17th Annual Privacy and Security Conference Privacy & Security By Choice, Not By Chance Feb 3 -5, 2016, Victoria, BC

General Information

Held in Victoria, British Columbia, Canada this conference is a must attend for those working in the privacy and security fields. Presented by the Office of the CIO and the Ministry of Finance, Government of British Columbia, this three-day conference, is recognized as one of the top tier events in North America. Anyone working in the information privacy and security fields will benefit from the speakers, discussions and networking at the conference. Attendees are from every level both within government and private industry. The conference draws an international audience of some 1,000 delegates with an interest in cutting edge policy, programs, law, research and technologies aimed at the protection of privacy and security.

Reasons to Attend

  • Get face-to-face dialogue with international industry experts who have successfully implemented best practices solutions
  • Learn about current trends, issues and actions
  • Obtain your annual Continuing Professional Development credits
  • Discover new methods and products that can lower expenses and increase revenues
  • Take the pulse of what is happening for tools, technologies, and processes
  • Get Immediate answers and solutions to issues current in your organization

Conference Rates

Early Bird registration
by December 18, 2015
Regular registration
after December 18, 2015
Public Sector  $575.00 CAD
(plus GST)
$725.00 CAD
(plus GST)
Private Sector  $725.00 CAD
(plus GST)
$925.00 CAD
(plus GST)

Registration Fees Include

  • 2 plated lunches
  • All coffee breaks
  • All keynotes, plenaries, panel sessions and applied sessions
  • Pre-conference educational sessions
  • Access to exhibit hall
  • Conference portfolio
  • Conference materials
  • On-line access to presentations post-event

The Victoria Conference Centre

There’s nowhere in the world like Victoria. It’s small yet sophisticated; a technology leader and an historic capital city; a vibrant business community yet surrounded by nature. At its heart is the Victoria Conference Centre – an exceptional experience for delegates and world-class support for planners.

Victoria Conference Centre
720 Douglas Street,
Victoria, BC
V8W 3M7

Keynote Speakers

Martin Abrams

Executive Director and Chief Strategist, Information Accountability Foundation

Joe Alhadeff

Vice President Global Public Policy and Chief Privacy Strategist, Oracle Corporation

Chantal Bernier

Counsel, Dentons Canada LLP, Former Interim Privacy Commissioner of Canada

Honourable Michael de Jong

Minister of Finance and Government House Leader, Province of British Columbia

Pam Dixon

Executive Director, World Privacy Forum

Michelle Fleury

Corporate Senior Director, Cisco Data Protection Officer, Cisco Systems

Peter Gregory

Director, Optiv

Alex Loffler

Principal Technology Architect, TELUS

Robert Masse

Partner, Deloitte Canada

Pamela Snively

Chief Data & Trust Officer, TELUS

Richard Thieme

Author and Futurist

Chief Clive Weighill

President, Canadian Association of Chiefs of Police

John Wheeler

Director of Services Strategy, Offerings and Alliances, IBM Security

Speakers

Martin Abrams

Executive Director and Chief Strategist, Information Accountability Foundation

Jessie Adcock

Chief Digital Officer, City of Vancouver

Joe Alhadeff

Vice President Global Public Policy and Chief Privacy Strategist, Oracle Corporation

Al Amiri

Regional Vice President, Western Canada Public Sector, Cisco Systems

Michael Argast

Director of TELUS Security Solutions, Western Canada, TELUS

Ainslie Avery

Senior Privacy Investigator and Advisor, Privacy, Compliance and Training Branch, Ministry of Finance, Government of British Columbia

Nik Badminton

Futurist

Ian Bailey

Assistant Deputy Minister of Technology Solutions, Ministry of Technology, Innovation and Citizens’ Services, Province of BC

John Beal

IBM Endpoint Security and Saas Leader, Canada

Rhianna Begley

Senior Privacy and Policy Advisor, Privacy Branch, Ministry of Finance, Government of British Columbia

Dr. Colin J. Bennett

Professor, Department of Political Science, University of Victoria

Chantal Bernier

Counsel, Dentons Canada LLP, Former Interim Privacy Commissioner of Canada

Gary Beyer

Partner, Tesseract 2.0 Computing

Gerry Bliss

Information Risk Management Advisor and Adjunct Professor, University of Victoria

Kris Constable

Founder, PrivaSecTech

Greg Coughlin

Director, Security Business Unit IBM Canada Ltd.

Benazeer Daruwalla

Senior Security Architect , IBM Canada

Honourable Michael de Jong

Minister of Finance and Government House Leader, Province of British Columbia

Elizabeth Denham

Information and Privacy Commissioner for British Columbia

Pam Dixon

Executive Director, World Privacy Forum

Alex Dow

Chief Research Officer, AJS Networks Inc.

Luke Dupuis

Privacy Advisor and Investigator, Privacy, Compliance and Training Branch, Ministry of Finance, Government of British Columbia

Dr. Khaled El Emam

CEO and Founder, Privacy Analytics

Michelle Fleury

Corporate Senior Director, Cisco Data Protection Officer, Cisco Systems

Shanti Gidwani

National Senior Director, Healthcare, Cisco Systems Canada

Amal Graafstra

CEO, Dangerousthings.com

Peter Gregory

Director, Optiv

Jane Hamilton

Vice-Chair, OECD Working Party on Security and Privacy in the Digital Economy

Ed Hargrave

Enterprise Account Manager, Fortinet

Andrew Hughes

Trust Framework Development Expert, DIACC

John Jacobson

Deputy Minister, Ministry of Technology, Innovation and Citizens’ Services, Province of BC

Derek Jacoby

Founder, Biospace

Dom Kapac

Information Security Analyst, Ministry of Health, Province of BC

Sylvia Kingsmill

National Partner, Enterprise Risk Services, Deloitte

Don Laursen

Senior Product Manager, F5 Networks

Paul Lewis

Executive Consultant Security Services, IBM Canada

Jay Loder

Privacy Consultant, Rouleur Privacy Consulting

Alex Loffler

Principal Technology Architect, TELUS

Adam Lorant

VP, Product & Solutions, PHEMI Systems

Justin Malczewski

Security Account Manager, Cisco Systems

Alex Manea

Director, Security, Research In Motion

Richard Margetts, Q.C.

