close x
download

Brochure

Enter Your Info Below And We Will Send
You The Brochure To Your Inbox!

Thank you!
Your submission has been received!

Oops! Something went wrong while submitting the form

Register

RiskSec Toronto 2017

Decrease Your Risk, Increase Your Security  |  Presented by SC Media
A two day conference and workshop for information and security professionals providing insightful analysis on all of the latest cybersecurity issues in collaboration with highly respected thought leaders.
June 12 & 13
St. Andrews Club & Conference Center
150 King St W
Toronto, CA
SC MediaNew York
Presenting our new conference RiskSec Toronto

Formerly SC Congress Toronto

  Decrease Your Risk, Increase Your Security

A destination for information and security professionals providing analysis on all of the latest cybersecurity issues from highly respected thought leaders.


W elcome to RiskSec Toronto. SC Media, the leading IT security media brand, brings you an all-new conference discussing the latest in threat intelligence and risk management strategies. This conference is designed for IT security professionals with a focus on the most pressing issues confronting Toronto’s cybersecurity landscape.

Evolving from our SC Congress series, the leading cybersecurity conference and expo known throughout the globe, RiskSec is comprised of  interactive learning sessions, keynotes and panel discussions, and features an area designated for technology companies to demo and share their latest products and services. This event was created to immerse attendees in highly personalized and focused interactive exercises with discussions from senior thought-leaders in the cybersecurity industry.

Attendees will share perspectives with peers and discuss steps to tackle the cybersecurity issues proving most challenging to us all. RiskSec Toronto will enhance your knowledge set to bolster your organization’s security controls and build up your threat intelligence, risk management plans and best practices.

After 10 years of producing SC Congress events around the world, we are excited to introduce a modern cybersecurity conference and expo to meet the needs of today’s cybersecurity professionals.

You will not want to miss this gathering.

Illena Armstrong
VP, Editorial
Are you interested in participating as a presenter/speaker this June at RiskSec Toronto 2017?
Call for papers
speaker

John Glowacki

Chief Operating Officer, Shared Services Canada

John Glowacki was appointed by the Prime Minister of Canada in 2014 as Chief Operating Officer (COO) of Shared Services Canada. John is a former Corporate Vice President and CTO of CSC – at the time, the third largest IT service provider in the world. He retired from the U.S. Air Force in 2000 after 21 years of service mostly in special operations with experience in acquisitions, industrial engineering and education. 

learn more
speaker

Dr. Pierre D. Boisrond

Information Security Engineering Team Lead, Aviall
learn more
speaker

John Proctor

VP, Cyber Security

John Proctor, VP, Cyber Security, is responsible for CGI’s strategic cyber consulting, including governance, risk and compliance, for CGI in Canada. Together with his team of security consultants, John partners with government and commercial clients to build and execute practical, proactive security roadmaps that address both IT and business concerns and priorities.

learn more
speaker

Graham J. Westbrook

Cybersecurity Analyst, Geisinger Health System’s Information Security Office

Graham J. Westbrook (Sec+, C|EH) is a cybersecurity analyst with Geisinger Health System’s Information Security Office. As an intelligence analyst by training and cybersecurity analyst by trade, Graham merges the disciplines to run the Threat Intelligence and User Awareness programs at Geisinger. Past experience includes time with a Defense Contractor, Foreign Policy firm and a Nashville-based tech. company.

learn more
speaker

Mark Bernard

Author, NIST Cybersecurity Courses
LEARN MORE
speaker

Walt Williams

Director of Security and Compliance, Lattice Engines

Walt Williams, CISSP®, SSCP®, CPT has served in leadership roles of organizations that have provided secure and scalable services in the cloud for over ten years.  He currently serves as Director of Security and Compliance at Lattice Engines. He is an outspoken proponent of design before build, an advocate of frameworks and standards.  He has spoken at Security B-Sides, Boston App Sec, Rochester Security Summit, DefCon’s Wall of Sheep, and the 2016  27K summit.

