PDF Download February 12-14, 2017 Agenda (PDF)

CISO Canada Summit
February 12-14, 2017

↓ Agenda Key

View detailsKeynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

View detailsExecutive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

View detailsThought Leadership

Solution provider-led session giving high-level overview of opportunities

View detailsThink Tank

End user-led session in boardroom style, focusing on best practices

View detailsRoundtable

Interactive session led by a moderator, focused on industry issue

View detailsExecutive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

View detailsFocus Group

Discussion of business drivers within a particular industry area

View detailsAnalyst Q&A Session

Moderator-led coverage of the latest industry research

View detailsVendor Showcase

Several brief, pointed overviews of the newest solutions and services

View detailsCase Study

Overview of recent project successes and failures

View detailsOpen Forum Luncheon

Informal discussions on pre-determined topics

View detailsNetworking Session

Unique activities at once relaxing, enjoyable and productive

Saturday, February 11, 2017 - CISO Canada Summit

3:00 pm
-
4:30 pm

Registration & Greeting

4:30 pm
-
6:00 pm

Exclusive CISO Think Tank

6:00 pm
-
7:00 pm

Cocktail Reception

7:00 pm
-
8:30 pm

Networking Dinner

8:30 pm
-
10:00 pm

After Dinner Networking

Sunday, February 12, 2017 - CISO Canada Summit

7:00 am
-
8:00 am

Networking Breakfast

8:00 am
-
8:10 am

Welcome Address and Opening Remarks

8:10 am
-
8:55 am

Executive Visions

Is Security Obscuring the Benefit of the Cloud?

Cloud delivered computing services, whether Software, Platform, or Infrastructure as a Service offer the potential of significant business advantages such as reduced cost and increased flexibility. These advantages however come with very real risks, chief among them security concerns and the risk of data and compliance breaches – how do you secure what you can’t see, touch, and control? Join our panel as we explore both the security and compliance issues inherent in Cloud deployments, look at the hidden issues that first time Cloud adopters may simply not be aware of, and discuss through solutions that can be used to address these challenges and allow enterprises to fully and firmly embrace the Cloud.

Takeaways:

  • Be exposed to the true security and compliance cloud threat landscape
  • Learn how successful cloud adopters have mitigated these risks
  • Discover how to build cloud protection capabilities keyed to you needs

Moderated by:

View detailsJames Quin, Senior Director of Content and C-Suite Communities, CDM MediaCDM Media

Panelists:

View detailsMichael Castro, Sr. Director, Information Security and Risk Management, Loblaw Companies LimitedLoblaw Companies Limited

View detailsRoger Hatch, Director, IT Security, Architecture and Engineering , Bank of Canada

View detailsWade Alt, Global SVP, Solutions Engineering

Sponsored by:

View detailsSungard ASSungard AS

9:05 am
-
9:35 am

Executive Exchange

Roundtable

The Digital Enterprise

Organizations are subject to many forces driving the digital transformation of our economy. Max Brunet, Senior Principal with SAP’s Industry Value Engineering team, will outline the characteristics of a successful digital enterprise, discuss the roadmap to leadership in a digital economy and will dig deeper on how SAP can help companies align to these new forces from a business, and technology standpoint.


Sponsored by:

SAP

9:40 am
-
10:10 am

Executive Exchange

Think Tank

Security in an Outsourced World

Building security into your enterprise processes, and integrating it with your existing technology investments has never been more critical or complicated than it is in this era of decentralized computing, and ever-tightening compliance requirements. Furthering this complication is the impact that partnering deals can have since infrastructure, applications, and even data may now longer be under your direct control. To be able to ensure efficient and effective security capabilities you need to understand the nature of the threats that exist today, the impact a sourcing relationship can have on these threats, and the mitigation strategies and tools key industry leaders are using to address the challenge.

Takeaways:

  • Social, Mobile, Cloud, and Analytics is already having a significant impact on enterprise security, sourcing potentially adds another layer of complexity
  • Beyond simple security however there are also issues such as privacy and compliance that also need to be considered
  • Investing in the right tools and practices is essential to weather the storm without breaking the bank

10:15 am
-
10:30 am

Networking Break

10:35 am
-
11:05 am

Executive Exchange

Thought Leadership

Securing the Mobile, Cloud-First Enterprise

More and more organizations are embracing the cloud and mobility to improve productivity and increase competitive advantage. This is turning the current security landscape upside down. At the same time newer, more advanced threats are creating new risks that traditional security appliances are struggling to keep up with. CIO's and CISO's are looking for new approaches to securely adopt the cloud and mobility.

