IN-PERSON

Toronto CISO Executive Summit

December 11, 2024 | Chelsea Hotel

December 11, 2024
Chelsea Hotel

Collaborate with your peers

Get together with Toronto's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Increasing sophistication of cyber threats and the critical need to protect sensitive data

Reducing the risk of security breaches and enhancing overall organizational security

Providing clear, actionable insights to stakeholders to ensure informed, secure decision-making

Toronto CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Toronto CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


December 11, 2024

7:45am - 8:30am  Registration & Breakfast

8:30am - 9:15am  Keynote

Supply Chain Risk — The Weakest Link

Rod Hynes headshot

Rod Hynes

Director, Information Security

Bell Canada

Recent events have CEOs and boards focused on the potential threats and vulnerabilities in their enterprise supply chain. With organizational reputation at stake, CISOs must be able to build and control a supply chain focused on resiliency and recoverability.

Join this session with Bell Canada's Rod Hynes, who will discuss:

  • Challenges and complexities with supply chain risk
  • Regulatory and government concerns with critical infrastructures
  • Collaboration and coordination to de-risk technologies

9:15am - 9:40am  Networking Break

9:40am - 10:25am  Breakout Session

AI Data Readiness — Strategic Considerations for Security

David Porter headshot

David Porter

Head of Customer Value & Transformation Advisory

Google Cloud

Achieving AI data readiness is essential for enhancing cybersecurity measures within organizations. By prioritizing high-quality, well-structured data, security executives can significantly improve the accuracy and efficiency of AI-driven security systems. Implementing robust data management practices, including collection, preprocessing, and validation, supports scalable and reliable cybersecurity applications, ultimately fortifying defenses and maintaining a strong security posture in the tech industry.

Join this session to discuss:

  • Prioritizing high-quality, well-structured data to enhance the accuracy and efficiency of AI-driven security systems
  • Implementing robust data management practices to support reliable cybersecurity applications
  • Focusing on scalable AI solutions to drive innovation and fortify organizational defenses

9:40am - 10:25am  Executive Boardroom

Risk to the Nth-Party Degree

Peter Ling headshot

Peter Ling

VP, Global Cybersecurity Partnerships

RiskRecon - A MasterCard Company

Nicole Galang headshot

Nicole Galang

Director Information Security (CISO)

BGIS

Iain Paterson headshot

Iain Paterson

CISO

WELL Health

Third party relationships are closest and may prove to be the most tangible risks to your business, yet the whole supply chain of your business partners still pose a substantial threat. Most organizations’ vendor relationships extend to the 8th party. CISOs need to understand this web of connectedness in order to better manage and communicate enterprise risk.

Join this session to discuss:

  • Gaining visibility into risk across the whole supply chain
  • Strategies for effective risk management and monitoring business partners
  • Overcoming resource challenges to prioritize third-party and extended supply chain risk

9:40am - 10:25am  Executive Boardroom

Utilizing Hybrid Cloud to Maximize on Data

Nadeem Hussain headshot

Nadeem Hussain

Director, Information Security (CISO)

Doane Grant Thornton

Juan Valbuena headshot

Juan Valbuena

Director Cybersecurity

Allied Gold

Alan McDermott headshot

Alan McDermott

AVP, Information Security

Securian Financial

The challenge security leaders face? Storing, analyzing, and managing data through its lifecycle. To address this challenge, leaders are seeking a consistent strategy that works from edge to core to cloud and keeps data secure and accessible. Many are turning to a hybrid cloud solution that helps organizations unleash the power of their data.

Join this session to discuss:

  • Harnessing the value of your data, no matter where it lives
  • How security leaders are using hybrid cloud to product actionable insights
  • Simplified management via a unified interface along with consistent processes for both on-prem and cloud

9:40am - 10:25am  Executive Boardroom

The Silent Spread of AI — And Why You’re Losing Control Over It

Lior Yaari headshot

Lior Yaari

CEO and Co-Founder

Grip Security

Nilesh Shastri headshot

Nilesh Shastri

CISO

Canadian Institute for Health Information

Mick Leach headshot

Mick Leach

Field CISO

Abnormal Security

AI risk is quietly creeping into every corner of your enterprise, and you don’t even realize it. As more employees adopt AI-powered tools, applications, and processes, it is becoming deeply embedded in your tech stack — but it’s not just your employees using AI. Attackers are also leveraging AI to enhance their own tactics and sharpen their attacks. The real question for CISOs is: Do you have visibility into the countless ways AI is spreading, and what’s the best way to use AI to protect against AI?