Partner, Johns Southward Glazier Walton Margetts

Robert Masse

Partner, Deloitte Canada

Drew McArthur

Founder, McArthur Consulting Group

Michael McEvoy

Deputy Commissioner, Office of the Information & Privacy Commissioner for BC

Colin McKay

Head of Public Policy & Government Relations, Canada, Google

Luke Moloney

President, The Society of People for the Ethical Use of Drones

Dr. David Murakami Wood

Associate Professor, Queen’s University

Krishna Narayanaswarmy

Co Founder, Chief Scientist, Netskope

Jogi Nijjar

Program Manager, TIBCO Software Inc.

Mark Nunnikhoven

Vice President, Cloud Research, Trend Micro

David Padgett

Senior Auditor with the Privacy, Compliance and Training Branch, Ministry of Finance, Government of British Columbia

Gary Perkins

Executive Director, Chief Information Security Officer, Ministry of Citizens' Services, Province of BC

Alan Perry

Tech Talk Host, C-FAX 1070 Radio, eGuru’s Technology Tutor

Gray Phillips

Director of Business Development – Cloud Service Providers, Fortinet

Matt Reed

Senior Director, Strategic Privacy, Legislation and Training, Privacy, Compliance and Training Branch, Ministry of Finance, Province of BC

Trevor Richmond

Sales Engineer, Trend Micro Canada

Asif Savvas

Associate Partner, Simeio Solutions

Pamela Snively

Chief Data & Trust Officer, TELUS

Hayri Tarhan

Regional Vice President, Public Sector Security, Oracle

Richard Thieme

Author and Futurist

Gonzalo Tudela

CEO, Vandrico Solutions Inc

Jeannette Van Den Bulk

Assistant Commissioner, Strategic Privacy, Commission for Privacy and Data Protection, State of Victoria, Australia

William Varma

Director (CISO) - Enterprise Security & IT Risk, Globe & Mail

Himanshu Verma

Director Product Management

Honourable Amrik Virk

Minister of Technology, Innovation and Citizens’ Services

Micheal Vonn

Policy Director, BC Civil Liberties Association

Howard Waldner

Dean of the School of Health and Public Safety, SAIT; Former President & CEO, Island Health

John Weigelt

National Technology Officer, Microsoft Canada

Chief Clive Weighill

President, Canadian Association of Chiefs of Police

Cheryl Wenezenki-Yolland

Associate Deputy Minister, Chief Records Officer, Ministry of Finance, Province of British Columbia

John Wheeler

Director of Services Strategy, Offerings and Alliances, IBM Security

Norman Wilhelm

Associate, Toddington International Inc.

Dr. Peter Williams

IBM Distinguished Engineer, Chief Technology Officer, Big Green Innovations, IBM

Kate Wilson

Legal Counsel, Office of the Privacy Commissioner of Canada

Susan Wishart

Provincial Court Judge, Provincial Court of BC
Print Agenda

*Invited Speaker

Wednesday, February 3, 2016

8:00 Lower Foyer

Registration Desk Opens

9:00 - 12:00 Lecture Theatre

Fortinet presents: Why and How Enterprises are Securing their Workload on Microsoft Azure

Customers are moving their workloads to the public cloud at a rapid rate and cloud platforms have become a mission critical component for thousands of organizations. While the workload location may have changed the need to secure your applications & data remain – and may have increased. In this session we’ll start at a high level with industry trends then look to discuss security capabilities in the cloud, best practices and finally specific use cases.

9:00 – 10:30 Saanich Presentation Files Norman Wilhelm

BC Ministry of Technology, Innovation and Citizens’ Services – Information Security Branch presents: Creating a Safe Online Presence

When we connect to the Internet we become susceptible to spam, fraud, phishing, social engineering and a myriad of other threats that can invade and destroy lives. Internet connected devices have the potential to be positive or negative, and creating a safety net around your online presence will allow for better protection of your privacy and security. This workshop will walk attendees through the steps to obtain a safer online presence through the use of privacy tools, device settings and best practice principles.

Upon attending this workshop, participants will be able to:
• Understand the basic principles and behaviours of social media sharing
• Understand the common concerns associated to use of social media and Internet enabled devices
• Assist colleagues, friends and family to:
- Identify “red-flag” events as it applies to the use of social media
- Identify the concerns surrounding mobile technology and Wi-Fi
- Identify and communicate the threats to Internet safety

Presentation Files Norman Wilhelm

10:45-12:15 Saanich

BC Ministry of Technology, Innovation and Citizens’ Services – Information Security Branch presents: Cybersecurity in Your Home

A Common Sense Approach to Securing your Cyber Home - From configuring your home Wi-Fi, creating and using passwords, back-ups and securing the Internet of things in your home – this session will inform or remind you of the steps to cybersecurity best practices in your home and serves as a good “train the trainer” session.