In this session Zscaler will discuss why many IT organizations are choosing to adopt a cloud-based approach to securely enable mobility, cloud applications and social media, while ensuring compliance and reducing risk. The audience will learn how a cloud security strategy can help them.

  • Protect users from advanced threats: Why traditional security appliances are failing.
  • Why full SSL content inspection is necessary to detect emerging, advanced security threats.
  • How to embrace the cloud with full visibility and control of Shadow IT.
  • Get real-time visibility and control: mine billions of user transactions in seconds to quickly identify gaps in security and ensure compliance with corporate policies.

11:10 am
-
11:40 am

Executive Exchange

Think Tank

How to be Socially Secure (or Securely Social)

Social media is the least hyped and potentially least adopted of the so-called disruptive technologies, at least by enterprises in general. This doesn’t mean that employees are embracing these tools personally however, nor does it mean that enterprises should continue to avoid them. The fact of the matter is social platforms allow for incredible levels of interaction that when harnessed can lead to significant creativity and productivity gains allowing enterprises that adopt and encourage the use of social collaboration platforms to be more successful than their non-social peers. But every newly adopted technology brings with it unique problems and so it is the CISOs job to provide the secure landscape within which this social collaboration, both internal and external, sanctioned and not, can occur.

Takeaways:

  • Your employees are already social whether you realize it or not, facilitate it or not so ignoring the issue only leads to greater security problems
  • Social collaboration presents a real security threat as information is more freely shared, and interactions occur outside the boundaries of enterprise control
  • Social security programs must be built in layers, addressing first unsanctioned use, then sanctioned all while differentiating between internal and external social activity

11:45 am
-
12:15 pm

Executive Exchange

Thought Leadership

Enterprise application integration and what it means to go to cloud

Cloud has accelerated the rate at which apps are deployed within an organization whether or not IT is involved. IT organizations today not only have to compete with external vendors to pitch a solution but are also responsible for seamlessly integrating the apps into the enterprise ecosystem. The pace of change and demands on IT to be resilient and innovative at the same time has sky rocketed. Can integration help address some of these issues?

In this roundtable, we will look at synchronous integration, asynchronous integration and data access to probe the following questions: Are our applications architected to thrive in the cloud? How do we build an on-ramp to cloud enable our apps? What role does integration really play? How do we manage data and security in the cloud? Finally, we will also look at some real world examples of Red Hat IT's approach to solving some of these challenges.

Sponsored by:

Red Hat

12:20 pm
-
12:50 pm

Executive Exchange

Roundtable

Your Storage is a Business Problem

What is the problem?  Why is it a problem? How are we solving this?

Overall IT spending is on a downward trend as the market is pushing everyone to do more with less. Businesses of all sizes are under constant demand to be better, faster and to deliver new services to market. Development teams are challenged to drive innovation while compounding delivery cycles, however legacy processes and technologies often act as obstacles preventing agility and sucking up critical resources to accomplish low-value administrative or operational tasks.  Technology is evolving at a rapid pace to try to meet these demands, and Coho Data is leading the charge to innovate data infrastructure.

Join Andrew Warfield, CTO and Co-Founder of Coho Data as he leads a roundtable discussion to explore:

  • 2016 data challenges and opportunities 
  • how macro-market forces are impacting data-services innovation and why legacy platforms and processes are under threat of extinction
  • how to leverage scale-out architecture to help better align storage costs with business growth
  • how to create a scalable and flexible data-services platform that drives agility and enables true services innovation
Sponsored by:
Coho Data

Roundtable

Keeping Up With the Pace of Cyber Threats

Cyber threats are constantly evolving. Many organizations are reporting that they do feel they have sufficient resources to address the current cyber threats they face. The technology and skills organizations have invested in provide protection against the past. To keep pace with tomorrows cyber threats companies, need to develop continuously improving infrastructures and skills. This challenge is not as easy as it sounds; new security tools are introduced everyday, skilled staff acquisition and retention is increasingly difficult and training of current staff is time consuming. 

This facilitated round-table discussion will ask participants to discuss approaches, such as out-sourcing/out-tasking, “as-a-service” delivery or Cloud services, as methods of addressing the challenge of keeping pace with today’s and tomorrow’s cyber threats.

Sponsored by:

Rogers Communications Canada Inc.

