CISO Canada Summit | February 26-28, 2017 | The Ritz-Carlton, Montreal - Montreal, QC, Canada

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Sunday, February 26, 2017 - CISO Canada Summit

3:00 pm - 4:30 pm

Registration & Greeting

 

4:30 pm - 6:00 pm

Exclusive CXO Think Tank

 

6:00 pm - 7:00 pm

Networking Cocktail Reception

 

7:00 pm - 8:30 pm

Networking Dinner

 

8:30 pm - 10:00 pm

After Dinner Networking

 

Monday, February 27, 2017 - CISO Canada Summit

7:00 am - 7:55 am

Registration and Networking Breakfast

 

8:00 am - 8:10 am

Welcome Address and Opening Remarks

 

8:10 am - 8:40 am

Keynote Presentation

The Future of the CIO in the Coming Digital Economy

As more businesses undergo a digital transformation, and as those digital transformations become more ingrained into organizational culture, Digital becomes not something unique and different from the business, but a core component of every aspect of the business. As this shift occurs, IT itself faces the very real possibility of no longer being something unique from the business, but instead a component of every aspect of the business. In this world, what role then exists for the CIO? Two clear paths are presenting themselves - one leads to a focus on infrastructure and integration, to keeping the lights on for the digital innovators, while the other leads to information and innovation itself. Knowing what path to choose, how to choose it, and how to see it through will be one of the greatest challenges CIOs of this era will face.

Takeaways:

  • Change is, if not already here, certainly coming and CIOs that don't prepare for the change may not like the results when it arrives
  • Digital transformation is all about connecting enterprise system to information technology to drive productivity and performance improvements
  • Be prepared to tackle the tasks that no-one wants to do, but everyone needs done; establish relevance to cultivate importance
 

8:45 am - 9:15 am

Keynote Presentation

Security's Place in Enterprise Risk Management

While Information Security has existed for decades, Enterprise Risk Management (ERM), as a formal and holistic practice, is much newer yet already has taken pre-eminence over its forebear. What is the CISO, who in many ways has toiled in invisibility, infamy, or ignominy to do when faced with the issue of being supplanted by the Chief Risk Officer, just as enterprise demand for and focus on security has reached all-time heights? Savvy CISOs will recognize this new, broader need for holistic visibility into, and management of, overall enterprise risk and will position themselves for success by looking beyond traditional information security boundaries and engaging business partners around all enterprise risk.

Takeaways:

  • Just because information security is an aspect of enterprise risk doesn't mean that the CISO needs to take a back seat position
  • Enterprise risk is defined by the business but needs to be quantified by an expert; CISOs bring risk quantification expertise to the table
  • The end goal is not about fiefdoms and ownership, it is about improving enterprise value and success; maintaining focus is essential
 

9:20 am - 9:45 am

Executive Exchange

 

Thought Leadership

The Need for Speed: Strategic Insights Into How Canadian Organizations Are Leveraging New Technological Approaches to Meet the Business Demands for Innovation and Agility


Sponsored by:

Red Hat View details

 
 
 

9:50 am - 10:15 am

Executive Exchange

 

Executive Boardroom


Sponsored by:

Information Builders View details

 
 

Executive Boardroom

Deep Learning Artificial Intelligence: A Game Changer to the Unknown Malware Challenge

During this session, Holly Whalen will cover how Artificial Intelligence is able to detect and prevent from sophisticated unknown malware which are undetected using traditional machine learning. 2015 Intel Security report identified the unknown malware challenge correlated to 1 million net new pieces of malware in the wild, every single day, roughly 42 net new pieces of malware in the wild every hour. Early 2016 reports indicate these numbers have doubled. The sophistication of the unknown malware problem now includes malware that is being developed using traditional machine learning. During this session, Holly Whalen will share the advancements in Artificial Intelligence " deep learning, discovered in 2012 via a University Toronto research team, funded by the Canadian Federal government. These advancements to the Artificial Intelligence community have resulted in an artificial brains decision making capability that surpasses the human error rate, regardless of its application: Facial Recognition, Voice Recognition, Content, Cybersecurity. 

