Go to Complete Schedule
Day/Time or Alphabetic
Thursday at 7:30am
Thursday at 8:30am
With: Winn Schwartau
Thursday at 9:00am
With: Dmitri Alperovitch
For the past several years, we have seen a constant stream of announcements of serious intrusions by both nation-states and cybercriminal actors into numerous large and small commercial, non-profit, and government organizations, who as a result had suffered significant losses of valuable intellectual property, trade secrets and sensitive national security information. Many of these victims had spent significant financial and personnel resources to build defense-in-depth capabilities and employed a variety of best-of-breed security technologies. Yet, they have all have fallen prey to targeted and persistent adversaries who had relentlessly stalked and pursued them, ultimately succeeding in worming their way in and penetrating all layers of security solutions.
Dmitri Alperovitch has led global investigative teams that have uncovered and investigated such groundbreaking cyberespionage operations as Night Dragon, Shady RAT and Operation Aurora. In this talk, Alperovitch will describe the lessons he has learned from pursuing and investigating nation-state cyberespionage adversaries and discuss the need for a new cybersecurity framework that places emphasis on deterrence strategies and raising costs to the adversary, in addition to purely preventative measures.
Thursday at 9:45am
With: Louis Beauséjour
The expectations of Canadians in terms of service are evolving rapidly. HRSDC is developing new and innovative ways of serving our clients while protecting the privacy and security of personal information and programs. Strong Identity Management (IdM) is central to meeting these expectations as it is the starting point of the trust relationship and confidence between the public and government, and it is a critical enabler of service delivery, security, privacy and program integrity.
The scope of IdM is broad and affects many facets of people’s lives including how organizations conduct business in Canada. The collection, use, management and the secure storage of identity information is critical to protecting the rights of citizens, ensuring privacy, and ensuring national security. Identity management is the cornerstone of programs, benefits and service delivery processes in HRSDC.
Identity management is the cornerstone of programs, benefits and service delivery processes in HRSDC. A coherent and consistent IdM approach assists HRSDC in delivering to the right person/organization the right access, at the right time and for the intended purpose. Moreover, in an environment of fiscal restraint, an effective IdM reduces costs, inefficiencies, risks of errors and, improves the service experience for clients.
The presentation will provide a glimpse into HRSDC’s Identity Management Program with a focus on service delivery and privacy and how it could support a Government of Canada enterprise-wide Federation of Identity and emerging opportunities for identity-based partnerships with other levels of government and the private sector.
Thursday at 10:15am
Thursday at 10:35am
With: Anne Bertrand (h), Bill Abbott, Sara Wiebe, William J. Cook
Data breaches are serious, especially in a time where we are creating information at a historic rate. The panel will discuss the concerns for frequency of data breaches, the notification process and the issues arising as a result of that process, and the impact and effect privacy breaches have. As the panelists are all experts in different areas, the various perspectives (Regulator’s perspective, private sector and “widespread” perspective, e.g. Corporations doing business in several jurisdictions) are going to be of specific interest.
Thursday at 10:35am
With: Winn Schwartau (h), Dr. David Whyte, Patrick Bedwell, Paul J. Girard
Because using social media is so easy; because it can turn anyone with an opinion or something to say into their own broadcast station; because social media has become so ingrained into our lives, many people simply do not understand the risks.
Identity Theft affects tens of millions of people every year. So, should you or your kids be posting home addresses, detailed school data, mother’s maiden names and other personal information that can help criminals steal your identity or target your children?
What about your vacation and travel plans. Does it really make sense to announce in public that your home will be empty for two weeks?
Did you know that many of your photos are geo-tagged with the GPS coordinates where they were taken? Posting pictures of your children gives away their exact location. Do you want that information accessible to everyone on the internet?
So, what can you do to improve your social networking security posture at home and at the office?
Come to this exciting session, get involved and share ideas!
Thursday at 11:55am
Thursday at 12:35pm
With: Trevor Hughes
Around the world, legislative and regulatory debates are raging over the proper way to manage data in the information economy. These debates are central to the field of privacy, but we focus on them exclusively at our peril. As legislation struggles to keep up with the advance of technology and business models, many technological gate-keepers are creating privacy standards with far-reaching global effects. And we thus have an important new source of law in the field of data protection: code.
Today’s information professionals need to understand this “code of privacy” and learn how to navigate within it. This session will explore the areas where the code of privacy is emerging – browsers, mobile apps, platforms, consumer plug-ins -- and provide guidance on how to effectively monitor and respond to developments in this dynamic field.
Thursday at 1:15pm
With: Sean Doherty
We are living in explosive times; at least, where information growth is concerned. Some analysts predict that at current growth rates, planet earth could run out of physical space to store information within the next 50 years – even with the inclusion of cutting-edge storage technologies.
