Victoria Privacy & Security Conference Innovation in the Time of COVID February 4-5, 2021, Victoria, BC

General Information

Privacy and data protection is the number one issue businesses and governments around the world are facing. Personal privacy is at the forefront of information sharing and social media requirements. For the past 21 years, the Privacy and Security Conference has been the number one conference on the issues of privacy and security globally.

This year’s conference will be a digital-first experience on our customized virtual platform with an immersive look and feel that will engage our delegates from start to finish. We will deliver our virtual conference from a professional studio with a full production team and made for TV quality presentations. 

The conference will offer a platform for over 1000 security and privacy professionals to discuss important issues. It provides essential education, training and opportunities for CPD credits for individuals who are responsible for the transformation of the public and private sector into the new digital economy.

Reasons to Attend

  • Timely, motivational presentations from leading industry experts
  • Learn about current trends, issues and actions
  • Valuable CPD credits to maintain a variety of qualifications essential for your career
  • Unparalleled networking opportunities
  • Informative and compelling panel sessions
  • Get immediate answers and solutions to issues current in your organization

Conference Rates

Early Bird Virtual Registration by December 31, 2020 Regular Virtual Registration after December 31, 2020
Public Sector $275.00 CAD (plus GST) $350.00 CAD (plus GST)
Private Sector $275.00 CAD (plus GST) $350.00 CAD (plus GST)

Registration Fees Include

  • All keynotes, panel sessions and applied sessions
  • Access to virtual exhibition booths
  • Conference materials
  • Access to virtual platform
  • On-line access to presentations post-event

Social Media

Stay connected and engaged in the conversation leading up to and during the conference by following along on Twitter. Use the event hashtag to follow others who are already posting, and include it in your tweets to add to the existing discussions. The hashtags for this year’s conference are #PrivSecYYJ  and #PSV21 and our twitter handle is @PrivSecYYJ. We would appreciate you sharing your voice with our other followers.

Keynote Speakers

Corey Anderson

Regional Sales Manager, Zscaler

Julie Brill

Chief Privacy Officer, Corporate Vice President, and Deputy General Counsel of Global Privacy and Regulatory Affairs, Microsoft

Sean Brown

Program Director, IBM Security

Aaron Callaway

Director Global Risk Transformation, ServiceNow

Ron Deibert

Founder and Director, Citizen Lab, University of Toronto

John Edwards

New Zealand Privacy Commissioner

David Gold

Sr. Director, Sales Engineering - West, SentinelOne

Rohit Joshi

CEO, Brighsquid

Barbara Kay

Senior Director, Product Marketing, Security and Risk, ServiceNow

Marc Kneppers

Chief Security Architect, TELUS

Patricia Kosseim

Information and Privacy Commissioner of Ontario

Kevin Magee

Chief Security and Compliance Officer, Microsoft Canada

Michael McEvoy

Information and Privacy Commissioner for British Columbia

Dr. Nataraj Nagaratnam

Distinguished Engineer, CTO, Cloud Security, IBM

Erin O'Halloran

Enterprise Account Manager - Healthcare, Amazon Web Services (AWS)

Sue Paish

CEO, Canada’s Digital Technology Supercluster

Jim Richberg

Field CISO, Fortinet

Shawn Surber

Vice President, Technical Solutions Engineering, Tanium

Richard Thieme

Author and Futurist


Martin Abrams

Executive Director and Chief Strategist, Information Accountability Foundation

James Armitage

Principal Solutions Architect & Security Specialist, Amazon Web Services (AWS)

Dr. Colin Bennett

Professor, Department of Political Science, University of Victoria

Jason Bero

Privacy, Risk & Compliance Officer, Microsoft Canada

Ray Boisvert

Associate Partner, Canadian Public Sector, IBM Security

Doug Boykin

Global Privacy Engineer, OneTrust

Andre Boysen

Chief Identity Officer, SecureKey Technologies Inc.

