Toronto CISO Executive Summit

June 14, 2022 | Marriott Downtown at CF Toronto Eaton Centre

June 14, 2022
Marriott Downtown at CF Toronto Eaton Centre

REGISTER NOW

Collaborate with your peers

Get together with Toronto's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Supporting business agility with risk-based programs

Evaluating, communicating and responding to evolving threats

Building a culture of security to enable smart, secure decision-making

Toronto CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Zaki Abbas

Brookfield Asset Management
SVP, CISO

Michael Dundas

Manulife
AVP, Cyber Protection

Sandra Liepkalns

Choice Properties REIT
VP, Information Security & Data Governance

Ranjika Manamperi

Ontario Power Generation
Vice President Cybersecurity & CISO

Mike Melo

LifeLabs
VP Technology Shared Services & CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Toronto CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


June 13, 2022

6:00pm - 8:30pm  Governing Body Welcome Reception

Governing Body Private Dinner

On behalf of the Toronto CISO Governing Body, we invite you to "turn back time" with us with an evening of peer networking followed by 1980s-themed trivia games! 

Test your knowledge of all things '80s pop culture by participating in a series of trivia-like games covering subjects such as general knowledge, TV and movie clips, pop music hits, iconic automobiles and more! (Walkmans, acid wash jeans, teased hair and leg warmers optional.)

June 14, 2022 - morning

7:30am - 8:15am  Registration & Breakfast

8:15am - 9:00am  Keynote

Creating and Jumpstarting an Inclusive Culture

Keith Wyche headshot

Keith Wyche

Vice President, Community Engagement and Support

Walmart

In the wake of major social and political change over the past decade, employers large and small alike have taken steps to increase diversity, equity, and inclusion. Yet despite growing pressure and awareness, progress is slow and most corporate DE&I initiatives are not yet achieving the desired results. With so many steps forward, how come representation still is not where it needs to be at senior levels for almost every diverse group?

Join this session to learn more as Keith Wyche:

  • Provides real, actionable steps for those who are serious about DE&I, and looking for solutions to improve the experience of Black and other underrepresented groups, colleagues and leaders within the organization
  • Shares a collection of best practices backed by research and strategies
  • Provides a roadmap for leaders to create breakthrough change that explores meaningful topics

9:00am - 9:30am  Networking Break

9:30am - 10:15am  Breakout Session

Leading Through Cyber Crisis — Combating Today’s Emerging Attacks

Rob McLeod headshot

Rob McLeod

Vice President, Threat Response Unit

eSentire

Ryan Westman headshot

Ryan Westman

Senior Manager, Threat Intelligence

eSentire

Cybersecurity business leaders must demonstrate vision, agility, and flexibility to build truly responsive security operations capable of combating today’s emerging attacks.

Join eSentire Threat Response Unit (TRU) experts Rob McLeod & Ryan Westman, as they share 3 unique cases of leading through crisis, demonstrating how you too can govern with proactivity and confidence in order to reclaim the advantage over new cyber attack methods.

Case studies and discussions will cover:

  • How to address targeted and opportunistic threats stemming from global geopolitical tensions
  • Evolving your defenses to protect the spectrum of ransomware as a service
  • Containing the impact of aggressive extortion attacks

9:30am - 10:15am  Breakout Session

Communicating Risk Through Your Organization

Steve Ferrigni headshot

Steve Ferrigni

Chief Information Security Officer and Director of Security

CSA Group

Heloisa Ribeiro headshot

Heloisa Ribeiro

Head of the Cybersecurity Program, Enterprise Information Security

EDC

CISOs aren't just cybersecurity experts with a wealth of experience as practitioners – they're also business leaders. That means being fluent in the technical language of security and risk management isn't enough: CISOs need to know how to effectively communicate and champion security initiatives across all levels of the organization, from technology SMEs to senior leadership and the board.

In this collaborative session, Steve Ferrigni and Heloisa Ribeiro will present a series of real-world risk scenarios and facilitate an interactive discussion on how to systematically evaluate and manage risk and encouraging a culture that embraces risk management across all functions.