Join this session to discuss:

  • The hidden ways AI is entering your enterprise—from third-party tools to shadow AI projects—and why it’s slipping under the radar
  • How attackers are using AI to improve their attacks and making them harder to detect by both legacy security tools and humans themselves
  • Actionable steps for CISOs to gain visibility and control over AI use across the organization

10:25am - 11:05am  Networking Break

10:30am - 10:55am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:05am - 11:50am  Breakout Session

Using The Cloud to Drive Business Objectives

Agnelo Dias headshot

Agnelo Dias

VP, Information Security & IT Risk

IGM Financial

Divesting from a shared data center to the cloud is no small task. It's a journey to ensure the foundations are in place to support the migration and that frameworks are established to minimize breaches, ultimately improving enterprise functionality.

Four years into the process, this case study with IGM Financial will discuss:

  • Maturing processes to adopt a proactive defense posture
  • Establishing a culture of technology adoption
  • Improving business operations and driving revenue opportunities

11:05am - 11:50am  Executive Boardroom

From Regulations to Resilience ― CISO Strategies for Cybersecurity Readiness

Denis Villeneuve headshot

Denis Villeneuve

Cybersecurity & Resilience Practice Leader

Kyndryl Canada

Shakeel Sagarwala headshot

Shakeel Sagarwala

AVP, CISO

Canadian Tire Bank

Brent Thomas headshot

Brent Thomas

AVP, Security Architecture and Consulting

Co-operators Insurance and Financial Services

As cybersecurity regulations rapidly evolve, organizations must be ready to maintain their competitive edge and ensure compliance. For CISOs, this means implementing a cybersecurity framework that encompass risk management (third-party/cyber/operational resilience), policy development, and continuous compliance monitoring.

Join us to discuss how to:

  • Effectively identify, evaluate, and mitigate compliance risks
  • Implement robust cyber resilience practices that reinforce regulatory standards
  • Incorporate ongoing vigilance and adaptive strategies to align with emerging regulations

11:05am - 11:50am  Executive Boardroom

Strengthening Business Continuity Through Rapid IT Recovery

David Jones headshot

David Jones

Vice President, North America Solutions Engineering

Dynatrace

Mark Pryce headshot

Mark Pryce

Manager Cybersecurity

Toromont

Linda Barratt headshot

Linda Barratt

Director, Enterprise Architecture

Toronto Community Housing

Recovering quickly from system disruptions is crucial for business resilience and the bottom line. Recent incidents have further highlighted the need for robust recovery strategies. CISOs can leverage best practices, advanced technologies and communication across the organization to maintain stability during crises.

Join this session to discuss:

  • Implementing capabilities for immediate situational awareness
  • Building resilient IT infrastructure to withstand future challenges
  • Safeguarding operations through application reliability and early issue detection

11:05am - 11:50am  Executive Boardroom

A CISO’s Guide to Unified Identity Security

Ian Hassard headshot

Ian Hassard

VP, Product Management

Okta

Assaf Afek-Levy headshot

Assaf Afek-Levy

CISO

GFL Environmental

Keith Benedict headshot

Keith Benedict

Director IT Security, Audit and Compliance

Postmedia Network Inc

SSO and MFA are no longer enough to solve identity security challenges. Today, security leaders need to look beyond authentication to uncover gaps in their security posture and be able to detect identity threats before they become a breach.

Join this session to learn how to:

  • Develop a unified identity security posture
  • Prevent identity-based attacks
  • Identify potential threats faster and automate responses


11:50am - 12:35pm  Lunch Service

12:35pm - 1:10pm  Keynote

Transforming Application and Service Delivery for the Modern Security Environment

Eric Appel headshot

Eric Appel

Global GTM Strategy Officer

Island

Delivering business critical applications safely is a delicate balancing act. The user experience is frequently compromised as application, infrastructure, and security teams negotiate the adoption of new services. Unfortunate trade-offs are sometimes necessary to address operational needs for the sake of maintaining security, but these trade-offs can make certain use cases unfeasible or diminish their value to the organization.