Joni Brennan

President, Digital ID & Authentication Council of Canada (DIACC)

Gary Buonacorsi

SLED Chief Technology Officer and Chief IT Architect, Tanium

Jon Burbee

Executive Director, Strategic Services, ServiceBC

Norm Chan

Enterprise Solutions Engineer, Western Canada, SentinelOne

Jill Clayton

Information and Privacy Commissioner of Alberta

Dr. Andrew Clement

Professor Emeritus, Faculty of Information, University of Toronto

Cat Coode

Founder, Binary Tattoo

Stan Crosley

Co-Director, Center for Law, Ethics, and Applied Research in Health Information (CLEAR), Indiana University

Michael Doucet

Executive Director, Executive Advisory, Office of the CISO, Optiv

Dr. Khaled El Emam

Professor, School of Epidemiology and Public Health, University of Ottawa

Robert Falzon

Head of Engineering, Office of the CTO, Check Point

Magali (Maggie) Feys

Chief Strategist – Ethical Data Use, Anonos

Dr. Robert Fraser

President and CEO, Molecular You

Stephen Frethem

Director of Sales Enablement, Varonis

Robin Gould-Soil

President, RGS Management Consulting Services; CPO, Pentavere

John Hewie

National Security Officer, Microsoft Canada

Sophia Howse

Executive Director Provincial Identity & Information Management (IDIM) Program, ServiceBC

Wendy Hurlburt

President and CEO, LifeSciences BC

Tamir Israel

Staff Lawyer, CIPPIC

John Jacobson

Former Deputy Minister, Ministry of Technology, Innovation and Citizens’ Services

Adam Kardash

Chair, Privacy and Data Management Practice, Osler, Hoskin & Harcourt LLP

Soyean Kim

Director of Digital Products, Providence Health Care

Karl Klaessig

Director of Product Marketing, Security Operations, ServiceNow

Patricia Kosseim

Information and Privacy Commissioner of Ontario

Dr. Alena Kottova

Sessional Professor, Faculty of Engineering, University of Victoria

Alexander Laurie

Senior Vice President, Global Sales Engineering, ForgeRock

Dr. Victoria Lemieux

Professor of Archival Science & Founder, Blockchain@UBC

Dave Lewis

Global Advisory CISO, Cisco

Dave Liggat

Senior Cloud Infrastructure Architect, Amazon Web Services (AWS)

Dr. Holly Longstaff

Director, Privacy and Access, PHSA Research and New Initiatives, Provincial Health Services Authority

David Loukidelis

Privacy Lawyer and Consultant; former Information & Privacy Commissioner for BC

Dr. Alan Low

Clinical Associate Professor, Faculty of Pharmaceutical Sciences, UBC; Exec. Director, MedAccess BC; Primary Care Pharmacist & Pharmacy Lead, BioPro Biologics Pharmacy

Dr. Kevin Mahoney

Senior Director of Strategy , Fortinet

Jason Maynard

Field CTO, Cybersecurity, Cisco Canada

Drew McArthur

Principal, The McArthur Consulting Group

Michael McEvoy

Information and Privacy Commissioner for British Columbia

Dr. Helia Mohammadi

Chief Data Scientist – National Healthcare, Microsoft Canada

Suzanne Morin

VP, Enterprise Conduct, Data Ethics & Chief Privacy Officer, Sun Life

Dr. Christopher Pettengell

Chief Medical Officer, Pentavere

Adriana Poveda

Executive Director Service Delivery, ServiceBC

Richard Purcell

CEO, Corporate Privacy Group

Kapil Raina

VP, Identity Protection Marketing, CrowdStrike

Brian Robison

Chief Evangelist, BlackBerry

Dr. Teresa Scassa

Canada Research Chair in Information Law and Policy, University of Ottawa

Pamela Snively

VP, Chief Data & Trust Officer, TELUS

Bill Tam

Co-founder & Chief Operating Officer, Digital Technology Supercluster

Scott Taylor

VP & Chief Privacy Officer, Merck Global Privacy Office

Maurice Uenuma

Vice President, Federal & Enterprise, Tripwire

Ariel Zeitlin

Co-Founder & CTO, Guardicore
Print Agenda

*Invited Speaker

Click on the date of the agenda you would like to view. Please note the timezone listed on the agenda.

THURSDAY, February 4, 2021

8:15 – 8:25am PST

Call to Conference & Opening Remarks

8:25 – 8:40am PST

Welcome Remarks: How B.C. and Canada Can Lead the Way in Data and Privacy

Digital transformation was growing in all sectors before March 2020. Ten months into a global pandemic, it has become a critical element of success for every organization, of every size and in every sector. Our world is digital, which means how we collect, protect, share, leverage and use data is now a crucial part of business and society like never before.