A similar problem erupted during the industrial revolution. Burgeoning factories and a sudden influx of workers to urban areas created a rapidly growing garbage problem. The common approach to waste management left cities like Paris surrounded by trash piles that rose “higher than the city walls.”
As with today’s information management situation, new management approaches were required. Innovative solutions emerged, such as storage, transportation, incineration, toxic waste handling and recycling – waste management processes that are still being improved upon today.
So how are we to deal with the byproduct of an information age? How are we to securely and efficiently manage information now and into the future? In this session, Sean will discuss steps to ensure we are not consumed by explosive information growth.
Thursday at 2:05pm
With: Chris Poulin
Organizations are continually looking for new and improved ways to protect valuable information that resides on their corporate and virtual networks. With risks coming from many directions, including insider fraud and the evolving complexity of external vulnerabilities, the pressure to protect IT resources and gain better network and application visibility is only increasing. Join this session to understand how an effective Security Intelligence Platform can provide comprehensive network intelligence from the predictive/prevention phase through the reaction/remediation phase and enables cross-domain analytics, reporting and management capabilities across all elements of the IBM Security Framework -- protecting your People, Data, Applications and Infrastructure.
Thursday at 2:05pm
With: Jawahar Sivasankaran
Empowered employees, consumer devices, work anywhere requirements, contractor and temp access. All of these can potentially bring great business value to the enterprise, but can add tremendous challenges to IT and Security organizations. If you are grappling with the following challenges, this session will provide some answers and directions.
1) Centralized policy enforcement for employees, partners and guests
2) Global entitlement policy for employee owned devices
3) Ubiquitous access across Wired, Wireless and Remote access (Hardware & Software VPN)
4) Onboarding, registration and management of devices
5) Context aware security requirements
This session will cover best practices based on Cisco’s internal deployment as well as the lessons learned through the hundreds of “peer to peer” discussions with global customers.
Thursday at 2:35pm
Thursday at 2:55pm
With: Mimi Lepage (h), Ashley Casovan, Dr. Teresa Scassa, Jean-Francois Gauthier, Stephen Walker
In March 2011, the Government of Canada launched its Open Government strategy based on three pillars: Open Information, Open Data, and Open Dialogue.
This panel represents different levels of government - municipal, provincial and federal - and is designed to share with the audience the experience that the various levels of government have had to date with Open Government. We are coming to this session with the hope to have an open and frank dialogue and looking forward to your questions!
Thursday at 2:55pm
With: Toni Moffa (h), Colleen D'Iorio, Dean Turner, Henry Stern, Robert Dick
Trends indicate that cyber threats are increasing in frequency, volume and sophistication resulting in an communications environment that is inherently vulnerable and untrustworthy.
This panel will discuss the changes necessary to current approaches in cyber threat response and explore future options for more effectively dealing with cyber threat challenges from both a public and private sector perspective.
Thursday at 4:15pm
With: Corinne Charette
The Government of Canada is committed to designing and delivering citizen-centered services and to ensuring the internal administrative operations of government are as efficient and effective as possible. At the heart of this endeavour is the management of security and privacy as a key enabler for the delivery of government programs. The Chief Information Officer of the Government of Canada’s address will touch on the key strategic initiatives being implemented by the Government of Canada to ensure success.
Thursday at 4:45pm
Administrative Announcements MC
- See on schedule
Friday at 8:30am
With: Ian Kerr
Friday at 8:50am
With: Colin J. Bennett
"Mega-Events" like the Olympic Games pose peculiar and extensive security challenges. The overwhelming imperative is that "nothing should go wrong." There are, however, an almost infinite number of things that can "go wrong"; producing the perceived need for pre-emptive risk assessments, and an expanding range of security measures, including extensive forms and levels of surveillance. Colin Bennett discusses the themes in his book "Security Games: Surveillance and Control at Mega-Events" in the light of the experiences of the 2010 Vancouver Olympics and the 2012 London Olympics. He raises questions about how the legacies of these events have more persistent effects on privacy and civil liberties." See: www.security-games.com
Friday at 9:30am
With: Kristin Lovejoy
In a hyper-connected world, security is increasingly complex and difficult to manage. To capture a global snapshot of how information security strategies and plans are changing, IBM recently surveyed information security leaders from nine countries and a broad range of industries. This research reveals a distinct pattern of progression among security organizations - and the distinguishing traits of those that are most secure and mature. The organizations leading the way are taking a more proactive, integrated and strategic approach to information security, highlighting models worth emulating and providing headlights into the evolving business leadership role of the Chief Information Security Officer.