In this session, we will discuss:

  • Revolutionizing workspaces by balancing productivity, security, availability and user experience
  • How quickly new technologies like the enterprise browser can be adopted to provide a competitive advantage
  • Strategies for reducing the effort required to deliver applications and enhance organizational operations


1:10pm - 1:35pm  Break

1:35pm - 2:20pm  Breakout Session

Interactive Workshop — Establishing Business and Operational Resiliency

Tom Bornais headshot

Tom Bornais

CISO

NAV CANADA

Faiza Kacem headshot

Faiza Kacem

Group Head Operational Resilience Transformation

BNP Paribas

Paul Min headshot

Paul Min

VP, Technology Operations and Security

Cadillac Fairview

It's never a matter of if, but when organizations will encounter attacks or tech outages that have widespread impact throughout the enterprise. Recent events have proven that organizations are only resilient through practice and training. How can CISOs ensure their systems and people are ready for the next instance?

In this interactive session, you will learn:

  • Creating proper and prior procedures to limit blast radius
  • Understanding critical services and programs to safeguard
  • Establishing protocol across the department and C-Suite

1:35pm - 2:20pm  Executive Boardroom

Transforming Threat Intelligence with Next-Level Defense

Emanuel Salmona headshot

Emanuel Salmona

Co-Founder & CEO

Nagomi Security

Fred Hopper headshot

Fred Hopper

VP, Security

Giesecke+Devrient Canada

Karim Jessani headshot

Karim Jessani

Principal: Data & AI Practice / CISO

Kainos

80% of breaches occur with a tool in pace that could have prevented it. So, what’s happening? Are CISOs able to unify their security stack to provide visibility into existing defense capabilities against threats?

In this session, you will learn how to:

  • Gain better visibility into your security stack
  • Where to prioritize action and remediation
  • Maximize the ROI of security investments and report progress to executives

1:35pm - 2:20pm  Executive Boardroom

Not All Metrics Are Created Equal

Octavia Howell headshot

Octavia Howell

VP, CISO

Equifax

Craig Newell headshot

Craig Newell

VP, Enterprise Information Security

GDI Integrated Facility Services

James Weare headshot

James Weare

Director, Information Security & Compliance

Great Canadian Entertainment

An effective security metrics program enhances decision-making and stakeholder communication, offering early issue detection and aiding resource allocation decisions. However, it is imperative for CISOs to take a closer look at metric selection taking into account emerging threats in the quickly evolving landscape.

Join this session to discuss:

  • Forward-thinking strategies in interrogating your current metrics program
  • The role of emerging technology when considering essential metrics
  • Tool recommendations for gathering and generating meaningful metrics for your security program

1:35pm - 2:20pm  Executive Boardroom

Protecting Innovation: Rethinking Data Security Strategies

Nishant Doshi headshot

Nishant Doshi

Chief Product and Development Officer

Cyberhaven

Tushar Patel headshot

Tushar Patel

Director, Cybersecurity Governance and IT Risk Management

BFL Canada

David White headshot

David White

Director, Cybersecurity

OMERS

AI makes creating and consuming data easier than ever, with shadow AI and dark data presenting new challenges to security teams. As the tactics for protecting data evolve, security leaders must adopt a risk-based strategy to protect mission-critical data and safeguard innovation.

Join this session to discover:

  • Effective practices for ongoing monitoring to identify risks
  • Rapid investigation and response techniques for insider threats
  • Strategies for evolving your data protection approach

2:20pm - 3:00pm  Networking Break

2:25pm - 2:50pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm  Breakout Session

Balancing Innovation and Security

Joanne Coles headshot

Joanne Coles

Managing Director, Enterprise Technology

Onex

Kevin Northrup headshot

Kevin Northrup

Vice President, Head of Analytics and AI

Onex

Security and innovation can often times be seen as opposing forces. But when partnerships are established and security is part of the innovation process, organizations can ensure they are both cutting-edge and resilient to emerging threats.