The Canada's Digital Technology Supercluster has been accelerating digital transformation by working with organizations across all sectors and sizes to create digital solutions to some of society’s and industry’s biggest challenges. We see and have been helping organizations effectively use their data and manage Canada’s privacy landscape. We see the positive and negative impacts of privacy public policy, regulation and clarity on industry and Canada’s competitiveness. We also see the potential for Canada’s economic recovery and future prosperity that comes from a strong and coordinated public policy approach to data management and privacy. We also know the impact on industry and society from the lack of a harmonized approach to privacy across Canada. The current mix of legislation is complex and confounding. Yet, there is a way for Canada to be a global leader in this critical area and provide a distinct advantage to our economy and Canadians. More than ever, we need a modernized, flexible, resilient, clear and practical approach to privacy and handling data, one that protects the rights and interests of individuals, organizations and government, and there is a path to that.

8:40 – 9:20am PST

Keynote Address: A Great Leap Forward …. For the Abuse of Power

Digital technologies and surveillance capitalism have given rise to a new machine-based civilization that is increasingly linked to a growing number of social and political maladies. Accountability is weak and exploitation is endemic. Drawing from themes of my new book RESET: Reclaiming the Internet for Civil Society, in my keynote I will outline the mostly unregulated surveillance industry, innovations in remote-control technologies, superpower policing practices, dark PR firms, and highly profitable hack-for-hire services. I will end my talk with an urgent plea for applications of new restraint measures, from the local to the global.

9:25 – 9:55am PST

Concurrent Keynote Address by TELUS: 3 Things to Think About When Implementing a Zero Trust Architecture

Join Marc Kneppers as he shares some insights from the TELUS Cyber Defence Centre and provides guidance on three areas to focus on when developing and improving a Zero Trust architecture.

It is difficult to modernize our current systems to tackle today’s security challenges without focusing on user and endpoint authentication. Additionally, we can’t forget about the need to monitor and improve our systems as we react to an evolving threat landscape.

9:25 – 9:55am PST

Concurrent Keynote Address by SentinelOne: Real-Time Defender Velocity [Code on Code Warfare]

5 ways to enhance your security team's precision and velocity by using automation, artificial intelligence, and machine learning to defeat the attacks of tomorrow and prevent the mistakes of the past.

9:25 – 9:55am PST

Concurrent Keynote Address by Zscaler: Security in the Age of Advanced Persistent Transformation: Fireside Chat

Today, the world is adapting, rethinking, reinvigorating, and reinventing every aspect of how we live, work, communicate, collaborate, learn, transact business, even socialize. Right now, we are challenging assumptions that have held true for years, decades, or even centuries at an accelerating pace and degree of creative disruption never seen before.

Join Corey Anderson Regional Sales Director of Zscaler, and Kevin Magee, Microsoft Canada’s Chief Security and Privacy Officer, as they explore the ongoing history of the security industry, the evolving trends that will shape the future, and what we need to do now in order to secure the age of Advanced Persistent Transformation.

9:55 – 10:10am PST Virtual Exhibition Hall

Morning Break & Virtual Exhibitor Booths

10:10 - 10:45am PST

Keynote Address: Privacy Reform for a Technological Future

How can governments protect the privacy of individuals in a rapidly evolving world of technological change? Algorithmic decision making, biometric collection, the ubiquitous monetisation of personal information and the monopolistic power of Big Tech companies are presenting significant challenges for governments. New Zealand Privacy Commissioner John Edwards will discuss privacy law reform in New Zealand and how this is part of a rising tide of privacy regulation internationally, and how governments and regulators need greater cooperation and more effective laws to meet these challenges.

10:50am – 12:05pm PST

Concurrent Panel A: Next Generation Privacy Data Protection Law; Canada Breaks Glass with Replacement for PIPEDA

The new federal legislation is premised on regulating the impacts of digital technologies rather than regulating their purpose. A form of post-hoc governance in which regulators will be responsible for putting the horse back in the stable after it has left the barn. The proposed legislation rules governing the use of personal data can be simplified through de-identification of personal information. Data controllers and big tech can use our data without asking for our consent if the data has been de-identified. Re-identification is easy to do so this is problematic and very difficult to regulate.