12:55 pm
-
1:55 pm

Networking Luncheon

2:00 pm
-
2:30 pm

Executive Exchange

Think Tank

Building Dynamic Security Teams

Theres no other way to say it than bluntly; Information Security is a white-hot field within Information Technology as a whole " over the last dozen years it has gone from after-thought, to scapegoat, to critical enterprise success factor. As a result, the need for capable and qualified Information Security specialists, whether front-line Analysts, mid-level Managers, or top level CISOs is at an all time high, but personnel and skills availability is sinking to an all-time (at least in terms of supply and demand ratio) low. There simply isnt enough expertise in existence to go around, or enough education occurring to create it. In this environment, senior Information Security leaders have to get creative in their pursuit of the people, performance, and passion necessary to address this capability shortfall.

Takeaways:

  • Learn how to build grass-roots programs that cultivate a farm full of potential security experts through internal and collaborative programs
  • Find out how to leverage key organizational traits to generate buzz and interest where none existed before
  • Understand the relevance of certs vs. experience and how to evaluate and validate the value of candidates

2:35 pm
-
3:05 pm

Executive Exchange

Roundtable

Self-Service BI & Analytics: Changing the Game with Data

Self-Service has become the magic bullet in almost every industry. From banking to restaurants managers are getting very creative and find ways to offer differentiated self-service. It saves costs, provides better user experience and wins new customers. But can we make self-service BI and Analytics a game changing business asset that improves employee performance, drives new levels of efficiency and generates new revenues?

This session will discuss how companies uses BI and Analytics self-service creatively.

Sponsored by:

Information Builders

Roundtable

Shift IT from an Indefensible Cost Center to an Insights Hub

Join this Apptio sponsored session to dive deeper on this topic and explore some options to address the challenge. IT has been forced to defend its existence for quite some time as not just an overhead to the business but an actual value driver and business partner. With the added pressure to innovate and compete with a fast changing technology ecosystem, that problem is appearing more insurmountable than ever before. In this session we’ll explore the problem further and consider a journey capable of solving the problem.

Sponsored by:

Apptio

Roundtable

We’re Screwed When It Comes to IT Security

Dug Song, Co-Founder and CEO, will explain how in the modern era, IT is turned inside-out. IT organizations no longer have direct control over the devices people use to access corporate networks, putting them at risk. As a result, when it comes to security, modern IT professionals often proclaim, “We’re screwed.”

Consider this: the Verizon 2015 Data Breach Investigations Report claims that 95% of all data breaches are caused by stolen credentials. And, despite the billions of dollars being spent on security products, the number of breaches is rising exponentially. This begs the question, “Has the security industry simply failed?” In security you often hear the acronym APT, which stands for Advanced Persistent Threat. The truth is that for many of the high profile breaches such as the one at Target, some might say APT could actually stand for Average Phishing Technique. In short, the bad guys don’t need to be that sophisticated to cause millions and millions of dollars of harm.

So, is all lost? In this presentation, you’ll learn a “back-to-the-basics” approach to information security that is the easiest and most effective way to block the breach.

Sponsored by:

Duo Security

3:10 pm
-
3:40 pm

Executive Exchange

Thought Leadership

Enabling the Digital Enterprise: The Digital Workspace

The consumerization of technology in the enterprise and mobility are two critical elements underlying digital transformation and the evolving workplace in many enterprises. The challenge of issues such as mobility and security are undoubtedly significant. What if we told you that the time is now where you can drive the transformation towards a digital enterprise where your users can be more productive and use modern devices and apps while enabling secure policies that protect your critical enterprise data. Join Shankar Iyer who will share with you VMware's digital workspace vision - consumer simple, enterprise secure.

Sponsored by:

VMware

3:45 pm
-
4:00 pm

Networking Break

4:05 pm
-
4:35 pm

Executive Exchange

Think Tank

Addressing Privacy on a Global Scale

Of all the risk management issues that present themselves to the modern-day CISO, perhaps the most difficult to address is that of privacy. In and of itself, privacy is no different a challenge than protecting any other sensitive information, however the multi-jurisdictional impacts of the issue due to wildly differing laws between the US and European countries (as well as Canada, another country with strong privacy laws) make this an issue that is often times overwhelming to address. CISOs must work diligently to ensure that their privacy efforts conform with the standards of any jurisdiction with which they might work, where their data might be held and this is an almost overwhelming task.

Takeaways:

  • Privacy is one of the most challenging issues for any business and CISO to address
  • The difference in regulations between and among European countries (both those in and out of the EU itself) and North American ones means traversing a fraught landscape
  • A strong approach to privacy that addresses global differences is essential to being a stable and viable global business

Presented by:

View detailsD'Arcy Moynaugh, Sr. IT Manager Information Security Program, EnbridgeEnbridge

4:40 pm
-
5:10 pm

Executive Exchange

Roundtable

Get Comfortable Being Uncomfortable

The accelerated pace of the global economy recasts business models, supply chains and distribution channels at alarming speed.  Business leaders face a constant assault on their comfort zone and are realizing that being uncomfortable IS their new reality. At least if they want their companies to stay relevant and thrive.