Takeaways:

  • What are the latest advancements in Artificial Intelligence and their value to the unknown malware challenge 
  • How can these AI advancements augment current defensive infrastructure 
  • The future of AI and its applicability to the malware challenge

Sponsored by:

Deep Instinct View details

 
 
 

10:20 am - 10:30 am

Morning Networking Coffee Break

 

10:35 am - 11:00 am

Executive Exchange

 

Think Tank

Bridging the Talent Gap: Building the Team of Tomorrow

There is no escaping the fact that the demands on the IT department are changing. Those changes are necessitating changes in the IT department itself and nowhere is this being felt more than in the roles and responsibilities of the IT staff themselves. Complicating this transition is the fact that every IT department is undergoing to change at roughly the same time making the personnel with the requisite skillsets extremely hard to find, and perhaps even harder to retain. Savvy CIOs need to quickly identify which are the hot skills they most urgently require and then build a strategy that allows them to build (train), borrow (outsource), or buy (hire) the right people with the right capability at the right time.

Takeaways:

  • Commit to a talent-first organization which recognizes and rewards the most important asset you have " your people
  • Identify the skills most urgently in need and prioritize their acquisition
  • Determine which acquisition methods needs to be used for which skill to maximize impact and return on investment

Presented by:

Jason Lamont, Managing Director of IT Innovation and Emerging Technology, ATB Financial

 

Think Tank

Building Dynamic Security Teams

There's no other way to say it than bluntly; Information Security is a white-hot field within Information Technology as a whole " over the last dozen years it has gone from after-thought, to scapegoat, to critical enterprise success factor. As a result, the need for capable and qualified Information Security specialists, whether front-line Analysts, mid-level Managers, or top level CISOs is at an all time high, but personnel and skills availability is sinking to an all-time (at least in terms of supply and demand ratio) low. There simply isn't enough expertise in existence to go around, or enough education occurring to create it. In this environment, senior Information Security leaders have to get creative in their pursuit of the people, performance, and passion necessary to address this capability shortfall.

Takeaways:

  • Learn how to build grass-roots programs that cultivate a farm full of potential security experts through internal and collaborative programs
  • Find out how to leverage key organizational traits to generate buzz and interest where none existed before
  • Understand the relevance of certs vs. experience and how to evaluate and validate the value of candidates

Presented by:

Tara Kissoon, Managing Director, Head of IT Risk Management, CSA, BMO Financial Group View details

 
 
 

11:05 am - 11:30 am

Executive Exchange

 

Thought Leadership

HP Presents: The Mindset of Hacker

As Sun Tzu famously said, to know your enemy, you must become your enemy. This session is a unique opportunity to do just that. Join Canada's most infamous reformed hacker, Michael MafiaBoy Calce, as he sheds light on the biggest threat to today's CISO. Michael's presentation will provide a unique perspective on hackers' motives and tactics by highlighting the more unique methods and entry points targeted by today's cyber criminals

Sponsored by:

HP Inc. View details

 
 
 

11:35 am - 12:00 pm

Executive Exchange

 

Executive Boardroom

Planning for a MultiCloud Future

The promise of the cloud is almost beyond compare; infinite computing resources, unmatched reliability and uptime, instantaneous service availability, simplistic self-service and provisioning, and the low-low prices of a “buy by the drink” model. These are the reasons behind the rush to the cloud that we are currently experiencing, but the wholesale adoption does bring a downside – as more and more capability is moved to the cloud, more and more cloud providers are utilized since, for the most part, each provider offers only a limited suite of services. The MultiCloud environment that creates a new set of challenges that IT leaders need to overcome, notably resiliency, interoperability/integration, and security and compliance through careful planning and the lessons learned from building complex on premise distributed systems.

Takeaways:

  • As enterprises move to the cloud, MultiCloud environments will increasingly become the norm, not the exception
  • Consistent planning and thoughtful architecture will be essential to efficient and effective cloud deployments
  • IT leaders do not need to be alarmed, they’ve been down the complex environment path before, but they do need to be careful

Executive Boardroom

Shadow IT - To Embrace or Eliminate?

Best practice in most enterprises, at least as far as the CIO and CISO goes, is to squash Shadow IT wherever it is encountered. Shadow IT, the argument goes, leads to a world of data and integration problems for the IT department, and significant amounts of unknown and unquantifiable risk for the information security group. A small but vocal minority however is beginning to advocate for Shadow IT as a catalyst of innovation, citing the increases in productivity and creativity by allowing enterprise staff to find their own out of the box solutions to organizational problems. CISOs can allow their organizations to have their cake (Shadow IT) and eat it too (still be secure) by following a few simple steps that allow them to build in security regardless of user activity.