The legislation provides significant leeway to avoid requiring consent to use personal data while providing products and services to customers. Firms can continue to collect and use our date for target advertising on the fuel of the digital economy. Would opt-out be better which enables anyone who does not want to share their data collected and used beforehand? Rights based approach depends on access to courts or tribunals, which is highly unequal, fails to address the very real digital issue which is “big tech”. The legislation proposes to enable us to withdraw our consent to the use of the data although subject to the reasonable terms of the contract. What these reasonable terms entail will be the real issue. This will leave the onus on individuals with added expectations that we understand the complexities involved but does not enable us to simply avoid all those terms and conditions agreements we sign daily. Would it be better to remove data collections almost entirely from these agreements?

The legislation aims to ensure transparency in automated decision-making including individuals’ rights to an explanation and information on how the personal data for AI systems are collected which confronts the EU’s GDPR. Companies developing AI technologies depend on trade secrets to protect valuable assets and transparency is of little use if there is no way to ensue companies stop collecting our data.

The legislation seeks to strengthen regulatory oversight introducing new financial penalties by the Privacy Commissioner. The legislation allows firms to engage in wholesale societal experiments until someone complains. Would a system that allows AI developers submit their plans to regulators before they initiate development create FDA for AI?

10:50am – 12:05pm PST

Concurrent Panel B: Digital Identity and Data Driven Intelligence

The Ministry of Citizens’ Services plays an integral role in the multi-channel delivery of services to British Columbia’s citizens, businesses and government. The ministry prides itself on innovation, value and service excellence.

The Service BC division of Citizens’ Services is government’s chief provider of services to citizens and businesses.

Since the start of the COVID-19 pandemic, Service BC has responded with innovative and strategic ways to support BC residents during this unprecedented time.

The executive panel will share some of the highlights of how Service BC embraced, pivoted and then responded to the COVID-19 pandemic.

Topics to include – how Service BC pivoted to respond to the needs of citizens and business during COVID-19 using digital identity and data driven intelligence to launch multiple services (ie: returning travelers program, Send Video, appointment booking) that helped support public health measures.

12:05 – 1:05pm PST Virtual Exhibition Hall

Lunch Break & Virtual Exhibitor Booths

1:05 – 1:40pm PST

Keynote Address by IBM: Build Customer-Friendly User Privacy and Consent Management into Your Multi-Cloud Applications

Learn how to build a better user experience for both first time and returning customers, while ensuring you meet the wide variety of data privacy regulations around the globe. In this session, you'll see first-hand how to incorporate progressive trust into your digital experience, to build trust with your customers.

1:45 – 2:15pm PST

Applied Session by Microsoft Canada: Using Microsoft 365 to Take Control of Your Data Privacy Risks

Join Microsoft Canada’s John Hewie, National Security Officer, and Jason Bero, Privacy, Risk and Compliance Officer, as they lead a session on how the Microsoft cloud can enable far greater control, protection, governance and compliance of your data than ever before. In this practical session you will see how you can use Microsoft 365 to improve management of your data privacy risks through information protection and labeling, data loss prevention, insider risk management, eDiscovery, and advanced auditing. We will be demonstrating how the built-in Microsoft 365 capabilities can be used to manage an Access to Information Request (ATIP) process and the new Canadian Compliance Manager templates, including Government of Canada "Protected B".

1:45 – 2:15pm PST

Applied Session by SentinelOne: Strategies for Upgrading Your Endpoint Protection

Are you frustrated with your current anti-virus product? Is "next-gen" not quite living up to the hype? Maybe you’re looking to upgrade but and need a jumpstart on getting started? Join SentinelOne’s Norm Chan as he reviews the current Endpoint Protection Platform landscape and explores why this is one of the best times to make a move. This session will cover:
1. Legacy AV vs. Nextgen AV: Is there really a difference?
2. Do I really need EDR?
3. Strategies and tools for making the best decision for your company

1:45 – 2:15pm PST

Applied Session by Tanium: Zero Trust - The Future of Security

Government agencies and educational institutions continue to grow beyond the traditional on-premise architecture. Employees are increasingly working from home and are no longer sitting within a protected network. Additionally, traditional enterprise networks focus on applying their protections at their network boundaries while internal protections are often ignored. This has led to organizations opening themselves up to more risk because it has become increasingly difficult to properly manage and secure access to organizational data.