In this session we will explore the challenge of how rapidly changing business initiatives drive IT infrastructure evolution at an unsustainable – yet ever accelerating pace. Participate in a lively discussion about optimizing new business initiatives rather than forfeiting opportunities or losing market share because your IT infrastructure can’t support continuous business change.

We will look at ways to master this perpetual change with Hybrid IT and embrace new business opportunities with near real-time IT response.

Don’t get too comfortable…or your company will become obsolete…

Takeaways:

  • Strategic approach to aligning IT services and business objectives: implement new technologies at lightning speed to support business innovation while “keeping the lights on” by keeping critical applications 100% available
  • How nearly 40% of the market will hybridize more than 50% of their environments by 2018
  • How to transform your IT department from a cost centre to a true driver of business growth
Sponsored by:
CenturyLink

Roundtable

The Enterprise Immune System: Using Machine Learning to Detect ‘Unknown Unknown’ Threats

Learn why ‘immune system’ technologies represent a fundamental innovation for cyber defence

  • Discover how to apply machine learning and mathematics to detect advanced, internal threats
  • Understand how to gain 100% network visibility to investigate emerging anomalies in real time
  • Hear real-world Enterprise Immune System case studies
Sponsored by:
Darktrace

5:15 pm
-
6:15 pm

Executive Visions Panel

Diversity in IT

The importance technology plays within an enterprise will only continue to gain momentum as more developers, engineers, and programmers enter the workforce. As these segments continue to grow, so does the diversity of the workforce within the technology field. For a field that is severely constrained by a talent and skills gap, this influx of bodies can only be a good thing. Beyond the basic ability to deliver of identified capabilities a diverse workforce, whether cultural or gender influenced offers a whole that is more than the sum of the parts. Finding ways to drive and increase diversity in IT then should be a key focus for every IT executive.

Takeaways:

  • Identify the importance behind diversity in technology, opportunities, and capabilities
  • Develop insight on the market direction behind alternate staff in both technology and security, and how the landscape continues to evolve with the aid of different perspectives
  • Discuss the expanding technology market, the increased focus on technology, security, and IoT integration

Moderated by:

View detailsGale Blank, Former CIO Walmart Canada,

Panelists:

View detailsSuzie Smibert, Director and Chief Information Security Officer , Finning InternationalFinning International

View detailsBrigitte Lariviere, VP, Information Technology/Product Life Cycle Management for Product Development Engineering, Bombardier Aerospace

View detailsHumza Teherany, Chief Innovation Officer, Compass Group CanadaCompass Group Canada

6:15 pm
-
7:00 pm

Cocktail Reception

7:00 pm
-
8:30 pm

Networking Dinner

8:30 pm
-
10:00 pm

After Dinner Networking

Monday, February 13, 2017 - CISO Canada Summit

7:00 am
-
8:00 am

Networking Breakfast

8:10 am
-
8:55 am

Executive Visions

Shadow IT – To Embrace or Eliminate?

Best practice in most enterprises, at least as far as the CIO and CISO goes, is to squash Shadow IT wherever it is encountered. Shadow IT, the argument goes, leads to a world of data and integration problems for the IT department, and significant amounts of unknown and unquantifiable risk for the information security group. A small but vocal minority however is beginning to advocate for Shadow IT as a catalyst of innovation, citing the increases in productivity and creativity by allowing enterprise staff to find their own out of the box solutions to organizational problems. CIOs and CISOs can allow their organizations to have their cake (Shadow IT) and eat it too (still be secure) by following a few simple steps that allow them to build in security regardless of user activity.

Takeaways:

  • Shadow IT is not malicious activity; it is simply the Line of Business user community looking to be efficient and effective
  • A well developed security program can take Shadow IT into account and incorporate protection mechanisms that allow end user flexibility
  • Embracing Shadow IT does not mean “no holds barred” and end users need to understand the limit of the boundaries and the reason for their existence

Moderated by:

View detailsGaetan Houle, President , GH IncGH Inc

Panelists:

View detailsGale Blank, Former CIO Walmart Canada,

View detailsRichard Hannah, VP Information Services, Gibson EnergyGibson Energy

View detailsRob Labbe, Director, Information Security, Teck Resources LimitedTeck Resources Limited

9:05 am
-
9:35 am

Executive Exchange

Thought Leadership

Innovating With the “Lights On” – How to Tip the Balance

CIOs are consistently challenged by their organizations to leverage emerging technologies like social, mobile, cloud and big data to drive new value. Where is the problem? Many IT leaders admit their spending is too heavily weighted toward keep-the-lights on projects (80%-90% in many cases), leaving little budget for truly transformational initiatives. 