9:00 – 12:00 Oak Bay Presentation Files Privacy Breach Management

BC Ministry of Finance – Privacy, Compliance & Training Branch presents: Privacy Breach Management

This interactive educational session will provide an overview of best practices and the steps to take in response to an actual or suspected privacy breach. Using the Government of British Columbia’s process for responding to privacy breaches, this session will use case studies and group discussion to focus on incident coordination, investigation, containment, evaluation of harm and prevention. This session, taken in conjunction with the afternoon Privacy Governance session will provide public body employees with a strong toolset to approach privacy within their respective areas.

Presentation Files Privacy Breach Management

9:00 - 12:00 Esquimalt

Ethics in a World of Information Uncertainty and Insecurity

In today's data rich, hyper-networked society the sheer diversity and volume of data sharing not only poses real-world risks in terms of privacy and security, but it also raises significant ethical and legal challenges that need to be addressed if our apparent race to “connect” is to prove both sustainable and beneficial in the long-term. This workshop embraces fundamental principles of ethics and applies them to a world of information uncertainty and in-security in order to set a solid foundation to guide professionals as they navigate the digital storm.

1:00 - 4:00 Lecture Theatre

IBM presents: From Checklists to Controls – A Proven Methodical Approach to Maturing Enterprise Security

Cybersecurity risk is a first-class threat to organizations of all sizes. Up to now many organizations have deployed separate security solutions for each new risk. But is the approach working? As a CISO, Director of Security, Security Architect or a technical leader it is important to know the behaviour of these controls within your organization and where they are in maturity curve.

In this interactive workshop session, attendees will sample some of these controls where participants will self-assess their organization against those behaviours and determine an overall capability level. Then, taking into account the unique business situation, threat model, and risk tolerance within their organization, the participants will determine target maturity level and behaviours. The insights captured can become a productive input into your existing enterprise security plans.

1:00 – 4:00 Saanich Presentation Files Dom Kapac

BC Ministry of Technology, Innovation and Citizens’ Services – Information Security Branch presents: Anatomy of an Attack: Are Your Crown Jewels at Risk?

Cyber-attacks cost companies over $400 billion every year. The attacks are more sophisticated, targeted, and persistent than ever such that no organization is immune. If it is connected to the internet then it can be hacked. Everything is being connected to the internet and thus everything will be hackable. Is your organization taking adequate steps to mitigate this risk? Do you perform regular vulnerability scanning and timely patching? Do you conduct penetration tests or have a Red Team authorized to penetrate your defences? Are your critical systems and data safe from attack?

In this session we will have local experts walk through the compromise of systems. You will get a firsthand view from an attacker’s perspective and see live examples of systems being hacked to gain access to the data or take control. From information gathering to exfiltration of data you’ll better understand the elements of a successful attack, understand the impacts, and learn steps you can take to mitigate this risk. This is a valuable session to attend for anyone interested in protecting their systems at work or at home.

Presentation Files Dom Kapac

1:00 – 4:00 Oak Bay Presentation Files Privacy Governance

BC Ministry Finance – Privacy, Compliance and Training Branch presents: Privacy Governance in BC

This educational session will provide a high level overview of privacy within the context of BC’s Freedom of Information and Protection of Privacy Act (FOIPPA). Presenters will discuss privacy, the fundamental principles behind it, and how FOIPPA tries to achieve “privacy” through a number of channels, including: authorities for public bodies to collect, use and disclose personal information; accuracy, completeness, correction and retention of personal information; and reasonable security requirements to protect personal information. If you are interested in learning more about BC’s FOIPPA, how it impacts the work you do, and the tools available to help you, this session is for you.

Presentation Files Privacy Governance

1:00 – 4:00 Esquimalt Presentation Files Gerry Bliss

How Badly Broken is Privacy Legislation and What Can Be Done to Fix It?

As privacy professionals you deal with the challenges of understanding privacy law requirements and leading your organization’s accountability for information protection and access.

More that a few privacy legislation architects, advocates and watchdogs have expressed disappointment at the extent to which privacy laws have been misunderstood and misapplied. Canadian legislators, public interest groups, and privacy commissioners are all on record as urging revision of privacy laws.

This session looks into the history of privacy and access laws, considers their ethical underpinnings, invokes the thoughts and context of the authors when they drafted the legislation, and provides examples of just how far off course we have drifted. It explores the factors influencing legislation misinterpretation and opines on how compliant we are with the original goals of privacy legislation.

Ultimately it offers recommendations for action that can be taken by the individual citizen and privacy professional to help get privacy legislation back on course.

Presentation Files Gerry Bliss

Thursday, February 4, 2016

7:30 Upper & Lower Foyer

Registration & Networking Lounge Open

8:30 – 8:35 Salon AB

Call to Conference

8:35 - 8:45 Salon AB

Welcome Remarks

8:45 – 9:45 Salon AB

Keynote Presentation: The Porous Borders of the Modern Imagination: Privacy, Trauma, and Mass Media

We humans are loosely bounded systems of energy and information. We interact with other such systems, both organic and inorganic, "natural" and "artificial." We are nodes in a network that extends everywhere at once. But we have evolved to respond to threatening traumatic events in predictable ways. The boundaries that we imagine around our identities, our psyches, our "private spaces," are penetrated easily by images and symbols that our defenses mistake for "the real thing." To understand threats - privacy - even individual human beings - under current radically changing conditions is not easy. To confront the challenge requires that we say what is happening with clarity so we can reimagine what we mean by privacy, security, identity. Reality is that which, after all, refuses to go away just because we refuse to believe in it. Can we swim in these rising waters -- or will we drown clinging to the leaky waterwings of prior identities?