Takeaways:

  • Shadow IT is not malicious activity; it is simply the Line of Business user community looking to be efficient and effective
  • A well-developed security program can take Shadow IT into account and incorporate protection mechanisms that allow end user flexibility
  • Embracing Shadow IT does not mean no holds barred and end users need to understand the limit of the boundaries and the reason for their existence

Sponsored by:

PhishMe View details

 
 
 

12:05 pm - 12:45 pm

Executive Visions

Overcoming Cyber Security Concerns

Join the region's leading cyber security executives as they share current best practices and explore new proactive strategies and policies to combat and withstand threats. 

Understanding that breaches will occur, security executives must work with senior leaders and boards of directors to assess value, measure costs, and identify risk to then properly architect and implement a comprehensive security program.

Topics to include:

  • A view from the Board of Directors
  • Balancing threats versus compliance
  • Dealing with ever increasing regulatory and litigation actions
  • How to develop a cyber risk management strategy

Sponsored by:

CenturyLink View details

 
 
 

12:50 pm - 1:35 pm

Networking Luncheon


 

1:40 pm - 2:05 pm

Executive Exchange

 

Think Tank

Ensuring Data Quality

Data quality is one of the most critical issues facing every enterprise and whether data be duplicate, stale, incomplete, invalid, conflicting or just plain incorrect the impact of enterprise decision making and ultimately enterprise success and be significant and severe. As the number of data sources grows, as the speed with which data is collected and utilized increases, and as the raw volume expands almost exponentially, the impacts of poor data quality becomes more significant than ever before. IT executives must build strong data governance capabilities to ensure that enterprise data is kept unique, timely, complete, valid, consistent, and accurate.

Takeaways:

  • Data quality is not a new problem but the advent of the IoT age means that it will be a problem of greater relevance than ever before
  • The process by which data quality can be addressed isn't fun or sexy but where enterprises have often ignored it to date they can no longer do so
  • Enterprises that do not proactively address data quality now may find that IoT is their downfall rather than their savior

Presented by:

Scott Wu, VP Technology, Compass Group Canada View details

 
 

Think Tank

Building a Collaborative and Social IT Security Program

In todays environment there can be no arguing that a comprehensive IT Security program is a de facto requirement for every organization. Such a program needs to address the full range of security threats that can be leveraged against an organization, needs to be integrated into whatever regulatory and governance requirements exist, but beyond that it needs to be accessible, consumable, and actionable by everyone that is influenced by it, or interacts with it. Building a program that is shared through social channels and relies on the collaborative input of employees and constituents for not only creation but enforcement will drive higher levels of adoption, responsiveness and, ultimately, protection.

Takeaways:

  • A security program, that is the stated intentions of the organization combined with the policies and tools to back those intentions up is essential
  • The program needs to be easily communicated, easily consumed, and easily complied with
  • Using an open social and collaborative approach to creation, distribution, and enforcement ensure greater adoption and ultimately greater security

Presented by:

Craig Gibson, Chief Security Architect, Scotiabank

 
 

2:10 pm - 2:35 pm

Executive Exchange

 

Thought Leadership

Closing the Gap of Grief: Business Driven Security

How bad is it? When a breach occurs, how confident are you that you can quantify the impact to the organization in language they understand?  

This session describes the requirements for closing the gap: Complete visibility, to paint an accurate picture of what's happening across the environment. Faster insight, through better analytics and detection capabilities. Business context around incidents. And finally, more effective response, where security teams are certain they are taking the right actions to reduce risk and are sure they are protecting what matters most. 

Attendees will: 

  • Learn how to garner the right visibility, in the right context to defend what matters most.
  • Discover the 6 steps to take command of your evolving security posture in this uncertain, high risk world. 
  • Find out what it takes to link your security strategy with your business priorities

Sponsored by:

RSA View details

 
 
 

2:40 pm - 3:05 pm

Executive Exchange

 

Executive Boardroom

Sourcing Enabled Business Transformation

Innovation is more than just a buzzword; it's fast becoming the mantra by which successful companies live. As enterprises strive to become ever more agile, offloading mundane responsibilities to sourcing partners can free the resources to become innovative. While beneficial, this really only scratches the surface as it still requires and relies on your resources to undertake that innovation journey. Partners that can bring innovation wherewithal to the table however, that can bake it directly into the service offering provide a greater opportunity to innovate. Understanding how such services can be integrated into your day to day operations, how they can spring board your innovation efforts, and how they can allow you to become truly transformational is essential to innovation success.