Zero Trust is a security framework and set of principles that asserts there is no implicit trust based on a user’s physical or network location. Access to sensitive data, assets, applications, and services is provided based on least privilege access, only when required, and user and device verification or authentication must occur before a connection is established. Access is determined by a user’s credentials and a device’s state, regardless of the user’s network location. Zero Trust supports an ever-increasingly distributed network, where more and more users are working from home, coffee shops, trains, and via VPNs. With an ever-expanding attack surface, we should assume the corporate network is no longer a trusted border. As such, it’s safe to assume, under Zero Trust, the “network” no longer exists. A user and device are authenticated (who they are) and authorized (what can be accessed), before they are granted access.

The beauty and complexity of Zero Trust stem from its flexibility. Zero Trust will look different at every organization, which means there isn’t a “silver bullet” solution to implementation. However, there are common ways organizations need to think about Zero Trust. This talk will discuss the fundamentals, where to get started, and strategies for effectively implementing a Zero Trust architecture.

1:45 – 2:15pm PST

Applied Session by Cisco: Security Debt, Running with Scissors

Security debt, defined by Dave Lewis, Global Advisory CISO, Duo Security at Cisco, as “the accumulation of the patches missed, the risks accepted, and the configurations misapplied,” is a serious and common problem for many organizations, especially with the move to cloud computing and rise of IoT. Part of the problem is that, while organizations might accept the risks they encounter, they often neglect to review them or make a plan for the future, and that risk is compounded when patches are passed from person-to-person through staff changes and/or employee churn. However, it doesn’t have to be this way - to track and address security debt, organizations must develop and implement defined, repeatable processes. They should look to strategies like the zero-trust model, trust but verify, sanitation of inputs and outputs, and of course, make sure to execute patches instead of pushing it onto the next person.

Key Points
• Security debt occurs when patches are pushed aside, and risks are accepted but not addressed
• The longer organizations wait to address risks, the harder it is to address them
• To eliminate debt, organizations should create defined and repeatable processes with plans for action

2:15 – 2:45pm PST Virtual Exhibition Hall

Afternoon Break & Virtual Exhibitor Booths

2:45 – 4:00pm PST

Concurrent Panel A: COVID-19: Data Driven Healthcare: More Laws Less Security and Privacy-Should Companies and Government Collect Health Information Out of Thin Air?

Experts in big data, population health and related areas agree that our ability to respond to COVID-19 is impaired by our lack of knowledge about who has the virus, who doesn’t and who is no longer susceptible. That data gap has led to the virtual shut down of the country in order to protect the most vulnerable; multiple efforts are now under way across Canada to close it. Here the need for privacy and safe curation of biological material such as swabs, blood samples and other specimens present additional challenges to those who would like to ramp up public testing beyond health clinics and shed more light on how the virus is spreading. New technologies and a greater awareness of public health after the pandemic could also fundamentally change our conception of health privacy, making it less about keeping information private than controlling how it is used.

2:45 – 4:00pm PST

Concurrent Panel B: Data De-Identification: Is Dynamic Data Security the “Default Technology”

De-identified information appears to be the new category of personal information that would remain within the scope of privacy law. De-identified information can be used by any organization internally for research and development purposes. It can be disclosed to government institutions, health care and post- secondary institutions or other entities prescribed in regulation for social beneficial purposes. Information is personal if there is a serious possibility that an individual could be identified. Personal information becomes de-identified if there are no “reasonable foreseeable circumstances” in which a person could be identified. Personal information that is de-identified should not be personal information according to our current understanding of personal information interpreted by the law.

As de-identification practices vary and standards are difficult to find in wide-spread use, organizations must stay up-to-date with the most extensive privacy, security, and third-party risk research, and implement service offerings that create certainty in this area of compliance and give organizations the tools they need to make the right decisions when building their privacy program.

4:05 – 4:35pm PST

Keynote Address by Microsoft: Fireside Chat on Privacy and Data Protection

Join Microsoft’s Chief Privacy Officer, Julie Brill, and Ontario Privacy Commissioner, Patricia Kosseim, for an engaging conversation on privacy learnings from the pandemic, the prospective for privacy laws in the US and Canada and its influence on the global stage while looking ahead to what the future will hold for privacy. Through their leadership in privacy and regulatory affairs, they will share their perspectives on how individuals view the protection of their personal information, how organizations set their strategic priorities, and the development of regional privacy laws and its impact globally.

