ISMG Engage - Toronto
Engage March 7, 2023
ISMG Engage Toronto will leverage the largest community of industry leaders, including members of ISMG’s CISO community, CybereEdBoard, professionals will meet in a boardroom setting to hear from peers within the region.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.
Hyatt Regency Toronto
Name :
Hyatt Regency Toronto
Address :
Hyatt Regency, King Street West, Toronto, ON, Canada
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Samer Adi
IT Security Leader
Green Shield Canada
Arif Hameed
CISO and VP
Munich Re New Ventures
Rachel Guinto
AVP, Information Risk Management
Manulife
Tom Field
Chief Executive of Editorial
ISMG
Mat Schwartz
Executive Editor
ISMG
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
David Pollino
Former CISO
PNC Bank
Ireen Birungi
CISO
Interac Corp
Simon Brown
Director of Cyber Security
Weston Foods
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Michael Novinson
Managing Ediitor
ISMG
Ragulan Sinnarajah
VP, IT & Head of Cyber Security
Sobeys
Ruth Promislow
Partner
Bennett Jones LLP
Anna Delaney
Director, ISMG Productions
ISMG
Greg Thompson
VP, CISO
ManuLife
Based in Toronto, Canada, Greg Thompson is vice president and Chief Information Security Officer responsible for the Global Information Security Risk program at Manulife Financial. Manulife Financial is a Canadian-based multinational insurance company and financial services provider headquartered in Toronto,...
Vinay Puri
Vice President, Head of Security Architecture
Thomason Reuters
Mohsen Azari
Director Cyber Defence
goeasy
Kush Sharma
CIO
Aptitude 360 Inc
As the CIO at Aptitude 360, a boutique customer experience firm, Sharma oversees the technology and security organization. Prior to this, he was the inaugural CISO for the city of Toronto and the inaugural cyber executive for Saputo. He was...
Rob Knoblauch
Deputy CISO and VP Global Security Services 
Scotiabank
Samer Adi
IT Security Leader
Green Shield Canada
Samer Adi is a strategic IT operations executive with expertise in driving information security programs within business units. He is a big picture visionary delivering business continuity while ensuring best-in-class security systems and implementing new technologies and process improvements to...
Zia Shah
CISO and Managing Director of Technology
KPMG, Canada
Zia Shah is the head of Information Security and Technology at KPMG in Canada. Zia joined KPMG in 2001 and has held a variety of senior management positions in Canada. In 2002, he was appointed Senior Principal at the firm...
Natalia Baktina
Director, Cybersecurity and IT Risk Management
BFL Canada
Natalia Bakhtina is a strategic CISO-level leader and is globally recognized as the Women in IT Canada Finalist 2022 for the “Outstanding Contribution of the Year”. Experienced results-oriented strategic professional in cybersecurity, IT and enterprise risk management and program management,...
George Al-Koura
CISO
Ruby
Sunil Chand
VP, CISO
OLG
Sunil Chand is a security management professional with more than 20 years of experience. Prior to joining Grant Thornton LLP, he held the role of Director, Information Security Consulting Services for TELUS Security and Chief Information Security Officer for a...
Farooq Naiyer
Global Head of Technology and Cyber Assurance
Munich RE
Farooq brings rich experience of more than 20 years in the area of cybersecurity, privacy, technology compliance and assurance. He currently serves the global leader for technology and cyber assurance for the Munich Re Group, He was formerly a Cybersecurity...
Shilpa Dahiya
Director Cybersecurity (Payments)
Metrolinx
Shilpa Dahiya is an accomplished Cybersecurity leader with strong problem‐solving capabilities; and a proven track record for consistently leading large organizations through significant changes. Shilpa has worked extensively in both public and private sector. In her current role, Shilpa is...
Deniz Hanley
CISO and Head of Technology and Operations Risk Canada
Morgan Stanley
Caitlin Gruenberg
Director, Solutions Engineer
CyberGRX
View Agenda
Welcome and Keynote Address
Rob Knoblauch, Deputy CISO and VP Global Security Services , Scotiabank
Zia Shah, CISO and Managing Director of Technology, KPMG, Canada
Greg Thompson, VP, CISO, ManuLife
Deniz Hanley, CISO and Head of Technology and Operations Risk Canada, Morgan Stanley
Rob Knoblauch
Zia Shah
Greg Thompson
Deniz Hanley
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Zero Trust
  • Enhancing Your Security Posture
  • Third Party Risk Management
  • Cyber Governance
  • OT
  • Ransomware
  • IAM
  • Incident Response
  • 04:59 PM
  • 05:59 PM
  • 05:00 PM
  • 05:59 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 05:00 PM
  • 05:59 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 05:00 PM
  • 05:59 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 05:00 PM
  • 05:59 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 05:00 PM
  • 05:59 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 05:00 PM
  • 05:59 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 05:00 PM
  • 05:59 PM
Natalia Baktina
Deep Dive: Cyber Governance: From Compliance to Competitive Advantage
Natalia Baktina, Director, Cybersecurity and IT Risk Management, BFL Canada

