
VP, IT & Head of Cyber Security
Sobeys
David Pollino
Former CISO
PNC Bank
Anna Delaney
Director, ISMG Productions
ISMG
Kush Sharma
CIO
Aptitude 360 Inc
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Rachel Guinto
AVP, Information Risk Management
Manulife
Arif Hameed
CISO and VP
Munich Re New Ventures
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Ireen Birungi
CISO
Interac Corp
Tom Field
Chief Executive of Editorial
ISMG
Simon Brown
Director of Cyber Security
Weston Foods
Mat Schwartz
Executive Editor
ISMG
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Ruth Promislow
Partner
Bennett Jones LLP
Michael Novinson
Managing Ediitor
ISMG

Adam Evans
VP, Cyber Operations & CISO
RBC
Adam Evans is VP, Cyber Operations and Chief Information Security Officer (CISO) for RBC. As CISO, Adam sets RBC’s cyber vision, strategy and program to reduce cyber risks and keep clients, employees, and systems safe. He is responsible for developing...
Chris Holden
CISO
Crum & Forster
As CISO for Crum & Forster, Holden is responsible for maintaining the day-to-day security of the organization's information systems and data while adhering to regulatory requirements. He started his career as a forensics analyst for Hewlett-Packard’s global cybersecurity team, where...
Martin Dinel
Assistant Deputy Minister and Chief Information Security Officer
Government of Alberta
Martin Dinel is a trusted and experienced information technology and cybersecurity professional with over 33 years of leadership experience in the industry. As CISO for the Government of Alberta since August 2015, he defines the province's vision and strategy to...
Imran Ahmad
imran.ahmad@nortonrosefulbright.com
Norton Rose Fullbright
Imran Ahmad is the Canadian head of the technology sector and co-head of the information governance, privacy and cybersecurity practice at Norton Rose Fulbright. He advises clients across all industries on a wide array of technology-related matters, including outsourcing, cloud...
Manny Cancel
SVP and CEO
E-ISAC
Cancel became NERC senior vice president and chief executive officer of the Electricity Information Sharing and Analysis Center (E-ISAC) in January 2020. He is responsible for the management and oversight of the E-ISAC and leads security operations and information sharing,...
Karen Habercoss
Chief Privacy Officer
U. Chicago Medicine
Habercoss is the chief privacy officer for The University of Chicago Medicine and Clinical Biological Sciences Division. She is responsible for the enterprise multiyear strategy and day-to-day operations of the Health System Privacy Program, which has a workforce of more...
Keri Glitch
VP and CISO
MISO Energy
As vice president and chief information security officer for Midcontinent Independent System Operator, Glitch leads both the security and technology organizations and is responsible for MISO's comprehensive strategy, execution and operations. Previously, she was chief security officer at AVANGRID, where...
Alex Foord
CIO and VP
ISEO
As chief information officer and vice president of information and technology services at IESO, Foord's responsibilities include being accountable for the company's IT solutions and strategies, leading its enterprisewide cybersecurity management program and ensuring oversight of the Smart Metering Entity....

View Agenda
Welcome and Keynote Address
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
  • 05:00 PM
  • 05:59 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 05:00 PM
  • 05:59 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 05:00 PM
  • 05:59 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 05:00 PM
  • 05:59 PM
Deep Dive Discussions: 10 Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Zero Trust
  • OT
  • Cybercrime
  • Ransomware
  • Fraud
  • IAM
  • Cryptocurrency
  • Payments
  • Critical Infrastructure
  • Incident Response
  • 05:00 PM
  • 05:59 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 05:00 PM
  • 05:59 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 05:00 PM
  • 05:59 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 05:00 PM
  • 05:59 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 05:00 PM
  • 05:59 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 05:00 PM
  • 05:59 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 05:00 PM
  • 05:59 PM
Risk Management for a New Era: Maturity Models and Evolution of Security ProgramsGovernance (Duplicated)

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
Refreshment Break
  • 06:00 PM
  • 06:29 PM
  • 06:30 PM
  • 07:29 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 06:30 PM
  • 07:29 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 06:30 PM
  • 07:29 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces

Regulatory and compliance issues rising from third-party partnerships

  • 06:30 PM
  • 07:29 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 06:30 PM
  • 07:29 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 06:30 PM
  • 07:29 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 06:30 PM
  • 07:29 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 06:30 PM
  • 07:29 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 06:30 PM
  • 07:29 PM
Deep Dive Discussions: 10 Topic-Based Intimate Sessions (Duplicated)

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Zero Trust
  • OT
  • Cybercrime
  • Ransomware
  • Fraud
  • IAM
  • Cryptocurrency
  • Payments
  • Critical Infrastructure
  • Incident Response
Closing Comments
  • 07:30 PM
  • 07:59 PM

Speaker Interviews

March 7, 2023

ISMG Engage - Toronto