4:35 – 4:45pm PST

Day 1 Closing Remarks

FRIDAY, February 5, 2021

8:15 – 8:20am PST

Administrative Announcements

8:20 – 9:00am PST

Keynote Address: Privacy, Profit and the Pandemic: Where We Go From Here

In this presentation, BC`s Information and Privacy Commissioner Michael McEvoy will share his perspectives on how the COVID-19 pandemic has accelerated the digital revolution and challenged privacy and access to information concerns. He will relate efforts by regulators and data reformers across the country and around the globe to hold powerful Big Tech companies to account, while also sharing recent work of his office.

9:05 – 9:40am PST

Keynote Address by IBM: Rethink Cloud Security to Innovate at Speed

Businesses are adopting cloud to innovate and achieve digital transformation. To do these at speed, they need to rethink their approach to managing security and compliance. In this session, we will discuss a data-centric approach to continuous security & compliance. We will highlight differentiating capabilities in IBM Cloud to enable you to apply this approach in practice and achieve secure journey to cloud.

9:40 – 10:10am PST

Concurent Keynote Address by Tanium: Continuous Hygiene With Zero Infrastructure

Digitization has driven an explosion in the number of assets companies have to manage and secure. Every IT executive is faced with the problem of maintaining visibility and control of those assets. COVID has broken down the cubicle walls in the workplace and created an overnight distributed IT workforce and distributed all of those assets outside of the corporate firewall. Those IT organizations that are still using pre-COVID tactics and technologies are struggling to find, manage, and secure their assets and data, especially with employees working from home. While some teams struggle, there’s a vanguard of innovative IT organizations that are not only securing their assets and data, but also tearing down the walls of their data centers, focusing on continuous IT health and hygiene, and doing it with zero infrastructure. Find out how these companies are navigating the new business problem topology that COVID has introduced.

9:40 – 10:10am PST

Concurrent Keynote Address by ServiceNow: Business Continuity, Privacy, and Operational Resiliency - Innovation and Adoption During a Pandemic

During uncertain times, you want to ensure you’re building resilience for your critical business operations and protecting your organization’s compliance. Preparing now can help your organization mitigate risks and recover faster from disruptive events.

Join us as we discuss the lessons learned from COVID-19 and how your organization can help improve its business continuity, crisis response, and return-to-work strategies. Using real-world examples, we’ll explore how you can:

• Assess and prioritize your most critical business processes.
• Anticipate dependencies, likely risks, and potential impacts to security, compliance, and business performance.
• Build your business continuity and disaster recovery programs, so you’re empowered for a faster, more efficient recovery.
• Operationalize processes across domains and silos to enable governance, executive visibility, and decision-making.

9:40 – 10:10am PST

Concurrent Keynote Address by Fortinet: The Immediate vs Long-Term Impact of COVID-19 on Networking and Cybersecurity - A Canadian C-Level Perspective

Fortinet, in collaboration with SINC and Richard Stiennon of the Analyst Syndicate, recently commissioned a survey of 100 senior Canadian IT executives from across the public and private sectors. The survey was conducted to determine the impact of COVID-19 on the technology deployments of businesses in Canada as work from home, combined with an unprecedented economic downturn, swept the World.

Join Jim Richberg, Fortinet’s Field CISO, as he examines the survey results and provides valuable insight into the current and future strategies that have evolved to meet the challenges presented by the pandemic. Attendees will be provided with a complimentary copy of the report generated from the survey responses.

10:10 – 10:40am PST Virtual Exhibition Hall

Morning Break / Virtual Exhibitor Booths

10:40 – 11:10am PST

Keynote Address by AWS: Innovation and Privacy in Healthcare – Do We Have To Choose?

Digital healthcare innovation can be at odds with privacy and security requirements designed to protect health information. The lure of innovation in digital health technology is exciting with frequent, iterative software releases meeting the needs of healthcare providers and patients. However, opportunity to innovate must be balanced with requirements that support privacy and security needs. As partners in redesigning software product development, privacy and security professionals will benefit from helping create a culture of privacy within software companies. This talk will recount the path that Brightsquid Secure Communications has travelled on the road to commercializing health technologies in partnership with security and privacy professionals.

11:15am – 12:30pm PST

Concurrent Panel A: Could Patient Privacy Drive Innovation in Health IT?