9:30am - 10:15am  Executive Boardroom

Zero Trust – Hype or Hope?

Phil Fodchuk headshot

Phil Fodchuk

National Threat Management Leader

IBM

Davis Arora headshot

Davis Arora

Senior Director of Cyber Security

Honeywell

Manas Giri headshot

Manas Giri

CISO

WestJet

An organization's ability to achieve successful digital transformation is in large part enabled by the security team. Distributed, loosely connected infrastructure and tools, coupled with the demand for almost any-to-any connectivity, complicates the mission. Regularly defined as being delivered by a single "silver bullet" point solution, the term zero trust is now often held in poor regard. It is however, a highly effective conceptual framework, and perhaps even a cultural shift, that many organizations have been working with for several years.

Join this interactive boardroom hosted by IBM to discuss:

  • The broader definition of what a zero trust framework is
  • The foundational control required to build a zero trust program
  • Strategies for improving the user experience and proving value to get organization-wide acceptance

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Nick Hall at nick.hall@evanta.com

9:30am - 10:15am  Executive Boardroom

Beyond Initial Intrusion – Defending Against Advanced Threats on the Network

Jappreet Bath headshot

Jappreet Bath

Senior Sales Engineer

ExtraHop

Sandra Liepkalns headshot

Sandra Liepkalns

VP, Information Security & Data Governance

Choice Properties REIT

Aamir Bhaijiwala headshot

Aamir Bhaijiwala

Director Information Security

Chartwell Retirement Residences

Based on Gartner research, 75 percent of cybersecurity budgets go to preventing initial intrusion and only 25 percent on detection and mitigation. However, the real damage to the enterprise happens once the attacker is already inside the network, working their way toward carrying out a costly breach or extortion.  

Join this boardroom to discuss:

  • Key areas to reduce cyber risk and build resilience
  • The advanced attack techniques that bad actors are forced to rely on and how to spot them
  • Strategies to increase the speed of detection and mitigation

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Nick Hall at nick.hall@evanta.com

10:15am - 10:45am  Networking Break

10:20am - 10:45am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

10:45am - 11:30am  Breakout Session

Third-Party Cyber Risk — Zero-Day Findings and Mitigation

Joel Molinoff headshot

Joel Molinoff

Vice Chairman

BlueVoyant

Managing distributed risk is today’s defining cybersecurity challenge. Mitigation of zero-day vulnerabilities is critical as adversaries exploit supply chain entities. This session explores how to identify all third parties impacted by zero-day vulnerabilities and guide their mitigation efforts. Your vendor, supplier, and partner ecosystem is now your enterprise attack surface.

Join this session hosted by BlueVoyant to learn:

  • How to manage distributed risk associated with hundreds and even thousands of vendors, suppliers, and partners
  • Approaches to identify, prioritize, and mitigate active threats and critical/zero-day vulnerabilities
  • Strategies to reduce supply chain/external ecosystem risk associated with zero-day

10:45am - 11:30am  Breakout Session

Actionable Intelligence — Keeping Pace with Relentless Threats

Priya Sirwani headshot

Priya Sirwani

Global CISO

Fiera Capital

Tom Verhoog headshot

Tom Verhoog

Global Information Security Manager

Celestica

Efficiently employing actionable threat intelligence is key to staying ahead of the next wave of threats. A fast-moving threat intelligence program that highlights the latest risks can spell the difference between preventing a breach or becoming the next headline. How can CISOs sift through the deluge of information?

Join this session to hear security leaders discuss:

  • Pinpointing and using actionable threat intelligence
  • Better leveraging their peer communities to share threat intel
  • Keeping up with the evolving nature of today’s threat landscape

10:45am - 11:30am  Breakout Session

Data Doesn’t Lose Itself

John Checco headshot

John Checco

Resident CISO

Proofpoint

Your people are your most valuable asset, your greatest vulnerability, and your best defense. CISOs seeking to prevent data loss from malicious, negligent or compromised users can correlate content, behavior and threats for better insight and streamlined investigations.