LEARN MORE
speaker

Lois Tullo

Exec-in-Residence, Global Risk Institute

Lois is currently an Exec-in-Residence at the Global Risk Institute.  Here upcoming book entitled - A Riskier World? It's Here - A Global Risks and Trends Framework, will be published in the fall. Prior to joining Schulich, Ms. Tullo was CFO at CIBC Finance Inc where she was responsible for a $6 billion portfolio of student and car loans. She was also responsible for interim risk management and HR. Before that Ms. Tullo was Director of Finance, HR, and Business Process Redesign at Unitel Communications.

learn more
speaker

Bobby Singh

Chief Information Security Officer Executive, TMX

Mr. Bobby Singh has 20 plus years’ experience in information security with extensive experience in risk management, business operations, compliance, consulting and auditing. As the Chief Information Security Officer executive at TMX, Mr. Singh’s role involves ensuring that security is built-in both at the business-level and within the Infrastructure. 

learn more
speaker

David Foote

David Foote, Chief Analyst & CRO, Foote Partners, LLC

David Foote is a trends research pioneer and one of the most quoted industry authorities on global tech workforce trends and the human capital side of technology value creation. He has spent more than two decades introducing innovative data-driven benchmark research and analysis focusing in IT/business cross-skilling and technology/business management integration, while also pioneering new industry practices for more accurate compensation benchmarking, tracking, and forecasting of tech skills supply and demand. 

learn more
speaker

Nathan LaFollette

Director, Trustwave SpiderLabs

Nathan LaFollette is a global information security leader. He currently is the Managing Consultant at Trustwave SpiderLabs focusing on web and mobile application security for the top Fortune companies. He has been interviewed and published by SC Magazine, Network World, Cisco and Gartner, and has acted as a trusted advisor to many corporate CEOs on best security practices.

learn more
Schedule

The Schedule

8:00 am
-
9:00 am

Registration and breakfast

Registration and breakfast

9:00 am
-
9:30 am

Opening Keynote

Shared Services Canada – On the front line of the Government of Canada’s cyber defence

Mr. John A. Glowacki Jr. will discuss how Shared Services Canada safeguards government networks and systems through a coordinated, enterprise-wide approach. By incorporating security into the design of IT projects, procurements and initiatives, the Department is improving cyber incident response capabilities and introducing best practices across the Government of Canada.

John Glowacki, COO, Shared Serivces Canada

Opening Keynote

Shared Services Canada – On the front line of the Government of Canada’s cyber defence

Mr. John A. Glowacki Jr. will discuss how Shared Services Canada safeguards government networks and systems through a coordinated, enterprise-wide approach. By incorporating security into the design of IT projects, procurements and initiatives, the Department is improving cyber incident response capabilities and introducing best practices across the Government of Canada.

John Glowacki, COO, Shared Serivces Canada

9:30 am
-
10:00 am

Editorial Spotlight Session

Internet of Things Info/Cybersecurity Jobs, Skills, and Staffing: What You Need To Know Now

IoT is growing at a 32.6% annual rate through 2020 but a 6 million shortfall of cybersecurity professionals is projected by 2019: recipe for disaster or the biggest career opportunity in decades for security professionals? This session will discuss transitioning info/cybersecurity jobs and skills to an IoT world including: What’s trending right now in IoT-driven jobs, skills, and certifications; current salaries for info/cyber security jobs and cash premiums skills; what should employers and tech professionals be doing now to prepare for securing IoT long term?  

David Foote, Chief Analyst & CRO, Foote Partners, LLC

Editorial Spotlight Session

Internet of Things Info/Cybersecurity Jobs, Skills, and Staffing: What You Need To Know Now

IoT is growing at a 32.6% annual rate through 2020 but a 6 million shortfall of cybersecurity professionals is projected by 2019: recipe for disaster or the biggest career opportunity in decades for security professionals? This session will discuss transitioning info/cybersecurity jobs and skills to an IoT world including: What’s trending right now in IoT-driven jobs, skills, and certifications; current salaries for info/cyber security jobs and cash premiums skills; what should employers and tech professionals be doing now to prepare for securing IoT long term?  

