IN-PERSON

Toronto CISO Executive Summit

May 31, 2023 | Sheraton Centre Toronto Hotel

May 31, 2023
Sheraton Centre Toronto Hotel

Collaborate with your peers

Get together with Toronto's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Setting expectations and navigating challenges in third-party relationships

Collectively conquering the challenges of the steadily-competitive talent hunt

Charting the trajectory of security executives now speeding toward new responsibilities

Toronto CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Governing Body Co-Chairs

Michael Dundas

Manulife
Global Head (AVP) of Cyber Protection, Architecture and Engineering

Sandra Liepkalns

Choice Properties REIT
VP, Information Security & Data Governance

Ranjika Manamperi

Ontario Power Generation
VP Cybersecurity & CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Toronto CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


May 30, 2023

6:00pm - 8:30pm  Governing Body Welcome Reception

Governing Body Welcome Reception

Join members of the Toronto CISO Governing Body and their invited guests to launch the Executive Summit with a private networking reception.

Security leaders from Toronto and Eastern Canada's leading organizations, as well as supporting partners and speakers at the CISO Executive Summit the next day, will come together for an informal evening of food, drinks, conversation and fun. 

You'll have the opportunity to take a break from screens and stress, and instead get a little creative with your peers with some literal team-BUILDING — all with Legos! 

Where: Club 43 | Located on the 43rd floor of the Sheraton Centre Toronto

When: May 30 | 6:00-8:30pm

11:00am - 11:45am  Breakout Session

Gaining the Upper Hand — Offensive Threat Elimination

Brenda McCulloch headshot

Brenda McCulloch

CISO

Teranet

Alex Cameron headshot

Alex Cameron

Partner and Co-Chair, Privacy and Cybersecurity Group

Fasken

Chris Lynam headshot

Chris Lynam

Director General of the National Cybercrime Coordination Centre and Canadian Anti-Fraud Centre

Royal Canadian Mounted Police

Vern Crowley headshot

Vern Crowley

D/Sergeant, OPP Cybercrime Investigations Team (CIT)

Ontario Provincial Police

During a breach, it’s easy to feel like your options are limited. But there’s one recourse you likely haven’t tried – offense. With the power of your team and the support of cyber law enforcement, you may be able to permanently shift the threat landscape. 

Join this paradigm-destroying executive session and: 

  • Hear why some executives say we’re going too soft on threat actors
  • Take a break from goal tending to consider your potential as a striker
  • Identify and overcome the political hurdles holding you back

11:00am - 11:45am  Breakout Session

Security Strategies for a Robust Threat Management Program

Brad Stocking headshot

Brad Stocking

Associate Partner & Zero Trust Lead, IBM Security

IBM

Despite a dynamic threat landscape and constantly changing malicious TTPs, CISOs must prepare their organizations to thrive in growing complexity. From widely distributed infrastructures to high volumes of tools with different levels of control and responsibility, it can be difficult to maintain true visibility across environments. How can shifting from reactive to proactive threat management be incorporated into your security strategy to help achieve this?

Join this session to learn about:

  • Identifying blind spots due to information fragmentation
  • Understanding your full attack surface and the challenges of lowering risks
  • Reducing the noise and stress being fed into threat management systems and pressure on teams

11:00am - 11:45am  Executive Boardroom

IaC, Malware, Ransomware, Oh My!

Assaf Afek-Levy headshot

Assaf Afek-Levy

CISO

GFL Environmental

Beeya Makkar headshot

Beeya Makkar

Director, IT Ops & Governance

Purolator Inc.

Mark McGinnis headshot

Mark McGinnis

Manager, Security

Giesecke+Devrient Mobile Security

Josh Hankins headshot

Josh Hankins

Chief Technical Security Officer (CTSO) - Americas

Qualys

Shift Left? Shift Right? CSPM/CWPP/CNAPP, CDR…  the list of cloud security acronyms and slogans can be terrifyingly long. Terms are often used interchangeably depending upon the prism of the vendor you speak with. At the end of the day, it’s crucial as a security leader to have a clear thought-process on what tools your organization uses, so you aren’t fighting with one arm tied behind your back.   

Join this executive boardroom to discuss:

  • What makes up a good set of cloud tools to choose from at your disposal
  • Best practices for a modern organization to defend and monitor cloud infrastructure
  • Potential differences in the approach for single vs. multi-cloud

11:00am - 11:45am  Executive Boardroom

Shift Up Security – Eliminating Silos, Gaining More Control & Increasing Visibility

Surinder Singh Rait headshot

Surinder Singh Rait

Global Head of IT Security Assurance

Ericsson

Julian Marin headshot

Julian Marin

AVP, Technology & Cybersecurity Risk

TD Bank Group

Terence Lam headshot

Terence Lam

AVP Cyber & Technology Risk

Canadian Tire Corporation

Ganesh Pai headshot

Ganesh Pai

Founder and CEO

Uptycs

Attackers don’t think in silos – they exploit weaknesses in any lateral, adjacent area. At the same time, the cybersecurity industry is on collision course with an ever-growing volume, variety, and velocity of data. To solve for this, many organizations rely on siloed security investments across cloud, containers, laptops, and servers. So now, how do we increase collaboration and reduce silos to yield faster, more effective threat detection and response?