Takeaways:

  • Transformational innovation often requires knowledge, insight, and data that you simply don't have the access to yourself
  • A strong partner not only provides the opportunity to innovate, it also provides the resources to help make it happen
  • By leveraging a single for both operational and transformational initiatives, significant economies of scale can be leveraged making innovation easier

Executive Boardroom

Increase Your Security Intelligence and Enterprise Compliance

The breadth and depth of security threats that are targeting the modern enterprise are bordering on overwhelming, but they're not alone as the breadth and depth of security solutions are also bordering on overwhelming. When security managers have to respond to alerts and warnings from dozens of security systems, and CISOs have to make strategic decisions based on fragmented data, it's hard to argue that security is improving. Security Information and Event Management (SIEM) platforms that aggregate the vast quantities of data, correlate diverse events, and filter the signal from the noise are allowing enterprises to get back ahead of the curve and make appropriate tactical and strategic decisions.

Takeaways:

  • The life of enterprise security staff is being complicated not just by the threats they face, but the tools they use
  • Abandoning tools isn't an option and CISOs need to help themselves and their staff get ahead of the curve
  • SIEM offers significant benefits in separating the wheat from the chaff and letting the business actually become secure
 

3:10 pm - 3:35 pm

Executive Exchange

 

Think Tank

Leadership Considerations in a Multi-Generational World

Executives are currently facing a difficult challenge in terms of personnel management because they are dealing with three very different generational groups of workers " Baby Boomers, Gen Xers, and Millennials. These three groups all have very different outlooks on the world and on work, and all have very different work styles and capabilities. These differences lead to lack of understanding and conflict in a lot of cases, conflict that leaders must learn how to overcome. Smart leaders know that they need to leverage the differences between generations rather than expecting, and trying to force, everyone to be the same, and that building an integrated workforce, with complimentary skills and abilities, is the key to long-term workforce stability.

Takeaways:

  • Boomers (1946 to 1964), Gen Xers (1965 to 1980), and Millennials (1981-2000) have had different life experiences which has given them different outlooks
  • Each group has specific and unique strengths that can and should be brought to bear to improve the enterprise
  • Building an integrated team that recognizes and rewards differences yields greater success than trying to homogenize everyone to the same standard

Presented by:

Eric Whaley, COO & CIO, Wolseley Canada Inc. View details

 
 

Think Tank

Speaking the Language of the Business

For many years the CIO, has struggled with the concept of IT-Business alignment and finding ways to ensure that the IT department and the Lines of Business with which it integrates have a common understanding and ability to communicate. Now, as the CISO and the information security department grow out of the IT shadow, they increasingly find themselves in the same position. Their challenge however is greater in that the concepts of IT security are in many ways more abstract than those of generalist IT, and their activities often run counter to the goals of the rest of the organization. CISOs must learn for the trials and tribulations of the CIO and the IT department, and find common ground with the business, to ensure they can hear what their partners are saying, while communicating their own points in understandable terms.

Takeaways:

  • IT-Business communications have long been strained and only now are improving across most organizations through concerted effort
  • IT has had to find ways to speak the language of the business " it was not the business that learned to speak IT
  • The CISO must adopt and emulate the successful communications practices and strategies of the IT department or risk serious relationship issues

Presented by:

Della Shea, Chief Privacy Officer and Vice President of Data Governance, Symcor View details

 
 
 

3:40 pm - 3:50 pm

Afternoon Networking Coffee Break

 

3:55 pm - 4:20 pm

Executive Exchange

 

Innovation Showcase

An exclusive opportunity to be exposed to the hottest new solutions providers in a quick-hit format designed to whet the appetite and spark immediate interest.
 

4:25 pm - 4:50 pm

Executive Exchange

 

Think Tank

To Android or Not to Android, THAT, is the Question

Android represents the most common and most popular mobile device operating system and any businesses developing for an external audience absolutely must ensure that Android is a supported platform in the capabilities it offers. However, Android is also the most unsecure platform with as much as 95% of all mobile malware inexistence targeting that platform and so businesses that allow mobility within their organization must very carefully consider that threat before they allow Android devices to connect. Rationalizing that dichotomy of a device that will be common and popular amongst the workforce yet at the same time represents a dire threat to enterprise security is an issue that every CIO and CISO must address.