Organizations face many challenges when implementing and maintaining effective cyber governance.  During this session, we will examine many of these challenges including, a lack of understanding, limited resources, a complex regulatory environment, difficulty in measuring and demonstrating value and the evolving landscape. 

During this interactive Deep Dive you will also:

  • Delve into the various components of incident response planning, data privacy and third-party risk management
  • Discuss common challenges organizations face in implementing and maintaining effective cyber governance, and best practices for overcoming these challenges
  • 05:00 PM
  • 05:59 PM
Sunil Chand
Deep Dive: Enhancing Security Posture Visibility: Assessing Risks, Resource Allocation and Effectiveness
Sunil Chand, VP, CISO, OLG

In this session, we will delve into the importance of visibility into an organization's security posture at the operational levels.

Participants will learn how this visibility can help identify risks and ensure proper resource allocation, spending, and resourcing for the security function. Additionally, we will discuss how this visibility can assist in measuring the effectiveness of security strategy execution. Join us for an in-depth exploration of the crucial role of visibility in enhancing an organization's overall security posture.

During this interactive deep dive we will explore:

  • Ways to provide visibility and garner the support culturally and financially
  • What are some of the methods used to communicate or answer the question ‘What is the state of my security posture?’
  • Discuss how many people on the panel regularly present to the board
Refreshment Break
  • 06:00 PM
  • 06:29 PM
Deep Dive Discussions: 10 Topic-Based Intimate Sessions (Duplicated)

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Zero Trust
  • Enhancing Your Security Posture
  • Third Party Risk Management
  • Cyber Governance
  • OT
  • Ransomware
  • IAM
  • Incident Response
  • 06:29 PM
  • 07:29 PM
  • 06:30 PM
  • 07:29 PM
Sunil Chand
Deep Dive: Enhancing Security Posture Visibility: Assessing Risks, Resource Allocation and Effectiveness
Sunil Chand, VP, CISO, OLG

In this session, we will delve into the importance of visibility into an organization's security posture at the operational levels.

Participants will learn how this visibility can help identify risks and ensure proper resource allocation, spending, and resourcing for the security function. Additionally, we will discuss how this visibility can assist in measuring the effectiveness of security strategy execution. Join us for an in-depth exploration of the crucial role of visibility in enhancing an organization's overall security posture.

During this interactive deep dive we will explore:

  • Ways to provide visibility and garner the support culturally and financially
  • What are some of the methods used to communicate or answer the question ‘What is the state of my security posture?’
  • Discuss how many people on the panel regularly present to the board
  • 06:30 PM
  • 07:29 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 06:30 PM
  • 07:29 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 06:30 PM
  • 07:29 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces

Regulatory and compliance issues rising from third-party partnerships

  • 06:30 PM
  • 07:29 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 06:30 PM
  • 07:29 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 06:30 PM
  • 07:29 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 06:30 PM
  • 07:29 PM
Natalia Baktina
Deep Dive: Cyber Governance: From Compliance to Competitive Advantage
Natalia Baktina, Director, Cybersecurity and IT Risk Management, BFL Canada

Organizations face many challenges when implementing and maintaining effective cyber governance.  During this session, we will examine many of these challenges including, a lack of understanding, limited resources, a complex regulatory environment, difficulty in measuring and demonstrating value and the evolving landscape. 

During this interactive Deep Dive you will also:

  • Delve into the various components of incident response planning, data privacy and third-party risk management
  • Discuss common challenges organizations face in implementing and maintaining effective cyber governance, and best practices for overcoming these challenges
Closing Comments
  • 07:30 PM
  • 07:59 PM

ISMG Engage Toronto will leverage the largest community of industry leaders, including members of ISMG’s CISO community, CybereEdBoard, professionals will meet in a boardroom setting to hear from peers within the region.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.