Join this session to learn about:

  • Enabling trust to mitigate risks without stifling creativity
  • Developing sustainable business resiliency
  • Delivering outcomes with security in mind

3:00pm - 3:45pm  Executive Boardroom

Assessment to Action: Enhancing Third-Party Risk Management

Elena Carroll headshot

Elena Carroll

Director, Information Security

Davies Ward Phillips & Vineberg

Umar Hossain headshot

Umar Hossain

Global Leader, IT Infrastructure & Cybersecurity

Mattr

Jeet Jariwala headshot

Jeet Jariwala

VP of Information Security

Beem Credit Union

You won’t luck your way into safe and successful third-party relationships. But by thoughtfully developing a cadence of third-party risk identification, assessment, and mitigation, CISOs can safeguard their own operations, protect key data, prevent reputational damage, avoid financial losses and bring peace to stakeholders.

Join a your CISO peers to:

  • Develop new risk-aware relationships, or perfect existing ones
  • Share and gather insights on a growing network of third parties
  • Confirm the importance of a well-developed third-party risk management plan

3:00pm - 3:45pm  Executive Boardroom

True Defense Against API & Application Incidents

Larry Maccherone headshot

Larry Maccherone

Dev[Sec]Ops Transformation Architect

Contrast Security

Nabeel Yousif headshot

Nabeel Yousif

CISO

Momentum Financial Services Group

Vishal Sharma headshot

Vishal Sharma

CISO

Achievers

Cybersecurity measures are adept at detecting and responding to incidents across various layers, but the application layer often remains vulnerable. Many organizations have a massive vulnerability backlog that demands timely and effective defense.

Join us to explore:

  • Understanding the scale of the backlog and strategies to prevent exploitation
  • The intricacies of application and API protection within the security operations ecosystem
  • Benefits of having a comprehensive blueprint that reveals attack surfaces, defenses, dangers, and connections

3:00pm - 3:45pm  Executive Boardroom

Empowering CISOs in the Age of Modern Data Access

Teodor Pana headshot

Teodor Pana

Director, Cyber Security

SE Health

Sandra Liepkalns headshot

Sandra Liepkalns

VP, Information Security & Data Governance

Choice Properties REIT

Raj Sivarajah headshot

Raj Sivarajah

SVP, CISO

CI Financial

As enterprises move to cloud data infrastructures, safeguarding critical data is vital. Traditional security models struggle with increased complexity and global regulations. CISOs must lead innovative, holistic approaches, collaborating with business partners to ensure alignment and demonstrate value.

Join this session to discuss to:

  • Develop robust data security strategies aligned with enterprise goals
  • Address business users' data access needs while ensuring compliance
  • Enhance data security and identify vulnerabilities in real-time

3:45pm - 4:10pm  Break

4:10pm - 4:45pm  Keynote

The Alchemy of Talent: Teams that Thrive in the Face of Uncertainty

Vijay Pendakur, Ph.D. headshot

Vijay Pendakur, Ph.D.

Team Effectiveness Coach

Guest Speaker

Disruption, change, and extended uncertainty are hallmarks of our time, but can lead even strong teams to fail. How can some teams outperform consistently in these conditions? The Alchemy of Talent is Dr. Pendakur’s proven model for high performing teams, backed by extensive research and his own experience leading teams across numerous complex organizations. This high-energy keynote will focus on the science and skills of trust and team connection, along with the innovation potential of harnessing team complexity.
Audience members will learn:

  • How to harness team complexity as a driver for innovation
  • A new toolkit for using trust to unlock team performance
  • Innovative new approaches to increasing team connection and resilience

4:45pm - 5:00pm  Closing Comments and Prize Drawing

5:00pm - 6:30pm  Governing Body Reception

Governing Body Reception

Our evening will conclude with a reception featuring a book signing with Closing Keynote Speaker, Dr. Vijay Pendakur. Executives will have the chance to network with peers while participating in a charity event for SickKids, The Hospital for Sick Children in Toronto. 


December 11, 2024

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


Venue & Accommodation

Chelsea Hotel
MORE INFORMATION

A block of rooms has been reserved at the Chelsea Hotel at a reduced conference rate. Reservations should be made online or by calling 1-800-243-5732. Please mention Evanta CISO Executive Summit to ensure the appropriate room rate.

Deadline to book using the discounted room rate of $189 CAD (plus tax) is November 18, 2024.

Your Community Partners


Global Thought Leader
CISO Thought Leaders
Key Partners
Program Partners

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Nick Hall

Senior Community Program Manager

nick.hall@evanta.com