Friday at 10:00am
Friday at 10:20am
With: Adam Kardash (h), Amanda Maltby, Barbara Bucknell, Suzanne L. Morin
The accountability model, as set out in Canadian privacy legislation, is garnering considerable attention within the global privacy arena. This session will explore the meaning of the Canadian accountability model, and how a tailored privacy governance framework can address Canadian statutory requirements. The session will consist of a moderated, interactive discussion that will explore the practical impact of the increasing focus of Canadian privacy regulatory authorities in this regard, as set out in the comprehensive list of expectations in the guidance document, “Getting Accountability Right with a Privacy Management Program”, jointly released by the Office of the Privacy Commissioner of Canada, and the Offices of the Information and Privacy Commissioners of Alberta and British Columbia.
Friday at 10:20am
With: Michel Laviolette (h), Alex Manea, Derick Cassidy, Fiaaz Walji, Martin Kyle
Are you faced with a tidal wave of employee-owned devices crashing on your firewall and challenging your enterprise policies? Or are you already surfing the BYOD wave? Are the advantages of allowing BYOD outweighing the risks? Can the threats be mitigated? Many enterprises, public and private alike are faced with increased pressures to embrace employee-owned devices on their networks. Most enterprises cannot keep pace with the rapid changing consumer device market, yet users are expecting them to do so. A paradigm has shifted! Users are often better “IT equipped” at home than at work. Join our panel of industry experts as we analyse the pros and cons, risks and threats, opportunities and challenges of embracing the BYOD model in the workplace.
Friday at 11:40am
With: Mike Huckaby
In today's world of advanced threats and complex compliance issues it's no longer feasible for an organization to resist every attack or manage security based on compliance pressures. A more realistic goal is for security operations teams to be able to react quickly to determine how an attack happened, reduce the 'attacker free time', and put measures in place to prevent similar future attacks. All while automating the proof of compliance process.
In this presentation, we will discuss how organizations can manage risk more efficiently and secure trust in IT through comprehensive visibility, actionable intelligence, and advanced security analytics for fast detection and investigation.
Friday at 11:40am
With: Jason Kataila, Jon Baker
BYOD (Bring Your Own Device) is all the rage, but it’s also a scary proposition for most organizations. Are you wondering how to integrate BYOD into your organization while protecting your sensitive data and the devices that access them? Join us for this session to learn how you can intelligently apply controls to individual applications on your employee’s devices, without touching or affecting the rest of the device or the users’ personal information.
Friday at 12:10pm
Friday at 12:45pm
With: Jennifer Stoddart
Privacy Commissioner of Canada Jennifer Stoddart shares her insights on the remarkable evolution of privacy over the 30 years that have followed the passage of the Privacy Act in Parliament. Commissioner Stoddart will reflect on some of the good, the bad … and perhaps even the ugly … of federal public sector privacy issues and trends of the last three decades.
Friday at 1:25pm
With: Greg Akers
Enterprise executives must remain focused on increasing business productivity to maximize sustained profitable growth, even in the face of evolving and maturing IT threats. But who is truly responsible for managing risk in large enterprises and government institutions? Senior leadership plays a significant role in risk management as it holds the greatest influence at the humanistic, cultural, and institutional levels. The citizens of a nation look to its government leaders to set the tone that they will then follow. Individuals make risk management decisions every day and in a multitude of ways, while those in charge of IT implement the technologies that can help to mitigate risk. Everyone is ultimately accountable for protecting information assets and resources in these organizations—it’s our combined responsibility. Greg Akers, SVP, Advanced Security Initiatives, Cisco will provide perspective and strategies for minimizing enterprise risk, while maximizing business value through a strategic security approach that provides the strongest foundation for network security.
Friday at 1:55pm
Friday at 2:10pm
With: Colleen D'Iorio (h), David Elder, Jonathan McHale, Sharon Hagi
On December 7th, 2011, Prime Minister Stephen Harper and U.S. President Barack Obama announced the Beyond the Border Action Plan: A Shared Vision for Perimeter Security and Economic Competitiveness. One of the critical aspects of this action plan is cross border information sharing between Canada and the U.S. Given the constantly changing and increasingly hostile cyber threat landscape, how will citizens and businesses react to governments adopting multi-national clouds? How do we ensure that privacy of our citizens is maintained when information flows across multiple jurisdictions? How do we ensure that parties (such as governments and service providers) use the information only as stipulated in agreements? How do we ensure that the information is adequately protected and will not be compromised? How do we ensure that the appropriate data is located and expunged when required? Does the notion of a multi-national cloud environment help to alleviate some of these concerns or does it make it worse? The purpose of this panel will be to explore these as well as other questions.
Friday at 3:30pm
With: Mike Huckaby
Does anyone believe that perimeter defenses are enough to protect businesses today? With massive amounts of digital information, Bring Your Own Device, Cloud, Big Data and more, our perimeter is more porous and harder to defend. It's imperative to rethink security in a more balanced way, devoting additional resources to detection and response. Mike Huckaby will discuss how an Intelligence-Driven Security model that evaluates risk, security spend allocation, and skills of the security team can enable businesses to get ahead of the latest threats.
Friday at 4:00pm
With: Ian Kerr