Healthcare is one of the top industries for data breaches because of the nature of the data they collect, process, and share, as well as the services they provide. This makes healthcare an attractive target for cybercriminals and means employee errors when handling data are often more severe. So, it seems almost inevitable that data breach claims reached into the multi-millions in 2019; Inevitable, but no longer acceptable. Increased awareness of data breaches from patients will create pressure on healthcare organizations to protect their data and comply with legislation. This can only happen effectively if healthcare looks to the right technology to ensure patient data is secure.

11:15am – 12:30pm PST

Concurrent Panel B: COVID-19: The Case for Digital ID Cards – The New Digital Citizen

Some might argue that the pandemic has strengthened the case for digital ID cards. They could make it quicker and easier for us to access government services but also could make pandemic track-and-trace systems more effective. For example, if health data were linked to work data, governments might more quickly spot clusters of COVID cases.

What about privacy and security? Can privacy be protected by existing data-protection laws and updated security safeguards, such as two-factor authentication? How could we guard against ID cards being required for other purposes, such as law enforcement?

In addition, creating a digital ID system is complex and expensive. Can digital ID systems be introduced gradually building on existing platforms? What about public trust? If they are reasonably safe, and add convenience for interacting with governments, will citizens sign up for them?

12:30 – 1:30pm PST Virtual Exhibition Hall

Lunch Break / Virtual Exhibitor Booths

1:30 – 2:00pm PST

Applied Session by ServiceNow: Why Taking a Risk Based Approach to Cyber Resilience is Required in Todays Changing Landscape

COVID-19 is exponentially changing and propelling organizations into new business models – where digital transformation of further business processes, employees increasingly working remotely and increased cyber threats are forcing CISO’s and security leaders to mature their cyber and security programs quickly.

Karl Klaessig will discuss how taking a more mature and programmatic approach to a cyber risk management program will align IT with the business and as a result:

• Gain leadership trust and buy-in for security programs
• Give the board confidence that we are prepared for a security event and we can prevent or minimize the impact
• Effectively communicate the business impact of the cyber risk management program to non-technical leadership
• Prioritize which vulnerabilities pose the greatest threat to the business and how to prioritize and plan for remediation
• Demonstrate the return on investment that a mature cyber risk management program delivers to the organization

1:30 – 2:00pm PST

Applied Session by Fortinet: Modernizing Security with AI to Protect ALL of Your Endpoints

Advanced attacks can take just minutes, if not seconds, to compromise the endpoints. As the bad guys are now using AI to develop new malware and other attack vectors, security products must evolve as well by integrating the use of AI to automate threat hunting and incident response. In this session Dr. Kevin Mahoney will explore:
• The evolution of EDR to XDR
• Using deep learning to detect zero-day threats
• The importance of security ecosystem integration and automation

1:30 – 2:00pm PST

Applied Session by Tripwire: Boom, Bang, and Breach—What Military Combat Operations and Security Strategy Teach Us About Cybersecurity

Join Maurice Uenuma as he draws on his own experiences as a combat veteran and special operations-trained Marine to explore lessons learned for cybersecurity. In the chaotic world of digital threats, data insecurity, and privacy invasion, there are fundamental concepts—from strategic planning to operational best practices to human factors—which make the difference between surviving an incident and suffering a devastating breach. Our trust and confidence in digitized critical infrastructure depends on getting this right. So we must look beyond technical capabilities and product features for the right approach.

Maurice will cover:
• Facing the unseen enemy
• Dealing with chaos and complexity
• Excellence in the essentials
• Building and maintaining trust in people and systems

From faraway battlegrounds to Canadian data centers, these principles are essential for success.

1:30 – 2:00pm PST

Applied Session by AWS: Private by Design in the Cloud: Incorporating a PIA into Cloud Architecture

Cloud computing enables architectural patterns that enhance privacy for users of the systems we build. In this session we will walk through AWS’ Shared Responsibility Model and how it impacts privacy and security, and provide examples of concrete patterns that address some PIA requirements.