Join this executive boardroom to discuss and share strategies for:

  • Getting a fuller picture and answering questions in minutes, not hours
  • Identifying and stopping threat actors before they can access crown jewel data/services
  • Moving toward a more cohesive enterprise-wide security and compliance posture

11:45am - 12:30pm  Lunch Service

12:30pm - 1:05pm  Keynote

Realizing Business Value with Zero Trust Security

Jay Chaudhry headshot

Jay Chaudhry

CEO, Chairman & Founder

Zscaler

Vinay Puri headshot

Vinay Puri

VP, Head of Security Architecture

Thomson Reuters

Olivera Zatezalo headshot

Olivera Zatezalo

GM, Cyber Security & Privacy

Suncor Energy

Uncertain economic times force leaders to do more with less. The tech industry is going through a period of downsizing and cybersecurity budgets are not immune from cuts. Executives must be creative if they want to maintain or expand their operations with fewer resources. Fortunately, cloud technology offers businesses several ways to maximize their investments.

Join this session to learn:

  • How the cloud can reduce security risks while driving greater productivity
  • Ways software-defined solutions can securely transform your business into a supercharged connectivity engine
  • Tricks for performing simplified M&As and reducing network complexity without exposing your organization to new risks

1:05pm - 1:30pm  Break

7:45am - 8:30am  Registration & Breakfast

8:30am - 9:15am  Keynote

Strengths 2.0 — Applying Design Thinking to Your Strengths and Weaknesses

John Coyle headshot

John Coyle

CEO and Founder of "Speaking Design Thinking"

John K. Coyle is the founder and CEO of "Art of Really Living" and one of the world's leading experts in innovation and design thinking. Through the metaphor of sport, learn how individuals and teams can use innovation approaches to identify and leverage their unique strengths (and design around weaknesses). Become empowered to solve old problems in new ways and achieve breakthrough results. Understand how to apply the “Design Thinking” process to business and personal challenges. 

This will empower you to:

  • Achieve breakthrough performance by focusing on what you do best
  • Decide what to delegate, quit or outsource, and plan to maximize team resources
  • Create higher engagement and more effective collaboration with customers and colleagues

9:15am - 9:40am  Networking Break

9:40am - 10:25am  Breakout Session

What Are We Doing? ⁠— The Current and Future Cyber Insurance Climate

David Wasson headshot

David Wasson

SVP, Professional and Cyber Practice Leader

Brown & Brown Insurance

Andy Furnas headshot

Andy Furnas

Senior Director, Global IT Security

Four Seasons Hotels and Resorts

The cyber insurance application process is taking longer and has become more complicated in the last few years. Premiums are rising. Leaders from organizations big and small are questioning the value of Cyber insurance. Don’t struggle alone. Now's your chance to field your questions with a practicing insurance broker, and the executives with whom he partners.

Join this session for:

  • Different perspectives on the changing cyber insurance industry
  • A chance to troubleshoot your cyber insurance concerns
  • Open conversations about the struggles and benefits of investing in cyber insurance

9:40am - 10:25am  Breakout Session

Flipping the Asymmetry with Attackers — An Interactive Wargame

Oren Wortman headshot

Oren Wortman

VP Cyber Security Services, NA

Sygnia

Tom Sollel headshot

Tom Sollel

Director of Cyber Security Services

Sygnia

It’s time to play!

Preparing for a cyber crisis is imperative and can determine whether it becomes a major catastrophe or a manageable incident. What needs to be done in the first hours of a highly disruptive incident? What are the common options, dilemmas and pitfalls? And how can we get it right? Join our interactive incident simulation, based on a true story. Your decisions as executives will be presented and help shape the future of the victim organization.

During this session, we will:

  • Leverage the wisdom in the room to tackle complex challenges and get ahead of the attackers
  • Understand the impact of technical and stakeholder management decisions on the business
  • Discuss key pitfalls commonly overlooked by security teams

9:40am - 10:25am  Executive Boardroom

Reducing Cloud Complexity and Risk Through an Effective Cloud Security Strategy

Michael Dundas headshot

Michael Dundas

Global Head (AVP) of Cyber Protection, Architecture and Engineering

Manulife

Rod Hynes headshot

Rod Hynes

Director, Information Security

Bell Canada

Cristian Rodriguez headshot

Cristian Rodriguez

Field CTO - Americas

CrowdStrike

Security consistency, performance and visibility across on-premises, hybrid, and multi-cloud environments is the desired end state for enterprise CISOs. However, challenges including siloed security tools, increasing numbers of adversary attacks on cloud, limited runtime protection, and the lack of visibility while trying to enforce compliance can stand in the way of getting there.