Takeaways:

  • Android isn’t adoption isn’t going anywhere but up and enterprise mobility programs must be prepared for almost omnipresent Android devices
  • Android’s security issues are legendary however, and in an era of heightened scrutiny on and need for enterprise security, how can IT leaders allow such unsecure devices
  • Balancing user satisfaction and organizational protection is a fine line that IT leaders must constantly walk

Presented by:

Roy French, Chief Information Officer, Saint Elizabeth Health Care View details

 
 

Think Tank

Physical and Digital Convergence

The discussion around the convergence of physical security and information security dates back over a decade, but though much was made of the concept in the early 2000's little was actually done and the buzz faded. Flash-forward to today however and the buzz is back because of the increased focus on holistic risk management, the increased pressure of greater compliance requirements, and the increased demand for every aspect of the business to be a value generator. CISOs and CIROs need to evaluate the opportunities for both technology convergence (streamlining platforms) and organizational convergence (streamlining roles) to meet new threat protections mandates.

Takeaways:

  • As enterprise security matures and morphs or integrates into enterprise risk management, converged security becomes a must have
  • Convergence allows for far greater levels of visibility and control of threats and threat actors
  • Convergence enhances not just base security but also top-level risk management, enterprise compliance, and even operational value

Presented by:

Vivek Khindria, Director Information Security (Global CISO), Bell View details

 
 
 

4:55 pm - 5:20 pm

Executive Exchange

 

Think Tank

Moving from Operations to Transformations

The accepted number for the amount of the IT budget that is tied up in operational spend, in paying to maintain technology that has already been purchased, is 80% leaving only 20% for the IT department to use to drive new projects. Because this level of funding is so low, as much as 70% of IT sponsored projects fail. Yet IT departments are being constantly pushed to be innovative, to find a way to embrace new technologies and leverage them to drive business change. How can you do that when your time, money, and effort goes to just keeping the lights on? Join us as we collectively explore this issue and examine some of the successful strategies that are being leveraged by top IT leaders.

Takeaways:

  • The pressure on CIO's to drive change has never been higher, but fortunately neither has the opportunity to do so
  • Disruptive technologies don't just have the power to disrupt IT for the worse, they have the power to disrupt the business for the better
  • Fortune favors the bold; now is the time to take a leap into new modes of business to break the operational spend stranglehold

Presented by:

Gale Blank, VP IT, Holt Renfrew View details

 
 

Think Tank

Disaster Recovery and Preparing for the Inevitable

Like death and taxes, IT outages are an inevitability whether as the result of power loss, telecommunications outage, or any one of a myriad other potential technical and non-technical issues. In this environment, the savvy CIO knows that what matters most is preparation " being ready for that next outage with an IT infrastructure that is both resilient and flexible and Disaster Recovery procedures that allow for efficient and effective recovery, balancing Recovery Time and Recovery Point objectives with appropriate cost. Disasters happen but with proper planning they don't have to be disastrous to your business.

Takeaways:

  • In the event of a severe outage, businesses without a Disaster Recovery plan are at a significant disadvantage when it comes to recoverability and viability
  • DR planning cannot be an at all costs proposition and appropriate planning must take into account reasonable Recovery Time and Recovery Point objectives
  • Catastrophic outages get the press but are the thin end of the wedge " minor service interruptions are far more common and must be planned for as well

Presented by:

Lieutenant-Colonel Paul Chamberland, CIO & CISO - G6, 2nd Division du Canada, National Defence - Government of Canada View details

 
 
 

5:20 pm - 6:30 pm

Cocktail Reception

 

6:30 pm - 8:00 pm

Networking Dinner

 

8:00 pm - 10:00 pm

After Dinner Networking

 

Tuesday, February 28, 2017 - CISO Canada Summit

7:00 am - 8:00 am

Networking Breakfast

 

8:10 am - 8:40 am

Keynote Presentation

IT Integration in a Distributed IT World

It's no secret - the integration of disparate systems, disparate applications, and disparate data stores has long been one of the biggest challenges faced by the IT department. Simply put, getting everything to talk to everything is no easy task. The rapid adoption of cloud delivered services has compounded this problem almost exponentially - if it was hard to integrate when you controlled the whole stack it has become nearly impossible when you control very little of it. To be efficient and effective IT departments need to adopt a new model of system, application, and data integration. Endless webs of one-off point-to-point integrations simply won't cut it anymore and a purposeful, structured approach is required.

