IN-PERSON

Toronto CISO Executive Summit

December 11, 2024 | Chelsea Hotel

December 11, 2024
Chelsea Hotel

APPLY TO PARTICIPATE

ALREADY A MEMBER? SIGN IN TO REGISTER

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Nagesh Chawla

Foresters Financial
VP, Enterprise Technology and Cybersecurity

Joanne Coles

Onex
Managing Director, Enterprise Technology

Manas Giri

WestJet
CISO

Sandra Liepkalns

Choice Properties REIT
VP, Information Security & Data Governance

Mike Melo

LifeLabs
VP Technology Shared Services & CISO

Ragulan Sinnarajah

Sobeys
VP, CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Toronto CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

December 11, 2024

morning afternoon evening

7:45am - 8:30am Registration & Breakfast

8:30am - 9:15am Keynote

Supply Chain Risk — The Weakest Link

Rod Hynes

Director, Information Security

Bell Canada

Recent events have CEOs and boards focused on the potential threats and vulnerabilities in their enterprise supply chain. With organizational reputation at stake, CISOs must be able to build and control a supply chain focused on resiliency and recoverability.

Join this session with Bell Canada's Rod Hynes, who will discuss:

Challenges and complexities with supply chain risk
Regulatory and government concerns with critical infrastructures
Collaboration and coordination to de-risk technologies

9:15am - 9:40am Networking Break

9:40am - 10:25am Breakout Session

AI Data Readiness — Strategic Considerations for Security

David Porter

Head of Customer Value & Transformation Advisory

Google Cloud

Achieving AI data readiness is essential for enhancing cybersecurity measures within organizations. By prioritizing high-quality, well-structured data, security executives can significantly improve the accuracy and efficiency of AI-driven security systems. Implementing robust data management practices, including collection, preprocessing, and validation, supports scalable and reliable cybersecurity applications, ultimately fortifying defenses and maintaining a strong security posture in the tech industry.

Join this session to discuss:

Prioritizing high-quality, well-structured data to enhance the accuracy and efficiency of AI-driven security systems
Implementing robust data management practices to support reliable cybersecurity applications
Focusing on scalable AI solutions to drive innovation and fortify organizational defenses

9:40am - 10:25am Executive Boardroom

Risk to the Nth-Party Degree

Peter Ling

VP, Global Cybersecurity Partnerships

RiskRecon - A MasterCard Company

Nicole Galang

Director Information Security (CISO)

BGIS

Iain Paterson

CISO

WELL Health

Third party relationships are closest and may prove to be the most tangible risks to your business, yet the whole supply chain of your business partners still pose a substantial threat. Most organizations’ vendor relationships extend to the 8th party. CISOs need to understand this web of connectedness in order to better manage and communicate enterprise risk.

Join this session to discuss:

Gaining visibility into risk across the whole supply chain
Strategies for effective risk management and monitoring business partners
Overcoming resource challenges to prioritize third-party and extended supply chain risk

9:40am - 10:25am Executive Boardroom

The Silent Spread of AI — And Why You’re Losing Control Over It

Lior Yaari

CEO and Co-Founder

Grip Security

Nilesh Shastri

CISO

Canadian Institute for Health Information

Mick Leach

Field CISO

Abnormal Security

AI risk is quietly creeping into every corner of your enterprise, and you don’t even realize it. As more employees adopt AI-powered tools, applications, and processes, it is becoming deeply embedded in your tech stack — but it’s not just your employees using AI. Attackers are also leveraging AI to enhance their own tactics and sharpen their attacks. The real question for CISOs is: Do you have visibility into the countless ways AI is spreading, and what’s the best way to use AI to protect against AI?

Join this session to discuss:

The hidden ways AI is entering your enterprise—from third-party tools to shadow AI projects—and why it’s slipping under the radar
How attackers are using AI to improve their attacks and making them harder to detect by both legacy security tools and humans themselves
Actionable steps for CISOs to gain visibility and control over AI use across the organization

10:25am - 11:05am Networking Break

10:30am - 10:55am Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:05am - 11:50am Breakout Session

Using The Cloud to Drive Business Objectives

Agnelo Dias

VP, Information Security & IT Risk

IGM Financial

Divesting from a shared data center to the cloud is no small task. It's a journey to ensure the foundations are in place to support the migration and that frameworks are established to minimize breaches, ultimately improving enterprise functionality.