Join this interactive session to learn how award-winning CIOs are successfully tipping the balance between innovation and “lights on” mix by untethering resources from costly ongoing maintenance of their legacy ERP systems including SAP and Oracle, to re-investing in high growth initiatives.

Sponsored by:

Rimini Street

9:40 am
-
10:10 am

Executive Exchange

Think Tank

Addressing Cyber Security in the Retail Sector

The 2014 Verizon Data Breach Investigations Report was released recently and declares 2013 the year of the retailer breach, unsurprising given the attacks on Target, Michaels, Neiman-Marcus and other retailers. For the second year in a row the report shows retailers to be one of the most heavily attacked industry verticals and the new structure of the report shows that the number one channel of attacks was, by far and away, threats against and compromises of the PoS system yet for all that the report offers nothing more than old school, pat security solutions such as Use AV, Limit Remote Access and Segment the Network. While these are all fine techniques to apply to increase base level security stance, the time has come for retailers to get out of the security dark ages and begin to take cutting edge approaches that respect the increased focus bad actors are giving their businesses.

Takeaways:

  • Retail organizations are increasingly being seen as low hanging fruit when it comes to financially motivated security threats
  • Core capabilities of how these companies run their business are being directly, and successfully targeted
  • Retail sector spending on IT security lags the market in general and lags significantly on a spend:threat ratio

10:15 am
-
10:30 am

Networking Break

10:35 am
-
11:05 am

Executive Exchange

Roundtable

Sponsored by:

Compugen

Roundtable

State of the Hack: Intelligence is Key

The cyberattack landscape continues to shift. Attacks are more sophisticated, and less evident. Advanced campaigns are now more intelligence-based than technological in nature. This session explores this evolution and the necessary role of counterintelligence in today’s cyber-risk strategies.

11:10 am
-
11:40 am

Executive Exchange

Think Tank

Defending the Dual Threat to Carriers of Mobile Security

As mobile devices continue to proliferate, security becomes a bigger and more serious issue. While initial security threats were contained to data loss through lost and stolen devices, the leveraging of targeted cyber security threats has created a dual problem for carriers. The first is the PR nightmare of increasing public perception that mobile security breaches of all types are a carrier and not end user issue. The second is the threat that hundreds of millions of powerful connected devices represent to backbone carrier networks themselves. In this environment mobile providers must make investments in security technologies that protect the network from directed threats (from both known and unknown connections) and extend that protection bubble out to subscribers.

Takeaways:

  • A recent study shows that subscribers are more than twice as likely to feel that mobile security is a carrier issues than a personal issue
  • As in-circulation handsets are increasingly becoming smart phones instead of feature phones telcos are effectively hosting hundreds of millions of threat vectors to their networks on their networks
  • Astute IT leaders will realize that these dual problems can and must be dealt with by a single security solution

Think Tank

Board Awareness/Engagement

11:45 am
-
12:45 pm

Executive Visions

Customer Engagement in a Hyper-Connected World

The tables have turned in the consumer-enterprise relationship with the consumer often in an ownership and leadership role. The explosion of connected technologies and information channels they access has created a world of educated, informed, and savvy consumers that often know more about your products and services, and how they compare with those of the competition and enterprises are struggling to adjust. Learning how to leverage new tools and technologies that synergize efforts across varied channels to deliver a unified customer experience while maintaining appropriate security is quickly becoming a key to marketplace success.

Takeaways:

  • Discover how leading enterprises are aligning and integrating their efforts across varied channels to drive engagement
  • See which techniques are being used to sift through customer data to discover meaningful insights and tailor outreach efforts accordingly
  • Be exposed to the unique security challenges that this ever-connected, ever-engaged model is creating and learn how to mitigate them without compromising success

Moderated by:

View detailsGale Blank, Former CIO Walmart Canada,

Panelists:

View detailsJames Callaghan, Chief Technologist, WestJet AirlinesWestJet Airlines

View detailsShaun Guthrie, Director, Information Technology, Go autoGo auto

View detailsHumza Teherany, Chief Innovation Officer, Compass Group CanadaCompass Group Canada

12:45 pm
-
12:50 pm

Thank You Address and Closing Remarks

12:55 pm
-
1:55 pm

Grab and Go Luncheon