David Foote, Chief Analyst & CRO, Foote Partners, LLC

10:00 am
-
10:45 am

Expo Floor Opens & Networking Break

Expo Floor Opens & Networking Break

10:45 am
-
11:30 am

Editorial Spotlight Session

Managing 3rd Party Risk

Increasingly security pro’s in Canada are faced with having 3rd parties managing risk for them through managed applications, shared cloud services and traditional MSSP. This session will show you how to insure the integrity of your network resources when dealing with this management issue.

Editorial Spotlight Session

Managing 3rd Party Risk

Increasingly security pro’s in Canada are faced with having 3rd parties managing risk for them through managed applications, shared cloud services and traditional MSSP. This session will show you how to insure the integrity of your network resources when dealing with this management issue.

11:30 am
-
12:15 pm

Editorial Spotlight Session

Security Awareness Training and Compliance

The fact remains that the most popular point of entry to your network by bad guys is social engineering. Hear leading experts provide key tips on better security awareness and ways your organization can enforce compliance.

Editorial Spotlight Session

Security Awareness Training and Compliance

The fact remains that the most popular point of entry to your network by bad guys is social engineering. Hear leading experts provide key tips on better security awareness and ways your organization can enforce compliance.

12:15 pm
-
1:15 pm

Networking Lunch and Expo Floor

Networking Lunch and Expo Floor

1:15 pm
-
1:35 pm

4 Track Master Classes

4 Track Master Classes

1:40 pm
-
2:25 pm

4 track tech sponsor sessions

4 track tech sponsor sessions

1:40 pm
-
2:25 pm

Mind the Gap: Going Beyond Penetration Testing For Improved Security Programs

Subjects like IT security management, threat modelling, incident response and security architecture improvement aren't usually addressed in most penetration tests, and compliance driven audit processes rarely extend beyond the regulation or standard that is being audited.  This talk will cover a few great ways to examine, analyze, review and improve organizational and product-oriented security programs using data and experience from Rapid7's consulting teams and will examine frameworks used for security program improvement and review, and discuss common gaps in security programs at different stages of maturity and in different verticals.

Mind the Gap: Going Beyond Penetration Testing For Improved Security Programs

Subjects like IT security management, threat modelling, incident response and security architecture improvement aren't usually addressed in most penetration tests, and compliance driven audit processes rarely extend beyond the regulation or standard that is being audited.  This talk will cover a few great ways to examine, analyze, review and improve organizational and product-oriented security programs using data and experience from Rapid7's consulting teams and will examine frameworks used for security program improvement and review, and discuss common gaps in security programs at different stages of maturity and in different verticals.

2:25 pm
-
3:30 pm

Expo Floor & Coffee Break

Expo Floor & Coffee Break

3:30 pm
-
4:15 pm

Editorial Spotlight Session

Data Analytics vs. Privacy

It’s one thing to capture customer and employee data on a day-to-day basis, but what is the best way to use it and protect it without causing security issues? This session will provide a better understanding on the balance between the worth of the data you collect and the risk to the organization for having it.

Rick Doten, chief, cyber and information security, Crumpton Group LLC

Pierre Boisond, information security engineering team lead, Aviall (A Boeing Company)

Editorial Spotlight Session

Data Analytics vs. Privacy

It’s one thing to capture customer and employee data on a day-to-day basis, but what is the best way to use it and protect it without causing security issues? This session will provide a better understanding on the balance between the worth of the data you collect and the risk to the organization for having it.

Rick Doten, chief, cyber and information security, Crumpton Group LLC

Pierre Boisond, information security engineering team lead, Aviall (A Boeing Company)

4:15 pm
-
5:00 pm

Closing Demo Session

Closing Demo Session

5:00 pm
-
6:00 pm

Networking Reception

Gain a clearer perspective on ways to manage mobile threats and where technology and policy must intersect.

Networking Reception

Gain a clearer perspective on ways to manage mobile threats and where technology and policy must intersect.