Join this session to discuss:

  • Augmenting your data protection program with the right people and processes
  • Transforming your employees into effective data defenders
  • Managing insider threats and preventing data loss at the endpoint

10:45am - 11:30am  Executive Boardroom

Defend the Endpoint — Accelerate Recovery

Jeff Worthington headshot

Jeff Worthington

Executive Strategist

CrowdStrike

Dan Di Salvo headshot

Dan Di Salvo

VP, Infrastructure & Security Services

Maple Leaf Foods

Jeff Stark headshot

Jeff Stark

CISO

Fasken

Adversaries are increasingly fast and stealthy, don’t respect time zones or holidays, and often execute damaging intrusions in hours.  Every second matters when under attack and the first steps taken in the wake of a threat can determine success or downtime and disruption. How are you ensuring you have the tools and processes to protect your endpoints and the organization from today’s threats?

Join this interactive discussion for strategies to:

  • Deploy the right endpoint security tools to stop an adversary with speed
  • Identify resources to appropriately implement, operate and maintain an effective security program
  • Secure critical applications even in a state of compromise

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Nick Hall at nick.hall@evanta.com

10:45am - 11:30am  Executive Boardroom

Elevating AppSec to a Board-Level Discussion

Sohail Iqbal headshot

Sohail Iqbal

CISO

Veracode

Sohaib Syeed Ahmed headshot

Sohaib Syeed Ahmed

Information Security Officer

First National Financial

Kush Gidda headshot

Kush Gidda

Director, Application Security

Zynga

As we’ve all learned (sometimes painfully — or worse, publicly), the open source libraries and resources developers use to build applications faster also come with vulnerabilities that can all-too-easily make it into products. Board members have learned these lessons, too, and now want more frequent updates and insight into security initiatives.

Join this boardroom hosted by Veracode to discuss bringing the AppSec conversation into the boardroom. You'll leave with actionable tips and advice on:

  • Understanding board members’ concerns and priorities
  • Presenting information and metrics in a way that board members understand
  • Getting board buy-in on your plans and budget to stay ahead of the threat landscape and innovation curve

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Nick Hall at nick.hall@evanta.com

11:30am - 11:40am  Break

June 14, 2022 - mid-afternoon

11:30am - 12:30pm  Lunch Service

12:30pm - 1:05pm  Keynote

Data-Driven Security Can Outpace Threats

Matt Costello headshot

Matt Costello

Vice President

Booz Allen Hamilton

Amy Boawn headshot

Amy Boawn

Principal/Director

Booz Allen Hamilton

Forward-looking organizations understand that data drives everything. Effectively structured and contextualized data creates enterprise-wide visibility that enables organizations to take a proactive approach to security. Failure to embrace a data-driven approach to security risks forgoing significant future revenue growth and leaving your organization exposed.

In this session Booz Allen Hamilton will share how organizations can establish a data-driven culture by:

  • Building an open architecture with cost-efficient data hubs
  • Overcoming information overload using data analytics, AI and machine learning
  • Leveraging talent and technology across security teams to find solutions

1:05pm - 1:20pm  Break

1:20pm - 2:05pm  Breakout Session

From the Front Lines – The Ransomware Defense Strategies that Worked

Oren Wortman headshot

Oren Wortman

VP Cyber Security Services, NA

Sygnia

Yotam Meitar headshot

Yotam Meitar

Incident Response Manager

Sygnia

Over the past year, we partnered with more than 100 organizations to defeat ransomware attacks. Join our session to find out what strategies worked for these CISOs, and how you can build on their experience to secure your network. Ransomware attacks have evolved, but if you identify the threat early-on, technologies already in place can eliminate it with no need for additional spend.