9:45 – 10:15 Salon AB Presentation Files John Wheeler

Keynote Speaker: Changing the Game: An Integrated Security Approach

While you're reading this, attackers are persistently working to breach your enterprise. They use increasingly sophisticated methods to find a way in, and most victims don’t discover the breach for months. Do you have the visibility to stop them? What about those already on the inside? As organizations embrace innovation, protecting against cyberattacks becomes more critical. You need a different approach to stop advanced attacks and unknown threats from outside the organization, and to deter risky behavior of insiders as well. We will explore how integrated capabilities, analytics and a big data approach to security can help you proactively protect the privacy, integrity and availability of your most critical assets.

Presentation Files John Wheeler

10:15 – 10:30 Upper & Lower Foyer

Morning Break (Sponsored by Symantec)

10:30 – 11:00 Salon AB Presentation Files Robert Masse

Concurrent Keynote: Anatomy of a Breach – What Have We Learned, and What Should We Expect in 2016?

If 2015 was heralded as the “Year of the cyber breach” (as was 2012, 2013 and 2014), one can predict with certainty that cybercriminals will continue to make the headlines in 2016. Major attacks on private and public sector organizations have resulted in significant financial losses and reputational damage. These organizations have also incurred significant security and operational costs. Even cyber security companies, such as Kaspersky and Hacking Team, have become targets.

This presentation will discuss the current threat landscape and how it’s continually evolving. We'll also provide a “behind the scenes” look at the anatomy of a breach (and subsequent response) using real world examples from 2015. The goal is to share lessons learned from increasingly complex and pervasive breaches and describe the organizational and technical capabilities required to successfully defend against, or respond to, these evolving threats.

Presentation Files Robert Masse

10:30 – 11:00 Lecture Theatre Presentation Files Alex Loffler

Concurrent Keynote: Privacy vs Profit: Big Data’s Sword of Damocles

Companies have been mining consumer data for years. As the cost of big data analytics continues to drop and EULA’s become ever more permissive, the ability to cost effectively acquire and process multiple diverse datasets is unprecedented. As the size/number of available datasets increases, the ability to reverse anonymisation efforts also increases, further increasing the value of this analysis. At what point should we limit these types of analysis? Can we say ‘no’ when the competition stands to gain such significant advantages? Do controls even exist for enforcing this type of governance across organisational boundaries? Finally, does the consumer need to know/care (aka you read the EULA, right)? How would you react to a complete view of where and how your data is being used?

Presentation Files Alex Loffler

11:05 – 12:15 Salon AB Presentation Files David Murakami Wood

Concurrent Panel Session: Panel A: Internet of Things “The Connected Eco System”

The automobile has emerged as the newest battleground in the smartphone wars. At stake is the future of the car and also the future of computing.

What is different today is the connected Eco System can be networked and make the device smarter, more aware of conditions and eventually communicate with other device providing opportunities for several important advances in computer technology including cloud, robotics, and deep learning of artificial intelligence. Market Research predicts a 10-fold increase in sales for connected cars alone from seven million cars sold in in 2014 to 69 million by 2020.

We are entering a new century that will be increasing defined by software and not hardware. The “vaporized economy” as value moves from hardware or physical goods to invisible software. In the new
economy the rules are different, from mass production to intangibles, as data is more important than physical products.

What are the challenges related to the security and privacy of our information?

Presentation Files David Murakami Wood

11:05 – 12:15 Lecture Theatre

Concurrent Panel Session: Panel B: Big Data Analytics

Health care has experienced a staggering proliferation of databases associated with the massive collection of medical data. The combination of this information for healthcare and secondary purposes across data marts has led to big data in healthcare. Use of these big dataset brings challenges in data storage, processing and analysis. Data sharing and data combinations are required to maximize the full potential of big data analytics while creating business value. These activities simultaneously lead to greater access to atomic-level data and data combinations that raise privacy and security concerns. How could healthcare organizations share big data to develop products and services for patients benefits and still satisfy regulatory guidelines. How can an organization leverage changing technology to improve the security of the data?

11:05 – 12:15 Salon C

Concurrent Panel Session: Panel C: Government as a Platform – The Next Phase of Digital Transformation & Identity

What is digital transformation and how will it affect the delivery of services for the public sector?

The transition to digitally-enabled government is a generational shift. Navigable digital interfaces offer massive savings, and increases in face-to-face public services, that digital actually involves.

Digital transformation means gradual transition to an underlying business model that exploits ubiquitous web-based infrastructure to enable commonly shared capabilities. This definition would surprise most within government. When the business model of government is progressively based on shared capabilities, enabled by utility technology and web-based infrastructure, we can expect radical disruption of the market, opening up opportunities for innovation and investment by citizens, public, private, and third sectors alike - unleashing unprecedented innovation, efficiency, and savings. Security is essential but what about the privacy implications of a Government as a Service Platform?

12:15 – 1:30 Salon AB Presentation Files Chantal Bernier

Luncheon Keynote Address: Tensions Around the Public Cloud: ISO Standards and Other Calming Measures

In an apparent contradiction, data residency requirements expand to honker down data within borders, while the data is more and more stored up on the seemingly borderless cloud. This tension forces us to address some pressing questions: what local law governs the delocalized cloud, as the current case opposing Microsoft to the U.S. government is raising? Can contractual clauses, as modeled in the new ISO 27018 certification standard, creating that safe space for both data sovereignty and data security? This luncheon key note will explore the age old question: how can we have our cake and eat it too?.