8:30 am
-
9:30 am

Breakfast

Breakfast

9:00 am
-
9:30 am

Keynote

Cyberdefense for the Rest of Us

Today’s cyber defenders are trapped in a dense “Fog of More” – more threats, tools, training, guidance, and requirements than they can absorb. But to manage your risk, you still have to prioritize in the face of motivated and creative attackers. We’ll describe how dynamic information models (like Cyber OODA Loops, the Cyber Kill Chain, the CIS Community Attack Model) allow us to continuously understand attacks and translate them into effective defensive action.

Tony Sager, senior VP & chief evangelist, Center for Internet Security

Keynote

Cyberdefense for the Rest of Us

Today’s cyber defenders are trapped in a dense “Fog of More” – more threats, tools, training, guidance, and requirements than they can absorb. But to manage your risk, you still have to prioritize in the face of motivated and creative attackers. We’ll describe how dynamic information models (like Cyber OODA Loops, the Cyber Kill Chain, the CIS Community Attack Model) allow us to continuously understand attacks and translate them into effective defensive action.

Tony Sager, senior VP & chief evangelist, Center for Internet Security

9:30 am
-
10:15 am

Editorial Spotlight Session: Proactive Security

Attack or be Attacked!!??

Bug bounty programs have been successful as a proactive security measure by getting others to attack your web resources or software. But what other proactive hunting measures are available and do they work? Those questions and more will be answered in this editorial spotlight session.

Editorial Spotlight Session: Proactive Security

Attack or be Attacked!!??

Bug bounty programs have been successful as a proactive security measure by getting others to attack your web resources or software. But what other proactive hunting measures are available and do they work? Those questions and more will be answered in this editorial spotlight session.

10:15 am
-
11:00 am

Expo Floor Opens & Networking Break

Expo Floor Opens & Networking Break

11:00 am
-
11:45 am

3 track Cyber 360 Clinics

3 track Cyber 360 Clinics

11:00 am
-
11:45 am

Cyber 360 Clinic 1

Automating Threat Intelligence

Hear practical areas to consider when building and managing your threat intel strategy. Gain an understanding on how to ensure you have the right technologies and processes in place, what you should buy and the best options for your budget.

Cyber 360 Clinic 1

Automating Threat Intelligence

Hear practical areas to consider when building and managing your threat intel strategy. Gain an understanding on how to ensure you have the right technologies and processes in place, what you should buy and the best options for your budget.

11:00 am
-
11:45 am

Cyber 360 Clinic 2

RansomEVERYware

Learn key methods for detection and remediation for ransomware through this hands-on workshop.

Cyber 360 Clinic 2

RansomEVERYware

Learn key methods for detection and remediation for ransomware through this hands-on workshop.

11:00 am
-
11:45 am

Cyber 360 Clinic 3

Managing the Mobile Threat

Gain a clearer perspective on ways to manage mobile threats and where technology and policy must intersect.

Cyber 360 Clinic 3

Managing the Mobile Threat

Gain a clearer perspective on ways to manage mobile threats and where technology and policy must intersect.

11:45 am
-
12:30 pm

4 Track Sponsor Tech Sessions

4 Track Sponsor Tech Sessions

12:35 pm
-
1:35 pm

Networking Lunch and Expo Floor

Networking Lunch and Expo Floor

1:35 pm
-
2:15 pm

3 track Cyber 360 Clinics

3 track Cyber 360 Clinics

1:35 pm
-
2:15 pm

Cyber 360 Clinic 4

Cloud Computing – For Real!

Worldwide organizations are beginning to fully embrace the cloud for real. Between Amazon, Microsoft and Google – organizations are ceding responsibility for their organization, employee and customer data to the cloud. This is no longer just about an app or two or email! How have you redefined risk to meet that environment AND what how have you altered your incident response plans?

Cyber 360 Clinic 4

Cloud Computing – For Real!