Takeaways:

  • Learn how to build a holistic strategy to integrate systems, applications, and data
  • Understand how to leverage SOA and ESB to streamline app to app communications
  • Discover the power and impact of holistic Master Data Management and other data integration processes
 

8:45 am - 9:15 am

Keynote Presentation

Addressing Privacy on a Global Scale

Of all the risk management issues that present themselves to the modern-day CISO, perhaps the most difficult to address is that of privacy. In and of itself, privacy is no different a challenge than protecting any other sensitive information, however the multi-jurisdictional impacts of the issue due to wildly differing laws between the US and European countries (as well as Canada, another country with strong privacy laws) make this an issue that is often times overwhelming to address. CISOs must work diligently to ensure that their privacy efforts conform with the standards of any jurisdiction with which they might work, where their data might be held and this is an almost overwhelming task.

Takeaways:

  • Privacy is one of the most challenging issues for any business and CISO to address
  • The difference in regulations between and among European countries (both those in and out of the EU itself) and North American ones means traversing a fraught landscape
  • A strong approach to privacy that addresses global differences is essential to being a stable and viable global business
 

9:20 am - 9:45 am

Executive Exchange

 

Share:

Thought Leadership

Innovating With the Lights On " How to Tip the Balance

CIOs are consistently challenged by their organizations to leverage emerging technologies like social, mobile, cloud and big data to drive new value. Where is the problem? Many IT leaders admit their spending is too heavily weighted toward keep-the-lights on projects (80%-90% in many cases), leaving little budget for truly transformational initiatives.  

Join this interactive session to learn how award-winning CIOs are successfully tipping the balance between innovation and "lights on" mix by untethering resources from costly ongoing maintenance of their legacy ERP systems including SAP and Oracle, to re-investing in high growth initiatives.

Sponsored by:

Rimini Street View details

 
 
 

9:50 am - 10:15 am

Executive Exchange

 

Executive Boardroom

Cloud Adoption Challenges on a Macro Level

The hype around the cloud is pervasive and can be potentially overwhelming but numerous studies have shown that tangible benefits can be had, whether in cost savings, efficiency improvements, or flexibility enhancements. That said numerous impediments exist to not just realizing that value, but even considering adoption; regulatory issues, integration challenges, business process revamp, and a dozen other challenges can halt cloud projects in their tracks before they get off the ground. In this group discussion we’ll explore those inhibitors, understanding which challenges prevent adoption and what can be done to overcome them.

Takeaways:

  • The cloud presents a significant opportunity to organizations and while most have adopted in some form or other, wholesale adoption still lags
  • To realize benefits enterprises must deal with a variety of challenges each one requiring different solutions
  • Industry by industry adoption is constrained for different reasons but do common solutions exist that can resolve issues across the board?

Executive Boardroom

Security in an Outsourced World

Building security into your enterprise processes, and integrating it with your existing technology investments has never been more critical or complicated than it is in this era of decentralized computing, and ever-tightening compliance requirements. Furthering this complication is the impact that partnering deals can have since infrastructure, applications, and even data may now longer be under your direct control. To be able to ensure efficient and effective security capabilities you need to understand the nature of the threats that exist today, the impact a sourcing relationship can have on these threats, and the mitigation strategies and tools key industry leaders are using to address the challenge.

Takeaways:

  • Social, Mobile, Cloud, and Analytics is already having a significant impact on enterprise security, sourcing potentially adds another layer of complexity
  • Beyond simple security however there are also issues such as privacy and compliance that also need to be considered
  • Investing in the right tools and practices is essential to weather the storm without breaking the bank
 

10:20 am - 10:30 am

Morning Networking Coffee Break

 

10:35 am - 11:00 am

Executive Exchange

 

Executive Boardroom

Big Data and Analytics at the Scale of Mobility

The explosive growth of data volume and data variety that have characterized this new Big Data era are set to head in a steeper upward trajectory as enterprises collectively begin to exploit the massive data flows that are coming out of mobile devices. As the volume of mobile devices eclipses that of human beings on the planet, just imagine the data volume that can be captured when every device and every individual is streaming a constant set of contextual status information. Data growth by itself however is only a small portion of the story, as to have value this data must be analysed in essentially real-time in order to create actionable outcomes.

Takeaways:

  • Big Data today may be big, but every single one of the v's that compose it (Volume, Variety, Velocity, Veracity and Value) is set to increase exponentially as a result of wholesale mobility adoption
  • The ability to analyse, interpret, and find meaning in this vast sea of data will be single biggest differentiator in enterprise success
  • Enterprises will have to walk a fine line when it comes to privacy of the information they collect to ensure the continued ability to do so.