Presentation Files Chantal Bernier

12:15 – 1:30 Crystal Ballroom Presentation Files Greg Coughlin

Luncheon Keynote Address: Securing the Cloud: Making Cloud an Opportunity to Enhance Security

As the adoption of cloud services continues to grow, and more corporate data is moving off-premises, securing and ensuring privacy of an organization's data assets is becoming increasingly challenging. - We are seeing a risk of "Shadow IT,” in many organizations where the promise of the cloud (self-service, ease of access, ubiquity across devices and locations) is being embraced by users. The increasing use of Cloud Services outside of the traditional IT organization has created unique challenges - how to play the role of enabler, not preventer, while gaining a level of governance by establishing the right security controls to mitigate risk and ensure data privacy.

This presentation will discuss approaches for organizations to leverage Cloud as a catalyst to rethink, extend and augment the traditional organizational Risk and Security posture to both benefit from the promise of cloud without compromising on the levels of security, data privacy and risk management.

Presentation Files Greg Coughlin

1:30 – 2:00 Salon AB

Minister’s Address

2:00 - 2:30 Salon AB

Applied Session: Overcoming the Data Dilemma with Privacy By Design

Organizations are driving to obtain insights from their data to spur innovation, improve service delivery, and control rising costs. As they work to break down information silos, and consolidate information for analysis, they face the data dilemma – how can they gather and share data for competitive advantage, while at the same time, protect individuals’ privacy?

Sylvia Kingsmill will explore how Privacy by Design – an international privacy framework for data protection relating to systems design and business processes – can ensure that organizations do not have to sacrifice privacy or shackle innovation in the desire to overcome the data dilemma.

Adam Lorant will discuss how newer big data offerings have been designed from the ground up with privacy features (like those embodied in Privacy by Design), so organizations can tap into the value of their information without compromising their responsibility to protect both the data and the personal information contained in it.

2:00 - 2:30 Salon C

Applied Session: 5 Myths about Encryption

The use of encryption continues to grow in response to privacy concerns, compliance and cyber-attacks. Regardless of where you are in your adoption of encryption there will be pitfalls along the way. We will debunk myths and provide best practices for practical implementation of encryption for data in motion.

2:00 - 2:30 Lecture Theatre Presentation Files John Beal

Applied Session: Life on the Edgepoint: Winning the Battle Against Cyber Attacks

When it comes to endpoint security, it’s been said that the best way to keep an infected device from causing damage to the broader network is to keep it turned off once it’s compromised. While this method of quarantining an endpoint may be a quick fix, for obvious reasons it’s not very practical in the long run.

A better approach would be to keep Endpoints from being infected in the first place. But in today’s world of sophisticated malware attacks, a prevention strategy isn’t enough on its own. You also need the ability to detect attacks as they happen and take remediation actions on noncompliant endpoints.

Solid, holistic endpoint security strategies address the prevention, detection and remediation phases. And, once in place, these measures should enable you to answer four critical questions about your endpoints. Are my Endpoints vulnerable, protected, compliant and compromised? Attend this session and find out how!

Presentation Files John Beal

2:00 - 2:30 Saanich

Applied Session: Incident Preparedness – Strategies for Before, During and After the Breach

Four months ago your organization laid off a disgruntled IT administrator. Four weeks ago he got a foothold onto your network, and four days from now he plans to wreak havoc by destroying servers, leaking data and spreading ransomware throughout your systems. Are you able to detect his activity? Do you have a plan to deal with the chaos once it erupts? How will you get your business operational as quickly as possible and prevent his next attack?
Your organization’s ability to quickly detect anomalies and then investigate and respond to them impacts business results, brand and careers. Understanding the discipline of IR, Incident Response, is instrumental to ensuring organizational success in 2016. Attend this session by Michael Argast who will share strategies and insight from TELUS Security Solutions on approaches to help you prepare to be ready before the breach, deal with it effectively during an event and move forward rapidly once it has passed.

2:00 - 2:30 Oak Bay I Presentation Files Jane Hamilton

Applied Session: OECD Perspectives on Digital Security

This session will provide an overview of the OECD’s new Council Recommendation on Digital Security Risk Management, highlighting the importance of treating digital security as an economic rather than technical issue. An update will also be provided on Canada’s preparations for the upcoming OECD Ministerial on the Digital Economy to be held in Mexico June 21-23, 2016.

Presentation Files Jane Hamilton

2:00 - 2:30 Oak Bay II

Applied Session: Personal Privacy a Personal Foul: Personal Privacy in Sports

In the age of biometrics, #fancystats, high-tech doping tests, $300 million endorsement deals and the paparazzi the concept of privacy in the sporting world is rapidly disappearing. Athletes are among the most highly scrutinized professions due to the massive amounts of money they are paid by their teams and sponsors, the amount of money wagered in regulated gambling, and the idea of sporting integrity. This session will apply privacy principles to professional sports in support of a discussion on what rights athletes waive in order to play, and whether an effective balance between the good of the individual and the collective has been met.

2:00 - 2:30 Esquimalt

Applied Session: Trends in Cybersecurity and the New Currency in IT

The most vulnerable asset in government IT is also its most critical - data. The variety of data breaches cross the spectrum including stolen laptops, cyber criminals, political activists, and foreign adversaries. The damage of these cyber attacks are real, costly, and (sometimes) permanent. This session will review the landscape of cybersecurity as it relates to current trends in IT and best practices for organizations to consider to improve their security posture.