Join this session hosted by Sygnia and discover:

  • Real-world case study: The anatomy of a heavyweight ransomware attack
  • Key pitfalls commonly overlooked by security teams
  • Quick wins for preventing ransomware attacks without investing in additional technologies

1:20pm - 2:05pm  Breakout Session

Closing the Security Talent Gap

Mike Melo headshot

Mike Melo

VP Technology Shared Services & CISO

LifeLabs

Alpha Chan headshot

Alpha Chan

Staff Sergeant - Cyber Security Lead

Toronto Police Service

Somewhere out there, the next generation of security leaders is maturing. But how can CISOs recruit, train and retain tomorrow’s security executives when today’s talent shortage makes it difficult to fill even the most basic roles? With employee expectations at an all-time high, CISOs are finding that now is the time to get creative.

In this interactive session, Mike Melo and Alpha Chan will share their own experiences sourcing security talent for their organizations and lead an open discussion to hear the challenges and success others are seeing in this increasingly tight labor market. 

1:20pm - 2:05pm  Executive Boardroom

Security Is a Team Sport

Shamla Naidoo headshot

Shamla Naidoo

Head of Cloud Strategy & Innovation

Netskope

Brenda McCulloch headshot

Brenda McCulloch

CISO

Teranet

Simon Brown headshot

Simon Brown

Senior Director, Cybersecurity & Risk Management

Canopy Growth Corporation

Building trust and resilience across infrastructure and security teams is key to defending the enterprise. As companies execute zero trust strategies, the partnership between CIOs, CISOs, and their teams is more important than ever.

Join this session hosted by Netskope to learn about:

  • The critical components of a modern zero trust strategy
  • Proven practices for infrastructure and security collaboration
  • Improving internal stakeholder relationships to make the right investments and fuel business outcomes

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Nick Hall at nick.hall@evanta.com

1:20pm - 2:05pm  Executive Boardroom

You Can Have Both ⁠— Balancing Security and User Experience

Ian Hassard headshot

Ian Hassard

Director, Product Management

Auth0

Jihad Hazime headshot

Jihad Hazime

Director of DevSecOps & S-SDLC

MarshMcLennan

Waruna Jay headshot

Waruna Jay

Vice President, Information Technology

Auxly

Today’s threat actors aren’t hacking in — they’re logging in, as attacks on identity systems become more prominent. Traditional access control systems treat legitimate users and attackers the same way ⁠— resulting in unnecessary friction for users, or ease of use for attackers. Historically, companies have been forced to prioritize and compromise between these priorities. Not anymore.

Join us and discuss:

  • Common attack vectors targeting identity systems
  • Debunking misconceptions around balancing your security, convenience and privacy
  • The benefits of upgraded authentication tech (fingerprint, voice authenticators)

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Nick Hall at nick.hall@evanta.com

June 14, 2022 - afternoon

2:05pm - 2:35pm  Networking Break

2:10pm - 2:35pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

2:35pm - 3:20pm  Breakout Session

Succeeding Amid Rapidly Changing OT Threats

Kyle Miller headshot

Kyle Miller

Principal

Booz Allen Hamilton

Digital manufacturing and the connected factory are redefining the future. Operational Technology (OT) and Information Technology (IT) are coming together at a speed that challenges the ability of many security teams to keep pace.

Join this session to hear expert insight on:

  • Lessons learned from executing hundreds of OT cybersecurity assessments
  • Orchestrating and implementing an OT cybersecurity transformation
  • Determining how to measure success with metrics that matter


2:35pm - 3:20pm  Breakout Session

Stress in Security — An Insidious Insider Threat

Deepak Upadhyaya headshot

Deepak Upadhyaya

CISO, Partner - Digital Tech and Risk

Baker Tilly International

Patrick Gilbert headshot

Patrick Gilbert

Sr. Director, Information Security

Lowes Canada

Ranjika Manamperi headshot

Ranjika Manamperi

Vice President Cybersecurity & CISO

Ontario Power Generation

Within the security function, stress is a given. Between managing vulnerabilities, implementing new solutions, and navigating governance and company-wide risk assessments, it’s not a surprise that security professionals - and especially CISOs - are experiencing such high levels of burnout. What can security leaders do to better support the wellbeing of their teams and ensure their best line of defense against attacks stays strong?