Hyatt Regency Toronto
Name :
Hyatt Regency Toronto
Address :
Hyatt Regency, King Street West, Toronto, ON, Canada

Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Samer Adi
IT Security Leader
Green Shield Canada
Arif Hameed
CISO and VP
Munich Re New Ventures
Rachel Guinto
AVP, Information Risk Management
Manulife
Tom Field
Chief Executive of Editorial
ISMG
Mat Schwartz
Executive Editor
ISMG
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
David Pollino
Former CISO
PNC Bank
Ireen Birungi
CISO
Interac Corp
Simon Brown
Director of Cyber Security
Weston Foods
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Michael Novinson
Managing Ediitor
ISMG
Ragulan Sinnarajah
VP, IT & Head of Cyber Security
Sobeys
Ruth Promislow
Partner
Bennett Jones LLP
Anna Delaney
Director, ISMG Productions
ISMG

Greg Thompson
VP, CISO
ManuLife
Based in Toronto, Canada, Greg Thompson is vice president and Chief Information Security Officer responsible for the Global Information Security Risk program at Manulife Financial. Manulife Financial is a Canadian-based multinational insurance company and financial services provider headquartered in Toronto,...
Vinay Puri
Vice President, Head of Security Architecture
Thomason Reuters
Mohsen Azari
Director Cyber Defence
goeasy
Kush Sharma
CIO
Aptitude 360 Inc
As the CIO at Aptitude 360, a boutique customer experience firm, Sharma oversees the technology and security organization. Prior to this, he was the inaugural CISO for the city of Toronto and the inaugural cyber executive for Saputo. He was...
Rob Knoblauch
Deputy CISO and VP Global Security Services 
Scotiabank
Samer Adi
IT Security Leader
Green Shield Canada
Samer Adi is a strategic IT operations executive with expertise in driving information security programs within business units. He is a big picture visionary delivering business continuity while ensuring best-in-class security systems and implementing new technologies and process improvements to...
Zia Shah
CISO and Managing Director of Technology
KPMG, Canada
Zia Shah is the head of Information Security and Technology at KPMG in Canada. Zia joined KPMG in 2001 and has held a variety of senior management positions in Canada. In 2002, he was appointed Senior Principal at the firm...
Natalia Baktina
Director, Cybersecurity and IT Risk Management
BFL Canada
Natalia Bakhtina is a strategic CISO-level leader and is globally recognized as the Women in IT Canada Finalist 2022 for the “Outstanding Contribution of the Year”. Experienced results-oriented strategic professional in cybersecurity, IT and enterprise risk management and program management,...
George Al-Koura
CISO
Ruby
Sunil Chand
VP, CISO
OLG
Sunil Chand is a security management professional with more than 20 years of experience. Prior to joining Grant Thornton LLP, he held the role of Director, Information Security Consulting Services for TELUS Security and Chief Information Security Officer for a...
Farooq Naiyer
Global Head of Technology and Cyber Assurance
Munich RE
Farooq brings rich experience of more than 20 years in the area of cybersecurity, privacy, technology compliance and assurance. He currently serves the global leader for technology and cyber assurance for the Munich Re Group, He was formerly a Cybersecurity...
Shilpa Dahiya
Director Cybersecurity (Payments)
Metrolinx
Shilpa Dahiya is an accomplished Cybersecurity leader with strong problem‐solving capabilities; and a proven track record for consistently leading large organizations through significant changes. Shilpa has worked extensively in both public and private sector. In her current role, Shilpa is...
Deniz Hanley
CISO and Head of Technology and Operations Risk Canada
Morgan Stanley
Caitlin Gruenberg
Director, Solutions Engineer
CyberGRX