2:30 - 2:45 Upper & Lower Foyers

Afternoon Networking Break

2:45 – 4:00 Salon AB

Concurrent Panel Session: Panel A: Cloud Computing: Seeing Through the Cloud, Privacy and Security Implications in the Digital Age

Clouds are increasingly forming everywhere, but is there a storm on the horizon? Consumers of products from large companies such as Apple and Amazon found that their accounts were moved to the cloud as these companies moved to handle massive volumes of data in the digital age. Should consumers be concerned about the privacy and security associated with cloud storage? This panel of leaders in cloud computing will be asked to discuss the implications of clouds everywhere and the protection of personal information.

2:45 – 4:00 Lecture Theatre

Concurrent Panel Session: Panel B: Bio Hacking: The Real Cyborgs

Forget wearable tech. The pioneers of our post human future are implanting technology in their bodies and brains. Should we stop them or join them?

We have entered the age of the cyborg, or cybernetic organism: a living thing both natural and artificially. Artificial retinas and cochlear implants restore sight, deep brain implants, alleviate the symptoms of 30,000 Parkinson suffers worldwide. Innovators are using replacement organs, robotic prosthetics and implants to restore body functions. Our relationship with technology is becoming intimate as wearable devices such as Google Glass, Samsung Gear Fit, and Apple Watch show.

We now know enough about bio, neuroscience, computing, robotics and materials to hack the human body. The biohackers, or grinders have been experimenting with implantable technology inserting various types of RFID chips that provided access to houses, factories, security government locations without the need for passwords or security passes.

Could insurance companies harvest biometric data from people’s enhancements, or paranoid governments use them to monitor citizens?

2:45 – 4:00 Salon C

Concurrent Panel Session: Panel C: International Data Sharing

The European Court of Justice announced the Safe Harbour Agreement which regulates the transmission of personal data was invalid. International privacy advocates are demanding the US lawmakers pass comprehensive reform that guarantees personal date stored in the country is protected with the same safeguards as data in Europe. The issues is that Facebook Google and other Silicon Valley players have built their businesses on collecting as much personal information as possible on users. Privacy groups are using this decision as an opportunity to build awareness about privacy in the US. What are the solutions? Safe Harbour 2.0. Are we on the verge of a balkanized internet where all data has to reside in the country of origin?

4:05 - 4:35 Salon AB Presentation Files Michelle Fleury

Keynote Presentation: Integrating Security and Privacy into an Effective Data Protection Program

Because cyber-threats are varied and unpredictable, many organizations find it difficult to decide where to start with Security — so they don’t, or worse yet, take expensive action that has little impact. Because technology offers virtually unlimited opportunities, many organizations explore the options – and unknowingly accept significant risk. All the while, individuals freely share personal information through social media platforms and expect progressive, personalized services, yet demand (and deserve) Privacy and control of their personal information…

It’s easy to get caught in repeated waves of analysis, but the consequences of inaction can be disastrous. This session will teach you how to put Security and Privacy into the context of your operations – despite their natural tensions – and integrate them into an effective Data Protection program focused on trust and transparency. Using Cisco as a case study, we’ll explore the essential elements of an effective data protection program and some tips for getting your program up and running quickly.

Presentation Files Michelle Fleury

4:45 – 5:30 Upper Foyer

Networking Reception

Friday, February 5, 2016

7:30 Upper & Lower Foyer

Registration & Networking Lounge Open

8:30 – 8:35 Salon AB

Administrative Announcements

8:35 – 8:45 Salon AB

Opening Introductions

8:45– 9:10 Salon AB Presentation Files Elizabeth Denham

Opening Address: Weathering the Perfect Storm in the Digital Age

We live in interesting times. Privacy is at the forefront of public attention and debate, driven by anxiety of fast-pace technologies and our big data world. Pressure has been building as Safe Harbour, the Trans-Pacific Partnership, Bill C-51 and a duty to document have made recent headlines, resulting in an increase in public engagement about privacy’s future.

We are facing the perfect storm as this public unease about local, national and global events continues to grow. How will we weather this storm? What is being done to protect privacy and information rights in the years to come?

Presentation Files Elizabeth Denham

9:10 – 9:40 Salon AB Presentation Files Joe Alhadeff

Keynote Presentation: The Data Opportunity - Using Data for Economic and Social Benefit – Reaping the Benefits While Addressing the Challenges

Data is no longer a static concept. As we know from every Big Data presentation it has volume, variety and velocity; but these are characteristics rather an explanation of a value proposition. Data in context and data as a service is the value proposition. To capitalize on the potential for the economic and social benefit that could accrue from new and better uses of data we must address vestigial limitations to collection, use and retention of data that are based on policy applications anchored in paper-based systems. However, we must equally recognize that privacy and security concerns related to the use of personal or confidential data are not only still relevant, but potentially even more so as greater amounts of information are collected, used and stored. So as we develop new ways to use data we must develop new concepts and practical applications of governance, assurance and accountability.

This talk will address both the new data opportunities as well as conceptual and practical frameworks of governance, risk management and accountability.

Presentation Files Joe Alhadeff

9:40 – 10:10 Salon AB

Keynote Presentation: Big Surprises about Big Data in Canada: New Research and Facts about Canada

Pam Dixon presents her latest research on Canada's big data in this talk, which includes new big data products for sale about Canada and Canadians. The talk focuses in in the most important aspects of what is happening right now, and outlines specific problems and potential solutions.

10:10 – 10:25 Upper & Lower Foyers

Morning Break (Sponsored by Symantec)

10:25 – 11:00 Salon AB Presentation Files Peter Gregory

Concurrent Keynote Presentation: Third Party Risk = First Party Consequences

The problem of third party risk has gotten the attention of security professionals, executives and boards of directors. Peter H Gregory discusses the nature of third party risk, and steps organizations can take to identify and manage the risks associated with third parties.

