Vancouver International Privacy & Security Summit May 5-7, 2021, Vancouver, BC

General Information

This first annual summit will be a digital-first experience on our customized virtual platform with an immersive look and feel that will engage our delegates from start to finish. We will deliver our virtual summit from a professional studio with a full production team and made for TV quality presentations. The summit will offer a platform for over 1000 security and privacy professionals from around the world to discuss important issues on how we securely live, work, and play as the move to digital platforms accelerates.

Presented by Reboot Communications in partnership with ISACA Vancouver, this three-day summit will provide essential education, training and opportunities for CPD credits for individuals who are responsible for the transformation of the public and private sector into the new digital economy.

Reasons to Attend

  • Timely, motivational presentations from leading industry experts
  • Learn about current trends, issues and actions
  • Valuable CPD credits to maintain a variety of qualifications essential for your career
  • Unparalled networking opportunities
  • Informative pre-conference educational sessions and many compelling panel sessions
  • Get immediate answers and solutions to issues current in your organization

Conference Rates

Early Bird virtual registration by March 5, 2021 Regular virtual registration after March 5, 2021
Public Sector $300 (plus GST) $350 (plus GST)
Private Sector $300 (plus GST) $350 (plus GST)

Registration Fees Include

  • All keynotes and panel sessions
  • Pre-conference educational sessions
  • Access to virtual exhibition booths
  • Access to virtual platform
  • On-line access to presentations post-event

Social Media

Stay connected and engaged in the conversation leading up to and during the conference by following along on Twitter. Use the event hashtag to follow others who are already posting, and include it in your tweets to add to the existing discussions. The hashtag for this year’s summit is #VIPSS21 and our twitter handle is @VIPSSummit. We would appreciate you sharing your voice with our other followers.

Keynote Speakers

Stephanie Aceves

Senior Director & Threat Response SME Lead, Tanium

Brenda Bailey

Parliamentary Secretary for Technology and Innovation, Legislative Assembly of BC

Dr. Ann Cavoukian

Former Privacy Commissioner; Executive Director, Global Privacy & Security by Design Centre

Vinton Cerf

Vice President and Chief Internet Evangelist, Google

Robert Falzon

Head of Engineering, Office of the CTO, Check Point

Hank Fordham

Strategic Cybersecurity Advisor, Centurion Cyber Defence

Roy Hart

Chief Information Officer, BCIT

Tanya Janca

CEO & Founder, We Hack Purple

Scott Jones

Head, Canadian Centre for Cyber Security

Chris Keaton

Privacy Consultant, OneTrust

Dave Lewis

Global Advisory CISO, Duo Security, Cisco

Kevin Lonergan

Senior Strategy Manager, TELUS Security

Derek Manky

Chief, Security Insights & Global Threat Alliances, Fortinet FortiGuard Labs

Adam Meyers

Senior Vice President, Intelligence, CrowdStrike

Honourable Joyce Murray

Minister of Digital Government, Canada

Dan Pontefract

Founder and CEO, Pontefract Group; Author & Speaker

Dan Prieto

Strategic Executive, Google Cloud

Antoine Saikaley

Technical Director, Trend Micro

Victor Tavares

Director of Systems Engineering, Palo Alto Networks

Simon Wong

Associate Partner, Consulting Services, Cybersecurity, EY

Speakers

Farshad Abasi

Chief Security Officer, Forward Security

Jeannine Adams

Founder and CEO, Centurion Cyber Defence and ReTrain Canada

Michael Argast

Co-founder & CEO, Kobalt

Augusto Barros

VP of Solutions, Securonix

Ryan Berger

Partner, Lawson Lundell LLP

Clarence Chio

Artificial Intelligence & Security Specialist

Dr. Jeremy Clark

Associate Professor and Chair in Blockchain Technologies, Concordia University

Rachel Clark

Information Security Specialist – Data Analytics, TD Bank Group

Stan Crosley

Co-Director, Center for Law, Ethics, and Applied Research in Health Information (CLEAR), Indiana University

Leo de Sousa

Director of Enterprise Technology, City of Vancouver

Colin Druhan

Executive Director, Pride at Work Canada

Justin Fox

Director of Software Engineering, NuData Security, A Mastercard Company

Dr. Robert Fraser

President and CEO, Molecular You

Roger Gale

Program Head, Industrial Network Cybersecurity Program, BCIT

Debbie Gamble

Chief Officer, Innovation Labs & New Ventures, Interac Corp.