Worldwide organizations are beginning to fully embrace the cloud for real. Between Amazon, Microsoft and Google – organizations are ceding responsibility for their organization, employee and customer data to the cloud. This is no longer just about an app or two or email! How have you redefined risk to meet that environment AND what how have you altered your incident response plans?

1:35 pm
-
2:15 pm

Cyber 360 Clinic 5

Gaining and Keeping Executive Support

Keeping management in your corner and answering your emails and calls is not just about budget anymore. Security needs to be an integral part of an organizations risk management plan and to do so you need executive buy in. What works, what doesn’t?

Cyber 360 Clinic 5

Gaining and Keeping Executive Support

Keeping management in your corner and answering your emails and calls is not just about budget anymore. Security needs to be an integral part of an organizations risk management plan and to do so you need executive buy in. What works, what doesn’t?

1:35 pm
-
2:15 pm

Cyber 360 Clinic 6

Building a successful GRC program

How to build a successful GRC program that even a small organization can afford and successfully implement with scarce resources and a small budget

Walt Williams, director of security and compliance, Lattice Engines

Cyber 360 Clinic 6

Building a successful GRC program

How to build a successful GRC program that even a small organization can afford and successfully implement with scarce resources and a small budget

Walt Williams, director of security and compliance, Lattice Engines

2:15 pm
-
2:35 pm

Editorial Wrap Up

(mainstage)

Editorial Wrap Up

(mainstage)

2:35 pm
-
3:05 pm

Closing Session

The Canadian Cyber Threat Exchange (CCTX)

Robert (Bob) Gordon, executive director, Canadian Cyber Threat Exchange (CCTX) "

Closing Session

The Canadian Cyber Threat Exchange (CCTX)

Robert (Bob) Gordon, executive director, Canadian Cyber Threat Exchange (CCTX) "

ICON is an invite-only half-day track. For consideration of an invitation to I.C.O.N.

please email karen.koza@haymarketmedia.com

Icon: A half-day international clinic for CSO’s

Club Room

10:30AM to 3:20 PM

This clinic will tackle challenges from a technical, corporate and a policy perspective within both domestic and international realms. This new feature is specifically for senior cybersecurity leaders. This is a must attend event for any C level cybersecurity professional in the NY and Tri-state area.

10:30 am
-
11:30 am

Privacy – It’s Not Just About Your Countries Rules!

Learn and understand how privacy regulations both differ and continue to change in various nations. This can affect how you manage data of employees, customers and partners residing in or doing business in various locations. Ignore at your own peril!Learn and understand how privacy regulations both differ and continue to change in various nations. This can affect how you manage data of employees, customers and partners residing in or doing business in various locations. Ignore at your own peril!

Privacy – It’s Not Just About Your Countries Rules!

Learn and understand how privacy regulations both differ and continue to change in various nations. This can affect how you manage data of employees, customers and partners residing in or doing business in various locations. Ignore at your own peril!Learn and understand how privacy regulations both differ and continue to change in various nations. This can affect how you manage data of employees, customers and partners residing in or doing business in various locations. Ignore at your own peril!

11:30 am
-
12:30 pm

Risk, Security and Executive Management

Your job is to mitigate the security risk faced by your organization. Nowhere is it written you need to often convince the very ones who hired you of how it fits directly into the organizations overall risk management strategy. And yet to be able to do your job you need executive and board support – they understand the topic of risk – so give it to them in a form they can digest for the betterment of the organization and your blood pressure.

Lois Tullo, Executive-in-Residence, Global Risk Institute & Professor, Schulich School of Business

John Del Grande, Director, Architecture & Information Security Solutions Delivery, President's Choice Financial

Risk, Security and Executive Management

Your job is to mitigate the security risk faced by your organization. Nowhere is it written you need to often convince the very ones who hired you of how it fits directly into the organizations overall risk management strategy. And yet to be able to do your job you need executive and board support – they understand the topic of risk – so give it to them in a form they can digest for the betterment of the organization and your blood pressure.