View Agenda
Welcome and Keynote Address
Rob Knoblauch, Deputy CISO and VP Global Security Services , Scotiabank
Zia Shah, CISO and Managing Director of Technology, KPMG, Canada
Greg Thompson, VP, CISO, ManuLife
Deniz Hanley, CISO and Head of Technology and Operations Risk Canada, Morgan Stanley
Rob Knoblauch
Zia Shah
Greg Thompson
Deniz Hanley
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Zero Trust
  • Enhancing Your Security Posture
  • Third Party Risk Management
  • Cyber Governance
  • OT
  • Ransomware
  • IAM
  • Incident Response
  • 04:59 PM
  • 05:59 PM
  • 05:00 PM
  • 05:59 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 05:00 PM
  • 05:59 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 05:00 PM
  • 05:59 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 05:00 PM
  • 05:59 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 05:00 PM
  • 05:59 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 05:00 PM
  • 05:59 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 05:00 PM
  • 05:59 PM
Natalia Baktina
Deep Dive: Cyber Governance: From Compliance to Competitive Advantage
Natalia Baktina, Director, Cybersecurity and IT Risk Management, BFL Canada

Organizations face many challenges when implementing and maintaining effective cyber governance.  During this session, we will examine many of these challenges including, a lack of understanding, limited resources, a complex regulatory environment, difficulty in measuring and demonstrating value and the evolving landscape. 

During this interactive Deep Dive you will also:

  • Delve into the various components of incident response planning, data privacy and third-party risk management
  • Discuss common challenges organizations face in implementing and maintaining effective cyber governance, and best practices for overcoming these challenges
  • 05:00 PM
  • 05:59 PM
Sunil Chand
Deep Dive: Enhancing Security Posture Visibility: Assessing Risks, Resource Allocation and Effectiveness
Sunil Chand, VP, CISO, OLG

In this session, we will delve into the importance of visibility into an organization's security posture at the operational levels.

Participants will learn how this visibility can help identify risks and ensure proper resource allocation, spending, and resourcing for the security function. Additionally, we will discuss how this visibility can assist in measuring the effectiveness of security strategy execution. Join us for an in-depth exploration of the crucial role of visibility in enhancing an organization's overall security posture.

During this interactive deep dive we will explore:

  • Ways to provide visibility and garner the support culturally and financially
  • What are some of the methods used to communicate or answer the question ‘What is the state of my security posture?’
  • Discuss how many people on the panel regularly present to the board
Refreshment Break
  • 06:00 PM
  • 06:29 PM
Deep Dive Discussions: 10 Topic-Based Intimate Sessions (Duplicated)

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Zero Trust
  • Enhancing Your Security Posture
  • Third Party Risk Management
  • Cyber Governance
  • OT
  • Ransomware
  • IAM
  • Incident Response
  • 06:29 PM
  • 07:29 PM
  • 06:30 PM
  • 07:29 PM
Sunil Chand
Deep Dive: Enhancing Security Posture Visibility: Assessing Risks, Resource Allocation and Effectiveness
Sunil Chand, VP, CISO, OLG

In this session, we will delve into the importance of visibility into an organization's security posture at the operational levels.

Participants will learn how this visibility can help identify risks and ensure proper resource allocation, spending, and resourcing for the security function. Additionally, we will discuss how this visibility can assist in measuring the effectiveness of security strategy execution. Join us for an in-depth exploration of the crucial role of visibility in enhancing an organization's overall security posture.

During this interactive deep dive we will explore:

  • Ways to provide visibility and garner the support culturally and financially
  • What are some of the methods used to communicate or answer the question ‘What is the state of my security posture?’
  • Discuss how many people on the panel regularly present to the board
  • 06:30 PM
  • 07:29 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 06:30 PM
  • 07:29 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 06:30 PM
  • 07:29 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces

Regulatory and compliance issues rising from third-party partnerships

  • 06:30 PM
  • 07:29 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 06:30 PM
  • 07:29 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 06:30 PM
  • 07:29 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 06:30 PM
  • 07:29 PM
Natalia Baktina
Deep Dive: Cyber Governance: From Compliance to Competitive Advantage
Natalia Baktina, Director, Cybersecurity and IT Risk Management, BFL Canada

Organizations face many challenges when implementing and maintaining effective cyber governance.  During this session, we will examine many of these challenges including, a lack of understanding, limited resources, a complex regulatory environment, difficulty in measuring and demonstrating value and the evolving landscape. 

During this interactive Deep Dive you will also:

  • Delve into the various components of incident response planning, data privacy and third-party risk management
  • Discuss common challenges organizations face in implementing and maintaining effective cyber governance, and best practices for overcoming these challenges
Closing Comments
  • 07:30 PM
  • 07:59 PM

Speaker Interviews

March 7, 2023

ISMG Engage - Toronto