Bob Gordon

Executive Director, Canadian Cyber Threat Exchange (CCTX)

Derran Guinan

Senior Sales Engineer, CrowdStrike

Aran Hamilton

CEO, Vantage; Co-Chair, IdentityNORTH

Vanessa Henri

Lawyer, Fasken

John Jacobson

Former Deputy Minister, Ministry of Technology, Innovation and Citizens’ Services

Sunny Jassal

Director, Cyber Security, British Columbia Institute of Technology

Soyean Kim

Director of Digital Products, Providence Health Care

Dr. Alena Kottova

Sessional Professor, Faculty of Engineering, University of Victoria

Bob Krzysik

Field CTO, Varonis

Scott Langendorf

Endpoint Security Specialist, Product SME, Tanium

Kirk LaPointe

Publisher and Editor-in-Chief, Business in Vancouver Media Group

Dr. Victoria Lemieux

Chief Information Security Officer, Molecular You; Cluster Lead, Blockchain@UBC

Christian Leuprecht

Class of 1965 Professor in Leadership, Royal Military College and Queen’s University

Dr. Holly Longstaff

Director, Privacy and Access, PHSA Research and New Initiatives, Provincial Health Services Authority

Dr. Alan Low

Clinical Associate Professor, Faculty of Pharmaceutical Sciences, UBC; Executive Director, Medicines Access Coalition – BC; Primary Care Pharmacist and Pharmacy Lead, BioPro Biologics Pharmacy

Kathy Macdonald

President, Global Cyber Security Courses Inc.

Eve Maler

Chief Technology Officer, ForgeRock

Angela Marafino

COO, WoSEC International

Florian Martin-Bariteau

Associate Professor and University Research Chair in Technology and Society, University of Ottawa

Derek May

Account Executive, Technology & Cyber Specialist, HUB International

Catherine Mendonsa

CISO, Director Information Systems Security & Enterprise Architecture, Finning

Keith Metcalfe

CEO, Traction Guest

Alyssa Miller

Business Information Security Officer, S&P Global

Peter Newton

Senior Director ZTNA, Fortinet

Tom Nuth

Director, Cloud Edge Solutions, Fortinet

Edward Pereira

Principal Consultant, Carmel Info-Risk Consulting

Ritchie Po

Privacy Practice Lead, Kobalt.io

Ruth Promislow

Partner, Bennett Jones LLP

Roberto Salgado

Chief Technical Officer, Websec

Dr. Teresa Scassa

Canada Research Chair in Information Law and Policy, University of Ottawa

Mark Schaan

Associate Assistant Deputy Minister for Strategy and Innovation, Department of Innovation, Science and Economic Development (ISED)

Winn Schwartau

Chief Visionary Officer, SAC Labs (A division of KnowBe4)

Steve Simpson

Former Commissioner BC & Yukon,CRTC

Jeevan Singh

Security Engineer Manager, Segment

Dr. David Skillicorn

Professor, School of Computing, Queen’s University

Ajay K. Sood

Country Manager, Canada, Rapid7

Kimberley St. Pierre

Director of Strategic Accounts, Tanium

Jo Stewart-Rattray

Director of Technology & Security Assurance, BRM Advisory

Dr. Kelly Sundberg

Associate Professor, Mount Royal University

Ellen Sundra

SVP Global Systems Engineering and Enablement, Forescout

Bill Tam

Co-founder & Chief Operating Officer, Digital Technology Supercluster

Dr. Rob Tanguay

Clinical Assistant Professor, Department of Psychiatry, University of Calgary; Chief Medical Officer, The Newly Institute

Aaron Thul

VP of Technology & Compliance Officer, EMOL Health

Dominic Vogel

Founder & Chief Strategist, Cyber.SC
Print Agenda

*Invited Speaker

Wednesday, May 5, 2021

8:45am - 4:45pm PST

Pre-Summit Educational Workshops

All sessions listed on Wednesday, May 5 are included in your full summit delegate pass.

8:45am - 10:15am PST

LGBTQ+ Professionals and Students in Security and Privacy

What challenges does the LGBTQ+ community face in a historically male-dominated field such as IT security and data privacy? Join a panel of out and proud IT security professionals for a discussion on how the industry has responded to barriers to entry and how it has evolved to demographic changes to become more inclusive.