2:00 – 2:30pm PST Virtual Exhibition Hall

Afternoon Break / Virtual Exhibitor Booths

2:30 – 3:45pm PST

Concurrent Panel A: COVID-19 and the Acceleration of Artificial Intelligence

As healthcare systems around the world grapple with COVID-19, technological innovation and ingenuity are being harnessed at an unparalleled pace. Artificial Intelligence (AI) and Machine Learning (ML) are playing key roles in better understanding and addressing COVID-19 including scaling communications, tracking the virus, and accelerating research and treatments. The panel will present how they have employed AI/ ML technologies to address this global crisis and discuss their challenges, successes and the potential for lasting benefits these technologies can deliver to patients moving forward.

2:30 – 3:45pm PST

Concurrent Panel B: Workplace Transformation: Working Life Has Entered a New Era

COVID has accelerated and in some cases mandated that organizations and government work from home. The shift may rival workplace transformations in the 19th and 20th centuries. The rapid shift to work at home enabled preconditions. Broadband services allow for document downloads and videoconferencing and remote work seems both normal and acceptable. Major challenges lie ahead. Are we prepared to provide the security and privacy in the work at home environment?

Organizations of all sizes, from all industries, rely heavily on cloud computing to operate. The massive shift to remote work during the covid-19 pandemic has only increased this reliance. In fact, a sector built around fables of industry "disruption" has enabled many to maintain constancy, connection, and business continuity–and afford some enterprises new opportunities.

How can advances in computing power, networking, AI and devices help businesses, governments, and citizens thrive in a world that has been disrupted?

3:50 – 4:30pm PST

Closing Keynote Address: Now More Than Ever: The Hacker Revolution meets the Pandemic

A quarter-century ago, I began addressing the impacts of the hacker revolution on the human inside the machine - how it would transform our lives, our thinking, our work, our identities. I was describing the "digital revolution" as a transformational engine, not as an academic exercise, but as genuine paradigm change. I was called "crazy" and "insane" but it all came to be as I described: hackers created the frames in which others lived, inside the bigger picture, without even knowing it. Insanity, like wisdom, is apparently contextual.

The pandemic is creating another paradigm change which asks that we apply real hacker methodologies to new realities. Context matters, and the context IS the content of our lives. Hackers have the tools to identify the fragments of a disintegrating society and use them to model new structures. Hackers have internalized procedures, assumptions, and working models to piece together parts of complex systems to create new wholes, to break down to break through. Hackers once again are thought leaders for a brave new world.

4:30 – 4:45pm PST

Closing Remarks & Announcements

Title Sponsor

Diamond Sponsors

Platinum Sponsors

Gold Sponsors

Conference Sponsors & Exhibitors

Marketing Partner

Call for Speakers

Please note that the call for speakers closed November 30, 2020.

The Advisory Board for the Victoria Privacy and Security Conference 2021 is pleased to announce that the Call for Speakers is now closed.

Subject matter experts working within the privacy and information security communities are invited to submit papers on their area of expertise. Of particular interest are briefs on cutting-edge subjects and themes suitable for presentation in either a panel session or keynote address. This two-day conference draws an international audience focused on policy, programs, law, research and technologies aimed at the protection of privacy and security.

Date: February 4-5th, 2021
Location: The Victoria Conference Centre, Victoria, British Columbia

2021 Conference Suggested Topics (not exhaustive):

  • Artificial Intelligence & Machine Learning
  • Biometrics, Facial Recognition & Surveillance
  • Cloud Computing
  • Cyber Security
  • Data Driven Healthcare Innovation in the Time of COVID
  • Digital Currency
  • Digital Identity Strategy
  • Edge Computing: The Office of the Future
  • Ethics
  • GDPR Lessons Learned
  • National Digital Strategy
  • National Security Strategy
  • Next Generation Privacy Legislation
  • Ransomware
  • Smart Cities
  • Women and Minorities: Opportunities and Challenges in the New Digital Economy


All entries must be received by midnight of November 30, 2020. Invited speakers will be notified by December 15, 2020.


Submissions will be accepted electronically using the form below.

Presentation Types:

  • Issue papers: An executive or management briefing on a prominent issue or aspect of information privacy or security.
  • Case studies: Descriptions of a specific information privacy or security situation or incident, or research results. Names of organizations can be kept anonymous to maintain confidentiality if necessary.
  • Research: Results or developments in cutting edge research on new information privacy and security technologies.
  • Sociological/ Philosophical perspective: A candid and/or introspective look at the impacts of new technological developments on privacy, security, social consciousness, or social functioning.

Have Questions or Need More Information?