Join this session to hear from a panel of security leaders on:

  • How to model the work/life balance you want to see on your team
  • Ways to implement your employee wellbeing strategy
  • Why trust and openness with your team is key to their mental health

2:35pm - 3:20pm  Executive Boardroom

Modernizing Advanced Threats Through Automation

Patrick Vandenberg headshot

Patrick Vandenberg

Head of Product Marketing

Hunters

Fred Hopper headshot

Fred Hopper

Vice President, Security, Quality & Process Improvement

Giesecke+Devrient Mobile Security

Craig Newell headshot

Craig Newell

VP, Enterprise Information Security

GDI Integrated Facility Services

Between skills shortages and the escalating sophistication of threats, security teams are looking beyond SIEM to overcome data volume, complexity and false positives. CISOs need new approaches to data ingestion and retention, and automation of threat detection/response for increased SOC efficiencies.

Join this peer roundtable discussion, hosted by Hunters, to discuss:

  • How SOCs are leveraging automation to improve their threat detection, and incident response practices
  • How to cover the entire attack surface at a predictable, manageable cost for better security outcomes
  • Ways to incorporate MITRE-ATT&CK and MITRE-D3FEND framework into threat detection and response

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Nick Hall at nick.hall@evanta.com

2:35pm - 3:20pm  Executive Boardroom

From Workloads to Identities — Unifying Cloud Management

Eric Kedrosky headshot

Eric Kedrosky

CISO

Sonrai Security

Michael Dundas headshot

Michael Dundas

AVP, Cyber Protection

Manulife

When security and functionality fight, functionality always wins. The pace of innovation and growth in the cloud, combined with increasingly complex business and user needs, demands that security leaders adopt better tools and a new mindset — one that empowers their teams to manage risk at scale.

Join this session hosted by Sonrai Security to discuss:

  • Why gaining visibility is a growing challenge in multi-cloud
  • How to help teams more effectively prioritize risks
  • How to align security solutions to achieve a more unified cloud strategy

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact: Nick Hall at nick.hall@evanta.com

3:20pm - 3:35pm  Networking Break

3:35pm - 4:10pm  Keynote

Cybersecurity in Provincial Healthcare — A Collaborative Approach

Kashif Parvaiz headshot

Kashif Parvaiz

CISO, RSOC Program Director

University Health Network

In response to the rise in cyberattacks on the healthcare sector, the Ontario Ministry of Health launched a province-wide pilot initiative - the Regional Security Operations Centre (RSOC) - to improve the cyber capabilities and maturity level of multiple healthcare organizations across Ontario. 

In this session Kashif Parvaiz, CISO of University Health Network and Toronto-area RSOC Program Director, will share how participating healthcare systems have come together to standardize core security capabilities across their organizations and create a cost-effective shared services approach to defending against and responding to cyber threats.

4:10pm - 4:40pm  Closing Reception & Prize Drawing

REGISTER

We look forward to seeing you at an upcoming in-person gathering


Evanta programs are uniquely positioned to succeed in the current landscape.

  • Our invitation-only gatherings are designed to be smaller in scale, providing a safe and comfortable environment.
  • All in-person programs are local and complimentary, with zero impact on your organization’s T&E.

To ensure the well-being of participants, partners, and associates, we will continue to monitor and adhere to government, venue, and health agency guidelines.

As a part of our commitment to create the safest possible environment, we are requiring all participants, partners, and associates to confirm adherence to our program participation requirements prior to arrival. Additional information and FAQs can be found here: Health and Safety Policy.

Location


MORE INFORMATION

A block of rooms has been reserved at the Marriott Downtown at CF Toronto Eaton Centre at a reduced conference rate. Reservations should be made online or by calling 1-416-597-9200.

Deadline to book using the discounted room rate of $319 USD (plus tax) is May 26, 2022.

Your Community Partners


Global Thought Leader
CISO Thought Leader
Program Partners

Toronto CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program contact.

Nick Hall

Senior Program Manager

425-318-0488

nick.hall@evanta.com