8:45am - 10:15am PST

BCIT presents: Industrial Systems Have Cybersecurity Needs Too!

In this session we will attempt to answer the question of why IT cybersecurity training has not resulted in adequate protection of industrial systems. After a short review of some recent industrial cyberattacks and the tactics, techniques and procedures used by threat actors to gain access and compromise industrial system, we will then review IT cybersecurity training and some of its shortcomings. Finally we will present the new BCIT Industrial Cybersecurity Program and its associated lab and why this program will help industry with their Cybersecurity needs.

10:15am - 10:25am PST

Canadian Cyber Defence Challenge Update

10:25am - 10:45am PST

Morning Break

10:45am-12:15pm PST

Fortinet presents: SASE and ZTNA - Extending Network and Security Capabilities to Infinity and Beyond!

The edge of the modern enterprise network has grown increasingly geo-distributed due to the rapid transition to a work-from-home (WFH) model. This has resulted in the off-network becoming a central part of the enterprise network, yet it has also exposed one of the weakest links in most security strategies — remote network access. The large disparity that exists between the tools and capabilities available for on-premise networking and security solutions versus what is available for the off-network users can only be covered by converging security and networking functions into a single, integrated system that can scale from the WAN Edge into the Cloud Edge. This is Secure Access Service Edge - or SASE.

Zero Trust Network Access (ZTNA) is frequently sold as a feature within a SASE offering. We don't think ZTNA should be limited to SASE-only solutions. Fortinet has now expanded our Zero Trust Access solution to include ZTNA capabilities. In classic Fortinet fashion, this ZTNA is secure, protected by our award-winning, industry leading Next Generation Firewall technology. This new feature combines the benefits of an improved, secure remote access tunnel with granular control of application access.

This workshop will be broken into 3 sections:
1. SASE - We will outline which capabilities of this as-a-Service offering have made organizations successful, those that have not, and how FortiSASE has taken shape to extend the best in enterprise-grade security and optimized experience to users everywhere.
2. Live Demo – Dive under the hood of FortiSASE to see how this powerful addition to the Fortinet Security Fabric provides a way to centrally provision, visualize, and manage all users on a per-device basis.
3. ZTNA – Learn how ZTNA enables the controlled transition from traditional VPN tunnels to an easier and more secure means of accessing applications. You’ll also see how ZTNA improves security for applications by both hiding them from the Internet and verifying users and devices before every session. Come learn about a more flexible ZTNA solution that goes beyond SASE.

12:15pm-12:30pm PST

Canadian Cyber Defence Challenge Update

1:15pm-2:45pm PST

Cyber Law & Cyber Insurance

The legal aspects of cybersecurity are increasingly relevant to organizations as the protection and valuation of digital assets continues to be at the centre of many discussions. This panel session dives deep into conversations on cyberlaw and cyber insurance. Many business professionals are unfamiliar with cyber laws and what they mean for their organization. Furthermore many do not realize that cyber lawyers can play an integral role in the event of a data breach or significant cyber security incident. This panel will also explore the intersection between cyber law and cyber insurance. What is cyber insurance and how does it address cyber liability? What are the legal implications of not having cyber insurance? Cyber insurance and cyber law are relatively new constructs designed to address cyber risk. Ask these legal and insurance experts your pressing questions about cyber law and cyber insurance.

1:15pm-2:45pm PST

Tanium presents: Danger Zone: Can you Handle Real-World Breach Scenarios?

Agility and readiness are essential when investigating and responding to modern security threats. Having a comprehensive understanding of the tactical threat landscape is essential. Seeing your security posture mature while keeping a close eye on the weak points gives you the tools you need when suspicious activity happens. Learn with Tanium how you can have the full visibility and control that you require to keep your network safe. We will explore how to quickly detect, investigate and respond to threats.