Join this session to discuss how to:

  • Build attainable goals for a mature and effective cloud security model
  • Implement proven strategies to improve cloud security posture
  • Minimize risks to help achieve desired business outcomes

9:40am - 10:25am  Executive Boardroom

Embedding a Proactive Security Culture Within Your Organization

Craig Newell headshot

Craig Newell

VP, Enterprise Information Security

GDI Integrated Facility Services

Sachin Patel headshot

Sachin Patel

VP, IT

DMC Mining Services

Despite efforts from phishing simulations and security awareness campaigns, the human factor remains a key vulnerability in organizations’ line of defense. CISOs must execute a cross-functional educational strategy to shift employee behavior from reactive to preventive.

Join this conversation to explore:

  • Implementing, managing and measuring a security-first mindset across the business
  • Tailoring your awareness campaigns to prioritize prominent and complex threats  
  • Upskill teams to improve cyber resiliency and demonstrate the value strong IT hygiene brings to an organization

10:25am - 11:00am  Networking Break

10:30am - 10:55am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

1:30pm - 2:15pm  Breakout Session

Identity is the New Perimeter

Keith Benedict headshot

Keith Benedict

Director IT Security, Audit and Compliance

Postmedia Network Inc

Tracy Dallaire headshot

Tracy Dallaire

Director Information Security

McMaster University

The number of human and machine identities seeking access to data and critical business systems has grown exponentially, in turn increasing the threat landscape and challenging traditional IAM paradigms. How do security leaders keep a pulse on tools and capabilities to assess their organization’s cybersecurity posture?

Join this interactive session to discuss:

  • New risks organizations are encountering when it comes to identity
  • Processes, policies and tools that add value to your IAM program
  • Strategies for engaging other stakeholders/functions about access needs

1:30pm - 2:15pm  Breakout Session

Staying Ahead of Bad Actors and Securely Accelerating your Cloud Transformation

Bob West headshot

Bob West

Chief Security Officer, Prisma Cloud

Palo Alto Networks

Digital business is driving the continued migration of workloads to the cloud at a greater pace than ever. However, the complexity of securing cloud applications and their development and delivery pipelines across multi-cloud environments are causing many organizations to fall behind or inadvertently introduce security weaknesses. Between misconfigurations, over privileged identities, exposed sensitive data, source code vulnerabilities, and supply chain risks there are a myriad of considerations that have made cloud security humanly challenging to address.

In this cloud transformational session, we will discuss

  • How to get a 360° view of cloud security challenges across the code/build/deploy and run lifecycle
  • How to harness the power of data, threat intelligence, and AI to detect and prevent cloud threats
  • Ways to foster teamwork between developers, cloud ops, and security teams

1:30pm - 2:15pm  Executive Boardroom

Making Every Security Investment Count

Patrick Gilbert headshot

Patrick Gilbert

Senior Director, Information Security

Rona

Sam Rego headshot

Sam Rego

CISO & Senior Director IT, Infrastructure & Operations

Mohawk Medbuy

Umar Hossain headshot

Umar Hossain

Head of IT Operations & Cybersecurity

Staples Canada

Bruce Potter headshot

Bruce Potter

Cybersecurity Advisor

Expel

Today’s business leaders find themselves squaring up against a two-headed monster: more attack surfaces and threats to cover than ever before and macroeconomic challenges loom. Cybersecurity isn’t something that orgs can afford to “cut down on,” so increasingly, leaders are asked to achieve even greater outcomes with the same or fewer resources — from budgets to tech to headcount. As security continues to evolve as a business-critical function, how can CISOs evaluate spend without compromising on risk?

Join this session to discuss:

  • Ways organizations are improving ROI on existing security investments
  • How leaders can translate risk into business outcomes for leadership and boards, enabled by security investment
  • How to overcome challenges security leaders face as they work to scale, grow, and innovate without sacrificing security

1:30pm - 2:15pm  Executive Boardroom

Tackling the Challenge of Cyber Risk Governance and Measurement

Gennady Duchovich headshot

Gennady Duchovich

Head of Cybersecurity

Haventree Bank

Nabeel Yousif headshot

Nabeel Yousif

Chief Information Security Officer

Flexiti Financial

Rhett Glauser headshot

Rhett Glauser

Chief Evangelist

Vulcan Cyber

Enterprise complexity combined with an exponential increase in vulnerability risk threatens interconnected IT, cloud and application environments and creates an ongoing cyber risk governance challenge for IT security leaders.