Presentation Files Peter Gregory

10:25 – 11:00 Lecture Theatre Presentation Files John Weigelt

Concurrent Keynote Presentation: Adopting a Privacy Frame of Reference for Today’s Enterprise Cloud

Organizations are rapidly adopting a cloud state of mind as they transform their business. With the increasing speed that new services can be deployed, the business often find itself a few steps ahead of the teams that help safeguard their interests. Since security and privacy are characteristics that help organizations do more with technology, it is essential that compliance teams quickly adopt a changed frame of reference for the cloud. John Weigelt, National Technology Office for Microsoft Canada, will explore how enterprise cloud changes the traditional frame of reference for establishing assurance from a technical, procedural and contractual perspective.

Presentation Files John Weigelt

11:05 – 12:15 Salon AB Presentation Files Disruptive Health Technologies

Concurrent Panel Session: Panel A: Disruptive Health Technologies and their Impact on Privacy and Security

Medical information technology is rapidly evolving, including through innovative medical mobile applications, electronic health records, patient/physician online portals, and a variety of health monitoring devices. The emerging technologies offer great promise for preventive health care, medical treatment, data analytics, and research. But collecting, storing, and sharing personal health data through such technologies poses new privacy and security risks, and government, industry, and data protection experts are only beginning to appreciate, analyze and tackle these risks. This session will explore the range of risks involved and potential means of containing them through a discussion of various technologies, data use and sharing objectives and methodologies, and options for data protection solutions.

Presentation Files Disruptive Health Technologies

11:05 – 12:15 Lecture Theatre

Concurrent Panel Session: Panel B: Digital Identities in the Digital Economy

This panel will look at how various forms of online identity – ranging from social media profiles to unique online identifiers – have developed in recent years, and the impact these new “digital identities” and “identity tokens” have had on the ways individuals interact with each other, private organizations, and the state. In particular, this panel will consider the extent to which the private sector should be involved in the creation and management of online identities and whether – given how much of our personal and working lives are now lived online – there is a need for greater state involvement in this increasingly important area.

11:05 – 12:15 Salon C

Concurrent Panel Session: Panel C: Cyber Security a Board Room Issue?

The number of cyber security incidents detected by 9700 respondents increased in 2014 to 42.8 million or a staggering 117,260 attacks a day, from 20.5 million in 2013 and just 3.4 million in 2009. Few executives will openly confess that their cyber security efforts will not protect their organization. Security experts say that unless there is a requirement to disclose breach by law or because a breach is exposed publicly by a third party, organizations will always say their IT systems are safe from attack.
Cyber attacks went unnoticed for a total of 205 days before being discovered, should cyber security shift from defending to protecting? In many cases current and former employees and not technology are the primary reason for cyber attacks.
Ponemon Institute LLC says 60% or 245 board members gave cyber security a near perfect score compared to 18% of 409 chief information officers. IT professionals are more aware of the data breaches and 8 in 10 believed they possessed the expertise to thwart future attacks versus 35% of directors who believed the same.
Organizations have begun to make cyber security a boardroom issue but a gulf between how directors and technical staff perceive the risk, past performance and priorities is evident.

12:15 – 1:30 Salon AB

Luncheon Keynote Presentation: Contemporary Criminal Justice Issues

Chief Weighill will discuss the contrast between the American and Canadian models of Policing, and suggest 5 initiatives that would make a substantial difference in our criminal justice system.

12:15 - 1:30 Crystal Ballroom Presentation Files Pamela Snively

Luncheon Keynote Presentation: Laying the Groundwork for a New Data Governance Model

Pamela will give the inside story on how TELUS is transforming its data governance model, some of the challenges that can arise when doing so, and how TELUS is working to meet those challenges.

Presentation Files Pamela Snively

1:30– 2:00 Salon AB

Applied Session: Cloud Security: Are You Ready to Face the Challenges?

Cloud security requires homogenous solutions to provide protection and visibility into ever complicated environments. With applications and data centers moving to the cloud, new challenges show themselves all the time; while organizations are interested in capturing the benefits offered by the Cloud, many have operational limitations that stand in the way. Learn how Trend Micro offers SAAS, Onsite and Cloud solutions that can help achieve your goals: prevent data loss (DLP), simplify how you achieve security compliance in your environment, and detect zero days attacks.

1:30– 2:00 Salon C

Applied Session: The Society of People for the Ethical Use of Drones and the Social Value of Civilian Drone Use

In a world increasingly filled with cheap consumer drones, sophisticated prosumer drones and deadly military drones, Luke Moloney discusses his concept of the Society of People for the Ethical Use of Drones, aka The SPEUD. The SPEUD advocates for civilian drone use, albeit the ethical, legal, safe and interesting use, as a counterpoint to growing concern of the privacy, safety and legislative challenges this new suite of technologies presents modern society.

Luke will discuss the history of civilian drone use, trends in drone use, and different types of drones that are currently available or are soon to be available. He'll also discuss some of his present and future drone projects and invites open discussion and debate on any topic related to civilian drone use.

1:30– 2:00 Lecture Theatre

Applied Session: Cisco: All-In On Security

Security must be pervasive, integrated, continuous and open so you can reduce risk, enhance operational efficiency and leverage the Internet (IoT) to gain competitive advantage. Security is our top
priority at Cisco. Attend this session to learn how the investments Cisco is making allow organizations to defend Before, During and After an attack.

1:30– 2:00 Saanich

Applied Session: The Top 10 Free, Open Source Tools For Protecting Your Privacy

Kris will recommend 10 tools that you can download today to protect your privacy at home and at work, while explaining how and why you should use them. After that, there will be an interactive Q&A session where you can ask
any technical privacy or security questions.