2:45pm-2:55pm PST

Canadian Cyber Defence Challenge Update

2:55pm-3:15pm PST

Afternoon Break

3:15pm-4:45pm PST

CrowdStrike presents: Threat Hunting Workshop

In this session you will:

• Review live attack simulations on test systems (malware and fileless / web-based attacks)
• Run an investigation to uncover how the hackers got into the system and how CrowdStrike’s Falcon Platform would detect and prevent the adversary from meeting their objective
• Navigate through a live Falcon Console to explore its various capabilities
• Learn how to properly respond to an attack and how to quickly remediate

3:15pm-4:45pm PST

Application Security Workshop - Pentesting, DevSecOps, and Threat Modelling: what are they and how do they fit into a security program

Building and maintaining secure applications involves a number of practices including pentesting, DevSecOps, and threat modelling. These form the key pillars of an application security program, and are often poorly understood. In this workshop AppSec industry veterans Roberto Salgado, Farshad Abasi, and Jeevan Singh tackle each of these topics starting with an overview, then discussing the relationship to other AppSec processes, place within the overall security program, along with key take away actions as well and resources.

Thursday, May 6, 2021

8:20am-8:25am PST

Call to Conference

8:25am-8:40am PST

Welcome Remarks

8:40am-9:20am PST

Session 1 - Keynote Address: Privacy and Security

There is no privacy without security. This is all about access control. Who has access to what data and what can they do with it? Moreover, it is vital to be able to audit access to information so that inappropriate access can be detected if only after the fact. Privacy is also about knowing terms and conditions for access to data that users wish to control. Users are looking for reassurance that they have control over what is done with data about them. These assurances must exist in an international environment and that opens up questions about international collaboration and cooperation for law enforcement and agreements as to what constitutes abuse of privacy. There is no question this is complex territory but that should not inhibit efforts to address the issues.

9:20am-10:00am PST

Session 2 - Keynote Address: It’s Time to Get Serious About Privacy: Lead Proactively With Privacy by Design, Before Surveillance Overtakes Us

Surveillance has been abounding in recent years, dramatically escalating the threats to our privacy. We must respond in kind, escalating privacy protective measures proactively, before the privacy harms take place. We have much to turn to: Privacy by Design, decentralization of identity, end-to-end encryption, and much more. But we must start moving NOW – there is no time to waste. Let’s explore the many measures available to us and ensure that privacy-invasive measures such as Vaccine Passports do not overtake us!

10:00am-10:30am PST

Morning Break / Exhibit Booth Time

10:30am-11:30am PST

Session 3 - Panel A: Building Canada into a Digital World – Interacting with Digital Consumers and Citizens

To create a digital Canada it's essential to build trust and prioritize "engagement and education" with communities. When we talk about the concept of trust, we really have to put ourselves as best as we can into the context of the people whom we want to build this trust with. Identity management is a core component to building a solid foundation for a socioeconomic safety net.

As digital transformation accelerates, we must solve the challenges we face today while preparing for an abundance of future opportunities. At the heart of that effort is the commitment to building trust and data stewardship into our AI development projects and organizations.

11:35am-12:05pm PST

Session 4 - Concurrent Keynote Address by TELUS: Zero Trust: How Canadian Organizations are Rethinking Their Approach to Cyber Security

Traditional security perimeters are disappearing. With more employees working remotely and a growing use of cloud services that operate outside the network, organizations are having to rethink strategies for protecting themselves and their data. Join TELUS’ Sr. Strategy Manager, Kevin Lonergan, as he discusses how Canadian organizations are using the Zero Trust framework to secure their networks and employees and where to begin when planning and implementing a Zero Trust strategy for your organization.

11:35am-12:05pm PST

Session 4 - Concurrent Keynote Address by Cisco: Security Debt, Running with Scissors

Security debt, defined by Dave Lewis, Global Advisory CISO, Duo Security at Cisco, as “the accumulation of the patches missed, the risks accepted, and the configurations misapplied,” is a serious and common problem for many organizations, especially with the move to cloud computing and rise of IoT. Part of the problem is that, while organizations might accept the risks they encounter, they often neglect to review them or make a plan for the future, and that risk is compounded when patches are passed from person-to-person through staff changes and/or employee churn. However, it doesn’t have to be this way - to track and address security debt, organizations must develop and implement defined, repeatable processes. They should look to strategies like the zero-trust model, trust but verify, sanitation of inputs and outputs, and of course, make sure to execute patches instead of pushing it onto the next person.
Key Points:
• Security debt occurs when patches are pushed aside, and risks are accepted but not addressed
• The longer organizations wait to address risks, the harder it is to address them
• To eliminate debt, organizations should create defined and repeatable processes with plans for action

11:35am-12:05pm PST

Session 4 - Concurrent Keynote Address by CrowdStrike: Supply Chain Attacks Are Gaining Traction: What To Do About It?