Join this executive boardroom to:

  • Uncover how the aggregation of billions of vulnerability and asset data points can provide visibility into the security posture of all IT
  • Consider new approaches to security risk awareness with attack path modeling
  • Discuss the orchestration, automation and measurement of vulnerability remediation campaigns at scale

2:15pm - 2:50pm  Networking Break

2:20pm - 2:45pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

2:50pm - 3:35pm  Breakout Session

An Ethical Approach to the AI Boom

Mark Fernandes headshot

Mark Fernandes

Global CISO

CAE

Vinay Puri headshot

Vinay Puri

VP, Head of Security Architecture

Thomson Reuters

Migan Megardichian headshot

Migan Megardichian

Privacy & Innovation Thought Leader

Telecommunications Industry

There's no denying the power and popularity of ChatGPT. For good or for evil, its uses seem endless. Predicting exactly how this advanced AI will impact the future of cyber security is impossible. But through collaboration with your C-level peers, you might be able to prepare.

Join this interactive session to:

  • Share your thoughts on the future of AI
  • Gauge the impact this tech advancement is having across industries
  • Plan and prepare for the (previously) unexpected

2:50pm - 3:35pm  Breakout Session

Breaking Down Silos with SASE — How CISOs are Driving Digital Transformation

John Spiegel headshot

John Spiegel

Director, Network Transformation (Field CTO)

Axis Security

Evgeniy Kharam headshot

Evgeniy Kharam

Thought Leader

Cyber Security Industry

Despite the challenges posed by organizational and technological silos, the modern CISO is stepping up to the plate. Impactful digital transformation through intentional technology decisions can minimize organizational obstacles. 

Join this fireside chat to discover:

  • Embracing digital transformation to stay competitive and secure in today's business world
  • Leveraging SASE to simplify your security architecture, level-up compliance monitoring and improve visibility
  • Driving meaningful change with a holistic approach that considers not just security, but also organizational culture, processes, and people

2:50pm - 3:35pm  Executive Boardroom

Shifting AppSec to Enable Business Growth

Ragulan Sinnarajah headshot

Ragulan Sinnarajah

VP, IT Shared Services & Head of Cyber Security

Sobeys

Raghavendra Kumar headshot

Raghavendra Kumar

Divisional VP Security Architecture, Engineering & IAM

Hudson's Bay Co

Peter Chestna headshot

Peter Chestna

CISO of North America

Checkmarx

Digital transformation is a top priority for C-suites and boards around the world, creating an opportunity to reframe the role of the modern CISO as securing digital transformation. This positioning offers a chance for greater alignment between security and the rest of the business – and application security has a major role to play in aligning these interests.

Join this executive boardroom to discuss the role of application security in relation to key security priorities, including:

  • Cloud Native Development: Processing change management across multiple business functions
  • Risk Mitigation: Securing the business amidst unprecedented application complexity and density
  • Business Growth: securing digital transformation and differentiating your sales with AppSec

2:50pm - 3:35pm  Executive Boardroom

Protecting Your Data is a Top Priority

John Roberts headshot

John Roberts

Chief Privacy Officer and Archivist of Ontario

Government of Ontario

Priya Sirwani headshot

Priya Sirwani

Global CISO & Head of Global IT Infrastructure

Fiera Capital

Data is perhaps the most important enterprise asset there is. As companies ramp up their modern hybrid workforce, keeping sensitive data from leaking into the wrong hands has become a top priority for their IT and Risk teams. The modern workplace requires an entirely new approach to security by focusing on data.

Join this session to discuss:

  • How to manage data protection in the era of increased data analytics
  • Best practices for preventing malicious insiders and well-intentioned accidents
  • The continuum between "give me access to everything" and "least privileged" access models

3:35pm - 4:00pm  Break

4:00pm - 4:35pm  Keynote

Surviving the Shift — Staying Secure During Mergers and Divestitures

Patrick Gilbert headshot

Patrick Gilbert

Senior Director, Information Security

Rona

Stephen Kerkmann headshot

Stephen Kerkmann

CISO

Revera

As a CISO once said, "A dog with two owners starves to death." In other words, when mergers and divestitures happen, responsibilities are split and then often neglected - leaving the enterprise vulnerable. The good news is, there are ways to stay ahead.

In this keynote session, you'll hear:

  • Ways of securing your operation in moments of division or change
  • Real, applicable lessons on living through business separation
  • Which key partnerships make the survival process that much easier

4:35pm - 5:00pm  Closing Reception & Prize Drawing

May 30, 2023

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


Venue & Accommodation

Sheraton Centre Toronto Hotel
MORE INFORMATION

Your Community Partners


Global Thought Leaders
Key Partners
Program Partners

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Nick Hall

Senior Community Program Manager

425-318-0488

nick.hall@evanta.com