2:00 – 2:15 Upper & Lower Foyers

Afternoon Break

2:15 – 3:30 Salon AB

Concurrent Panel Session: Panel A: Drones

The Federal Government plans to introduce regulatory requirements for small drones weighing 25 kilograms or less operated within visual line of sight. A growing number of individuals are flying aircraft that have no pilot and can be controlled using smartphone or tablet. A new industry that creates regulatory challenges for safety and privacy. Drones can be outfitted with high-powered zoom lenses, night-vision or infrared imaging systems, and video software that can recognize specific people, events or objects that flag movements or changes in routine. These features demand an emphasis on personal protection in regulations and licensing standards.
Unmanned aerial vehicles are use for a wide range of government related and commercial applications, including search and rescue, agricultural surveys, cinematography, police investigations, meteorology. How do you we match be benefits of the use of drones while developing the identity of drone users and balancing the privacy and surveillance of our citizens?

2:15 – 3:30 Lecture Theatre

Concurrent Panel Session: Panel B: Mobile Application Privacy

With over one million mobile applications already in use and more being developed this panel session will help focus on the privacy and security implications associated with mobile apps.
74% of companies have suffered a mobile breach. 38% of the breaches were caused by apps with vulnerabilities.

3:35 – 4:15 Salon AB Presentation Files Marty Abrams

Closing Keynote Presentation: Privacy and Security By Choice and Not Chance Requires a Focus on a Full Range of Stakeholder Interest

Information management in an observational age is hard. To get full innovation with protection requires organizations to have programs that are as robust as the data and applications they govern. Those programs must be based on a clear understanding of all stakeholder interests. This session will
explore the latest thinking in governing data in a holistic manner.

Presentation Files Marty Abrams

4:15 – 4:25 Salon AB

Closing Remarks

4:25 – 4:30 Salon AB

Closing Announcements

Title Sponsor

Platinum Sponsors

Gold Sponsors

Conference Sponsors & Exhibitors

VIP Reception Sponsor

VIP Dinner Sponsor

The Fairmont Empress Hotel

If you need to make accommodation arrangements, the Fairmont Empress is offering a special conference rate of $129/night for Corporate reservations and $105/night for Government reservations. Please note that this room block ends January 16, 2016.

Please contact the hotel directly at (250) 384-8111 to book a room or book online using the following links:

Government Reservations – https://resweb.passkey.com/go/pscgov
Corporate Reservations – https://resweb.passkey.com/go/privacysecurity2016

Fairmont Empress
721 Government Street
Victoria, BC
V8W 1W5

https://www.fairmont.com/empress-victoria/

Harbour Air Flight Discount

Flying in from Vancouver or Seattle for the conference? Arrive in style in Victoria’s Inner Harbour with Harbour Air.  Subject to availability, attendees will receive 20% discount on their regular fares for confirmed travel to and from Victoria between February 1 and 6, 2016. Please note that all rates are subject to tax and fees. This offer cannot be combined with any other offers or promotions or be paid by Airbucks or TurboBucks. In order to receive this special discounted rate, attendees must contact the Reservation Department directly by phone at 1.800.665.0212 or by e-mail at reservation@harbourair.com and quote the promotional code P&SC02-16. Also be advised that you will need to provide a copy of  your registration to the conference upon check-in.

All schedules and location information can be accessed through their website at www.harbourair.com.

HarbourAir

YYJ Airport Shuttle

If you are needing transportation from the Victoria International Airport to Downtown Victoria why not consider using the YYJ Airport Shuttle.

When booking the shuttle if you mention “Reboot Communications” you will receive a special discounted rate of $22.50* for a one way trip or $35.20* for a round trip.

For more information please visit their website at www.yyjairportshuttle.com or call them at 1-855-351-4995.

*Prices include all applicable taxes

Call for Speakers

The Advisory Board for the 2016 Privacy and Security Conference is pleased to announce that the Call for Speakers closed on September 11, 2015.

Subject matter experts working within the privacy and information security communities are invited to submit papers on their area of expertise. Of particular interest are briefs on cutting-edge subjects and themes suitable for presentation in either a panel session or keynote address. Hosted by the Office of the Chief Information Officer, Government of British Columbia, this three-day conference draws an international audience focused on policy, programs, law, research and technologies aimed at the protection of privacy and security.

Date:         February 3-5th, 2016
Location:  The Victoria Conference Centre, Victoria, British Columbia 

2016 Conference Suggested Topics (not exhaustive):

  • Cloud Computing
  • Big Data Analytics
  • Mobile Wallet
  • Cyber Security
  • Behavioural Biometrics
  • Internet of Things
  • Drones
  • Right to be Forgotten
  • Digital Commerce
  • Online Privacy
  • Ethics
  • Wearables
  • Augmented & Virtual Reality

Deadline:

All entries must be received by midnight of September 11th, 2015. Invited speakers will be notified by October 16th, 2015.

Submissions:

Submissions will be accepted electronically using the form below.

Presentation Types:

  • Issue papers: An executive or management briefing on a prominent issue or aspect of information privacy or security.
  • Case studies: Descriptions of a specific information privacy or security situation or incident, or research results. Names of organizations can be kept anonymous to maintain confidentiality if necessary.
  • Research: Results or developments in cutting edge research on new information privacy and security technologies.
  • Sociological/ Philosophical perspective: A candid and/or introspective look at the impacts of new technological developments on privacy, security, social consciousness, or social functioning.

Have Questions or Need More Information?