The threat of supply chain compromise represents a particularly nefarious issue for defenders, as it involves the compromise of a trusted third party through which the threat actor then subsequently compromises additional victims. To complicate things even more, the subsequent victims of these supply chain attacks are often unaware that they are being (or have been) attacked due to the trusted nature of the relationship between the 3rd party victim and the supplier.

This intelligence brief will discuss CrowdStrike’s most current understanding of supply chain threats, associated infrastructure and capabilities, and what organizations can do to defend themselves in the face of these advanced attacks.

12:05pm-1:10pm PST

Lunch Break (Please visit the exhibit booths)

1:10pm-1:50pm PST

Session 5 - Keynote Address by Tanium: Keeping the Plane in the Air – Why Centralization is so Critical to Security Programs

Can you imagine how many plane crashes there would be if the plane controls were spread out throughout the aircraft and not in one centralized place in the cockpit? Why do we settle for using disjointed, niched solutions to keep our organizations in-flight and headed the right direction? As the cyber and privacy professionals who’ve made it our responsibility to keep the world safe, it’s our job to create security cockpits for our organizations. You up for the challenge, captain?

1:55pm-2:25pm PST

Session 6 - Concurrent Keynote Address by Check Point: IoT and the new ab·normal

IoT devices permeate the most intimate aspects of our everyday lives. Now more than ever we must address the risks associated with these always on, always connected devices!

1:55pm-2:25pm PST

Session 6 - Concurrent Keynote Address by EY: How Your Cybersecurity will be Permanently Transformed by Shifts in Global Privacy

The next three years in cybersecurity will be vastly different than our current state. Join Simon Wong, leader of EY’s cybersecurity practice in B.C., as he shares how the changing privacy expectations of the global citizen will affect security practices of all organizations. Security teams must evolve to deliver new capabilities, implement new tools and reinvent existing ones, regardless of their organization’s size or sector. Throughout this keynote session, attendees will get a glimpse into how their organizational roles will change to build a better working world.

1:55pm-2:25pm PST

Session 6 - Concurrent Keynote Address by Palo Alto Networks: Intelligent Network Security

Cyberattacks are ever-evolving, increasingly using automation to morph and elude detection. Add to this an ever-expanding attack surface, the rapid growth of both cloud adoption and remote users, and a flood of new, hard-to-secure IoT devices. Clearly, the enterprise threat landscape has never been more challenging. Traditional manual and reactive security approaches are simply over-matched.

So, how do you proactively manage policy changes, protect devices, and stop new threats? You need a radical new approach to network security that can scale faster than manual approaches. Join us to learn how you can move from an “always react” mode to a “proactively protect” mode.

2:25pm-2:55pm PST

Afternoon Break / Exhibit Booth Time

2:55pm-3:55pm PST

Session 7 - Panel A: Banking on the Future: How the Digital Surge Will Reshape How We Do Business

The shift from physical to digital payments has been dramatic as the rise of cashless transactions worldwide has risen to levels not expected in two or five years. Conventional banks now account for only 72% of the total market value of the global banking and payments industry. The acceleration of digitization is most visible in payments. The digital rush offers a new business model from banks, e-commerce sites, fintechs, social networks, taxi apps and telecom firms all vying to become the next platform.

Cybersecurity has quickly become one of the most important issues of our time. As a leading organization in cybersecurity entrusted to keep our clients’ data safe and secure, RBC is proud to support the Cybersecure Policy Exchange and its ambitious policy agenda. Questions of privacy and security are paramount for all Canadians and policymakers, and proper governance of these issues will ultimately contribute to a more prosperous and equitable world.

2:55pm-3:55pm PST

Session 7 - Panel B: Creating a Cyber Resilient Organization – The Conversation with the Board of Directors

COVID-19 has forever transformed the way we run business. Now more than ever, cybersecurity and cyber-resiliency are critical for market survival. Understanding which technologies will have the most significant impact and success in your organization is critical. The next step is the conversation with your Board of Directors or Executive Management Team. You will need to demonstrate clear ownership of the risk and your command of the top from both a technology and an overall business perspective. CIO Survey indicates there is a large gap between technology leaders and Executive Management. Can you gain the trust and confidence of your Board to enable and empower your organization from cyber attack and create resiliency from a cyber attack?