Executive Boardroom

Balancing Reactivity and Proactivity in Enterprise Security

As with all things in life, the focus on how to conduct enterprise security ebbs and flows between varying degrees of reactivity and proactivity. In the old school Security 1.0 world, where the focus was almost completely on network security, efforts were in general proactive in nature with firewalls and anti-malware seeking to prevent threats before they even occurred. This didn't work so well and so Security 2.0 focused on reactivity, wrapping things like encryption around the data so that even if a breach occurred, the loss would be mitigated. Yet breaches, and losses, continue to occur. So if primarily proactive security doesn't work, and if primarily reactive security also doesn't work, how then do we find the right balance between the two to find a security posture that does work?

Takeaways:

  • Proactive security measures, those that prevent a threat from occurring are valuable and necessary but haven't proven effective
  • Reactive security measures, those that mitigate a threat that has occurred are also valuable but complicated a limit enterprise efficiency and efficacy
  • A new approach is needed, but is that one that blends techniques or one that finds new approaches (whether they be reactive, proactive, or both)?
 

11:05 am - 11:30 am

Executive Exchange

 

Think Tank

Disrupting Markets with Disruptive Technologies

While the combination of Social, Mobile, Analytics, and Cloud have been present and disrupting IT departments and enterprises as a whole for over two years now, in many ways organizations have still not fully embraced them, have still not fully leveraged them. These new platforms allow organizations radically new ways to go to market, allowing for broad scale deployment of systems of engagement that create dynamic relationships with clients and prospects. Finding the resources, wherewithal, and ability to fully commit to these technologies and the capabilities they create has proven to be a struggle for many, but a struggle that can be overcome by leveraging the right partners that bring the right skills and experiences to bear.

Takeaways:

  • Social, Mobile, Analytics, and Cloud are all here to stay; each one adds value to enterprises but collectively that value increases exponentially
  • The manner in which these technologies are implemented, operated, and utilized is different than the foregoing systems of record we are used to
  • Unique skills and capabilities are required to leverage the power and value of these platforms, skills and capabilities that can be in short supply

Think Tank

Security and Compliance; Chicken and Egg or Chalk and Cheese?

Since regulatory (and industry) compliance became a notable thing in the early-mid 2000's it has been intimately linked with information security and often times has been the lever (or hammer) by which enterprises made necessary investments in security. But being compliant and being secure aren't the same thing, and in too many cases enterprises that were perfectly compliant have been perfectly breached. A new focus is needed; one that respects that while security and compliance are not the same thing, they are working towards the same goal (a reduction in overall enterprise risk exposure) and sees that compliance flows from security.

Takeaways:

  • While a secure company is likely a compliant company, the same cannot be said of the reverse situation
  • Just because compliance has loosened the purse strings doesn't mean it takes a pre-eminent position on security investments
  • Reducing enterprise risk is the goal of both practices but without appropriate focus on both is a goal that will never be achieved

Presented by:

Rob Labbe, Director, Information Security, Teck Resources Limited View details

 
 
 

11:35 am - 12:15 pm

Executive Visions

Diversity in IT

The importance technology plays within an enterprise will only continue to gain momentum as more developers, engineers, and programmers enter the workforce. As these segments continue to grow, so does the diversity of the workforce within the technology field. For a field that is severely constrained by a talent and skills gap, this influx of bodies can only be a good thing. Beyond the basic ability to deliver of identified capabilities a diverse workforce, whether cultural or gender influenced offers a whole that is more than the sum of the parts. Finding ways to drive and increase diversity in IT then should be a key focus for every IT executive.

Takeaways:

  • Identify the importance behind diversity in technology, opportunities, and capabilities
  • Discuss the importance of cultivating diversity at the grass-roots level and building post-secondary programs that drive awareness of and interest in IT
  • Understand the hurdles that exist that limit the prevalence of diversity in IT, and what steps must be taken to lower, if not eliminate, them

Panelists:

Eric Whaley, COO & CIO, Wolseley Canada Inc. View details

 
 

Priya Sirwani, Global Chief Information Security Officer, Aimia Inc

 
 

12:15 pm - 12:25 pm

Thank You Address and Closing Remarks

 

12:30 pm - 1:20 pm

Grab and Go Luncheon