Lois Tullo, Executive-in-Residence, Global Risk Institute & Professor, Schulich School of Business

John Del Grande, Director, Architecture & Information Security Solutions Delivery, President's Choice Financial

12:30 pm
-
1:30 pm

Private Lunch

Private Lunch

1:30 pm
-
2:15 pm

International Organization for Standards (ISO)

Why So Important?

Various ISO standards may be a large part of the framework for PCI, HIPAA and others but those standards, whether explicitly or implicitly, helps organizations do security better as well. Hear how to enforce such standards on your partners to further protect you and hear ways to get the most out of ISO.

Mark Bernard, Cybersecurity Consultant and Project Manager, Secure Knowledge Management Inc

Carlos Recalde, managing director, CTO, Successful Technology, LLC

International Organization for Standards (ISO)

Why So Important?

Various ISO standards may be a large part of the framework for PCI, HIPAA and others but those standards, whether explicitly or implicitly, helps organizations do security better as well. Hear how to enforce such standards on your partners to further protect you and hear ways to get the most out of ISO.

Mark Bernard, Cybersecurity Consultant and Project Manager, Secure Knowledge Management Inc

Carlos Recalde, managing director, CTO, Successful Technology, LLC

2:15 pm
-
3:00 pm

Cybersecurity Canada

Cybersecurity Canada

features

The Features

30+ Industry leading Keynotes and Speakers

Attend ICON, a half-day International Cyber security clinic (for CSO’s) invite-only

Discussing cyber policy trends, corporate Risk issues and models and Network Solutions.

Interactive floor & demos from over 25 leading technology companies

Earn 15 CPE to maintain your certification while expanding your knowledge base and/or skill set

Interactive 360 Clinics on:

- Threat Intelligence
- Ransomware
- Mobile Threat
- Cloud Computing
- Executive support
- Policy vs Technology

Sharpen Risk Management Strategies

Network with senior cybersecurity leaders connected across all industry verticals

Intelligent Connection Discussion Roundtables

Participate in an interactive Q&A and live polling with our conference App

Corporate-meets-social in our new full service event venue designed around your attendee experience

Unlimited snacks and beverages, lunch from an executive chef at our nourish bar

Register now for this must attend event

Two Day Conference Pass

$995CAD

Early Bird
Before April 15th

register today

All Inclusive Access for two full days of insightful analysis and a 360 degreee exploration of the most salient topics in cybersecurity

An exclusive opportunity to contribute to the tactical solutions and ideas affecting organizations and individuals

Must have content from all Keynote, Editorial Spotlight Sessions, Cyber 360 Clinics, Intelligent Connection Discussion Groups

Networking Breakfasts, Luncheons and Cocktail Reception to share perspectives with other top industry professionals

Two day full immersion in information security strengthening your cybersecurity arsenal and risk posture

Full collaboration and discussion with 175+ top cybersecurity executives and thought leaders

Earn up to 15 CPE credits

Unlimited snacks and beverages throughout the event

Meet in person your favorite speakers

One Day Workshop

$675CAD

Early Bird Pricing

register today

All Inclusive Access for one day of analysis and exploration in cybersecurity

An exclusive opportunity to contribute to the tactical solutions and ideas affecting organizations and individuals

Must-have content from Keynote, Editorial Spotlight Session, Cyber 360 Clinics, Intelligent Connection Discussion Groups

Networking Breakfast and Luncheons to share perspectives with other top industry professionals

One day full immersion in information security strengthening your cybersecurity arsenal and risk posture

Full collaboration with 175+ leading cybersecurity executives and thought leaders

Earn up to 6 CPE credits

Unlimited snacks and beverages throughout the day

Meet in person your favorite speakers

Featured Blog posts

Walt Williams to discuss information security management systems at RiskSec Toronto

Walt Williams, the director of security and compliance at Lattice Engines, will be speaking on information security management systems at...

venue

150 King Street West

address

150 King Street West
27th Floor,
Toronto, ON M5H 1J9
(647) 560-1659

more information

646-638-6137

follow us

RiskSec Toronto 2017

Decrease Your Risk, Increase Your Security  |  Presented by SC Media
register