2:55pm-3:55pm PST

Session 7 - Panel C: Managing Identity & Security in the Cloud – Lessons Learned from Digital Health

Healthcare providers are creating their own branded “digital front door” that provides efficient, personalized user experiences through SMS, web, phone, video, apps, and other channels. Consumers also are opting for time-saving real-time digital interactions. Healthcare and commercial organizations rightfully want to control and safeguard their patient and customer relationships and data in each method of digital engagement to build brand awareness, personalized interactions, and loyalty.

The healthcare industry has historically been slow to adopt new digital technologies. However, a host of market forces, rising costs, and new regulations are expanding the landscape for digital tools to manage care better, find new cures, and change healthcare business models entirely. Digital Health Insights is a data-driven research publication looking at how technology is changing the healthcare space, who the big players in the space are, new trends to look out for, and how incumbents across insurance, pharma, providers, and more are responding.

4:00pm-4:45pm PST

Session 8 - Keynote Address by BCIT: Privacy and Security in a Hyper-Connected World – The Future of Technology Enabled Environments

The British Columbia Institute of Technology is launching a Smart Campus Initiative to connect thousands of distributed IoT sensors that will be spread across multiple buildings and systems at the Burnaby Campus. This presentation will address the potential operational and academic benefits, the scope of the initiative, and early considerations for privacy and security. Topics covered will include digital twins, cloud services, digital identity, open data, IoT, and security. The BCIT Smart Campus Initiative will also create many new opportunities for collaboration with industry and future-proof applied education through agile learning, digital transformation management and our continued Partnership in Provincial Resilience.

4:45pm-5:00pm PST

Day 1 Closing Remarks

Friday, May 7, 2021

8:45am-8:55am PST

Administrative Announcements

8:55am-9:00am PST

Day 2 Opening Remarks

9:00am-9:35am PST

Keynote Address

9:40am-10:20am PST

Keynote Address by Fortinet: The Disruptive Shift in Existing and Emerging Threats

Threat intelligence from the second half of 2020, and the first few months of 2021, demonstrates an unprecedented cyber threat landscape where cyber adversaries maximized the constantly expanding attack surface to scale threat efforts around the world. Adversaries proved to be highly adaptable, creating waves of disruptive and sophisticated attacks. They targeted the abundance of remote workers or learners outside the traditional network, but also showed renewed agility in attempts to target digital supply chains and even the core network.

Join Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs for this Keynote presentation that will examine the evolution of these attacks, their impact on cybersecurity resources that are already stretched thin and strategies to leverage threat intelligence to defend against disruptive threat vectors.

10:20am-10:50am PST

Morning Break / Exhibit Booth Time

10:50am-11:50am PST

Session 11 - Panel A: Trust, Ethics and the Future of Artificial Intelligence Machine Learning (AI-ML)

At the heart of digital transformation is the commitment to building trust and data stewardship into our AI development projects and organizations.

Even as a nascent technology AI is incredibly complex and powerful, delivering benefits by performing computations and detecting patterns in huge data sets with speed and efficiency. But that power, combined with “black box” perceptions of AI and its appetite for user data, introduces a lot of variables, unknowns, and possible unintended consequences. Hidden within practical applications of AI is the fact that trust can have a profound effect on the user’s perception of the system, as well as the associated companies, vendors, and brands that bring these applications to market.

Advancements such as ubiquitous cloud and edge computational power make AI more capable and effective while making it easier and faster to build and deploy applications. Historically, the focus has been on software development and user-experience design. But it’s no longer a case of simply designing a system that solves for x. It is our responsibility to create an engaging, personalized, frictionless, and trustworthy experience for each user.

Responsible data stewardship establishes a chain of trust that extends from consumers to the companies collecting user data and those of us building AI-powered systems. It’s our responsibility to know and understand privacy laws and policies and consider security and compliance during the primary design phase. We must have a deep understanding of how the data is used and who has access to it. We also need to detect and eliminate hidden biases in the data through comprehensive testing.

Every AI vendor and developer not only needs to be aware of the inherently sensitive nature of user data but also of the need to operate with high ethical standards to build and maintain the required chain of trust.

10:50am-11:50am PST

Session 11 - Panel B: The New Digital Normal - Doing Business Remotely and Securely

COVID has accelerated and in some cases mandated that organizations and government work from home. The shift may rival workplace transformations in the 19th and 20th centuries. The rapid shift to work at home enabled preconditions. Broadband services allow for document downloads and videoconferencing and remote work seems both normal and acceptable. Major challenges lie ahead. Are we prepared to provide the security and privacy in the work at home environment?

Organizations of all sizes, from all industries, rely heavily on cloud computing to operate. The massive shift to remote work during the COVID-19 pandemic has only increased this reliance. In fact, a sector built around fables of industry "disruption" has enabled many to maintain constancy, connection, and business continuity–and afford some enterprises new opportunities.

How can advances in computing power, networking, AI and devices help businesses, governments, and citizens thrive in a world that has been disrupted?

10:50am-11:50am PST

Session 11 - Panel C: State Sponsored Threats: A Case Study for the SolarWinds Security Breach

Microsoft calls the SolarWinds hack ‘the largest and most sophisticated attack' ever. There have been large-scale breaches before. Why is the SolarWinds cybersecurity attack getting so much attention?

Cyberattacks are entering a new era of lethal impact when state sponsored threat actors can hack into a software supply chain of a company such as SolarWinds and infect binary code to mimic legitimate protocol traffic and avoid detection. SolarWind's Orion system is used by more than 33,000 customers in both government and industry.

To gain greater insights into the SolarWinds breach, join this panel as we explore its implications on cybersecurity strategy in the future and what steps enterprises need to take today.

11:55am-12:25pm PST

Session 12 - Concurrent Keynote Address by Google: Opportunities for Cybersecurity Transformation Three Decades After the Birth of the Web

In light of rising cyber attacks -- Solar Winds, Hafnium, and attacks related to COVID remote work -- this talk takes a step back to examine the state of security 30+ years after the birth of the web. What opportunities exist to transform cybersecurity over the next decade? The talk argues that staying the course with standard approaches to cybersecurity -- information sharing, certification and compliance, cyber hygiene, hiring more talent, accumulating more cybersecurity tools and point solutions -- will not meet the cybersecurity challenge. What is needed instead are a radical acceleration in the adoption of Zero Trust and a game-changing embrace of proactive threat hunting powered by petabyte-scale cyber analytics.

11:55am-12:25pm PST

Session 12 - Concurrent Keynote Address by OneTrust: Building a Global Privacy Program for CCPA, GDRP, LGPD and the World’s Privacy Laws

The GDPR changed the way people and businesses think about privacy. With its extraterritorial scope and high noncompliance fines, it forced companies to implement ongoing, operational and privacy-focused initiatives by design into their businesses, changing the way companies interact with customers, employees and vendors. Since its enforcement date, the regulation has been a catalyst for new data protection laws across the globe: including groundbreaking new regulations in California, Brazil, India and others, meaning global businesses will need to reassess their privacy compliance across a growing matrix of regulatory requirements. In this session, we will discuss the current state of the global privacy environment and how companies can build programs that address the overarching requirements of various data protection laws.

11:55am-12:25pm PST

Session 12 - Concurrent Keynote Address by Centurion Cyber Defence - Fight or Flight: The Human Cost of Cybercrime

While technology continues to evolve, strategies to attack the human factor in cyber systems are now relying on some old tricks of psychological warfare. Amygdala hacking – driving victims to their detriment using stress, fear, anger, and anticipation – has become a popular implement in the spear phishing toolkit. Sophisticated criminal gangs and state actors are employing OSINT and vulnerabilities in business culture to target victims on an emotional level. The impact of this type of social engineering runs deeper than just money.

Centurion Cyber Defence’s Strategic Cybersecurity Advisor, Hank Fordham, will talk about how amygdala hacking works, how it impacts victims, and what businesses, organizations, and governments can do to protect themselves and prevent these attacks from causing damage.

12:25pm-1:30pm PST

Lunch Break (Please visit the exhibit booths)

1:30-2:30pm PST

Session 13 - Fireside Chat: Rise of Surveillance Capitalism

We have long used science and technology to categorize and differentiate people into hierarchies that, even today, determine who is able and unable, deserving and undeserving, legitimate and criminal. The scientific racism of old, facial recognition doesn’t simply identify threats; it creates them, and as such intensifies a dangerous digital moment. Facial-recognition systems tend to misidentify people of colour and women at higher rates than white people and men Invasive technologies such as facial recognition and electronic monitors reproduce and supersize racial inequality in an era of big data and offer few tangible metrics with which to measure effectiveness. These technologies are as destructive to democracy as they are discriminatory.

1:30-2:30pm PST

Session 13 - Panel B: Women in Cybersecurity & Privacy: Challenges, Successes & Opportunities

The World Economic Forum ranks cybersecurity 4th on the “Global Risks Horizon” which is described as a “clear and present danger” in The Global Risks Report 2021. Steve Morgan, Editor-in-Chief of Cybercrime Magazine, reports that Women Represent 20 Percent Of The Global Cybersecurity Workforce In 2019, which is better than 7 year ago, however still not enough. In ISACA’s 2020 Tech Workforce Survey there are two stats that contradict one another which might help us gain some insight into the work that still needs to be done to achieve gender diversity for women in cybersecurity.

• “65% of men say their employers have a program to encourage the hiring of women. 51% of women agree.”
• “71% of men say their employers have a program to encourage the promotion/advancement of women. 59% of women agree.

Our moderator, Kimberley St. Pierre, a fierce advocate and champion for empowering, elevating and encouraging women in the field of cybersecurity, is thrilled to host a panel of international CISO women. These panelists will discuss the challenges still facing women in cybersecurity, their top personal career success moments and the opportunities they see that lie ahead, to not only increase gender diversity in the field of cybersecurity but also start to close the skills gap that we are all challenged with around the globe. They will leave you with some experiences to reflect on, some changes to consider and a specific call to action for our conference attendees.

2:30pm-3:00pm PST

Afternoon Break / Exhibit Booth Time

3:00pm-3:30pm PST

Session 14 - Concurrent Keynote Address by Trend Micro: Cybersecurity in the C-suite and Boardroom

The link between cybersecurity and the business has led to an industry declaration that, “Cybersecurity is a boardroom issue.” This statement is true yet simplistic. Executives and corporate directors have a fiduciary responsibility to shareholders and/or owners, so they are ultimately responsible for everything that drives the business, including managing cyber-risk and safeguarding business-critical technology assets. That said, cybersecurity can be a highly technical discipline. This brings up a few questions: Do executives really understand cybersecurity and its role in the business? And as technology further dominates the business landscape, are they investing appropriately in cybersecurity and driving a cybersecurity culture throughout their organizations?

Join this session to explore the answers to these questions through survey results from over 300 business and IT professionals, and steps you can take to help make cybersecurity become a more prominent and standard topic within the boardroom.

3:00pm-3:30pm PST

Session 14 - Concurrent Keynote Address by WeHackPurple: Building Security Champions

With security teams being vastly outnumbered many organizations have responded to this challenge with different program scaling methods, including building security champions programs. Which leads us to questions; How does a security champions program work? How do you select your champions? And once you have them, what do you DO with them?

This session will teach you;
• How to attract the right people to your program
• What and how to train them
• How to engage them, and turn them into security advocates
• What do delegate and what NOT to delegate
• What to communicate, how often and to who
• How to motivate them
• How to build an AMAZING security champion program

Recipe for success; recruit, engage, teach, recognize, reward, don’t stop.

3:00pm-3:30pm PST

Session 14 - Concurrent Keynote Address - TBD

3:35pm-4:15pm PST

Session 15 - Closing Keynote Address: Leadership: Being Our Best in in the Age of Digital Transformation

There are only two kinds of leadership in this world: leading self and leading others. It’s that simple, only two. In the midst of a pandemic, times are complex. While the era of digital transformation is upon us, now, more than ever, how you conduct yourself as a leader might become the defining moment of your career.

When we understand the critical importance of crafting meaningful, respectful relationships among our colleagues, we’ve set ourselves up for success. But when those interactions are no longer always face-to-face—when digital becomes so much more prevalent in our workplaces—how can we ensure that those relationships will thrive?

The bottom line is we need to foster our relationships. We need to do better. All of it requires both reminders and new methods. In this virtual keynote delivered by 4-time TED speaker, 4-time author and leadership strategist, Dan Pontefract, you will leave with insights, stories and practical techniques on the key facets of a more collaborative and caring form of leadership. Indeed we must remind ourselves the importance of connecting and educating people through times of change.

4:15pm-4:25pm PST

Closing Remarks & Announcements

Title Sponsor

Founding Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Media Partner

Summit Sponsors & Marketing Partners

Sector Day Sponsors