Four years into the process, this case study with IGM Financial will discuss:

Maturing processes to adopt a proactive defense posture
Establishing a culture of technology adoption
Improving business operations and driving revenue opportunities

11:05am - 11:50am Executive Boardroom

From Regulations to Resilience ― CISO Strategies for Cybersecurity Readiness

Denis Villeneuve

Cybersecurity & Resilience Practice Leader

Kyndryl Canada

Shakeel Sagarwala

AVP, CISO

Canadian Tire Bank

Brent Thomas

AVP, Security Architecture and Consulting

Co-operators Insurance and Financial Services

As cybersecurity regulations rapidly evolve, organizations must be ready to maintain their competitive edge and ensure compliance. For CISOs, this means implementing a cybersecurity framework that encompass risk management (third-party/cyber/operational resilience), policy development, and continuous compliance monitoring.

Join us to discuss how to:

Effectively identify, evaluate, and mitigate compliance risks
Implement robust cyber resilience practices that reinforce regulatory standards
Incorporate ongoing vigilance and adaptive strategies to align with emerging regulations

11:05am - 11:50am Executive Boardroom

Strengthening Business Continuity Through Rapid IT Recovery

David Jones

Vice President, North America Solutions Engineering

Dynatrace

Mark Pryce

Manager Cybersecurity

Toromont

Linda Barratt

Director, Enterprise Architecture

Toronto Community Housing

Recovering quickly from system disruptions is crucial for business resilience and the bottom line. Recent incidents have further highlighted the need for robust recovery strategies. CISOs can leverage best practices, advanced technologies and communication across the organization to maintain stability during crises.

Join this session to discuss:

Implementing capabilities for immediate situational awareness
Building resilient IT infrastructure to withstand future challenges
Safeguarding operations through application reliability and early issue detection

11:05am - 11:50am Executive Boardroom

A CISO’s Guide to Unified Identity Security

Ian Hassard

VP, Product Management

Okta

Assaf Afek-Levy

CISO

GFL Environmental

Keith Benedict

Director IT Security, Audit and Compliance

Postmedia Network Inc

SSO and MFA are no longer enough to solve identity security challenges. Today, security leaders need to look beyond authentication to uncover gaps in their security posture and be able to detect identity threats before they become a breach.

Join this session to learn how to:

Develop a unified identity security posture
Prevent identity-based attacks
Identify potential threats faster and automate responses

11:50am - 12:35pm Lunch Service

12:35pm - 1:10pm Keynote

Transforming Application and Service Delivery for the Modern Security Environment

Eric Appel

Global GTM Strategy Officer

Island

Delivering business critical applications safely is a delicate balancing act. The user experience is frequently compromised as application, infrastructure, and security teams negotiate the adoption of new services. Unfortunate trade-offs are sometimes necessary to address operational needs for the sake of maintaining security, but these trade-offs can make certain use cases unfeasible or diminish their value to the organization.

In this session, we will discuss:

Revolutionizing workspaces by balancing productivity, security, availability and user experience
How quickly new technologies like the enterprise browser can be adopted to provide a competitive advantage
Strategies for reducing the effort required to deliver applications and enhance organizational operations

1:10pm - 1:35pm Break

1:35pm - 2:20pm Breakout Session

Interactive Workshop — Establishing Business and Operational Resiliency

Tom Bornais

CISO

NAV CANADA

Faiza Kacem

Group Head Operational Resilience Transformation

BNP Paribas

Paul Min

VP, Technology Operations and Security

Cadillac Fairview

It's never a matter of if, but when organizations will encounter attacks or tech outages that have widespread impact throughout the enterprise. Recent events have proven that organizations are only resilient through practice and training. How can CISOs ensure their systems and people are ready for the next instance?

In this interactive session, you will learn:

Creating proper and prior procedures to limit blast radius
Understanding critical services and programs to safeguard
Establishing protocol across the department and C-Suite

1:35pm - 2:20pm Executive Boardroom

Transforming Threat Intelligence with Next-Level Defense

Emanuel Salmona

Co-Founder & CEO

Nagomi Security

Fred Hopper

VP, Security

Giesecke+Devrient Canada

Karim Jessani

Principal: Data & AI Practice / CISO

Kainos

80% of breaches occur with a tool in pace that could have prevented it. So, what’s happening? Are CISOs able to unify their security stack to provide visibility into existing defense capabilities against threats?

In this session, you will learn how to:

Gain better visibility into your security stack
Where to prioritize action and remediation
Maximize the ROI of security investments and report progress to executives

1:35pm - 2:20pm Executive Boardroom

Not All Metrics Are Created Equal

Octavia Howell

VP, CISO

Equifax

Craig Newell

VP, Enterprise Information Security

GDI Integrated Facility Services

James Weare

Director, Information Security & Compliance

Great Canadian Entertainment

An effective security metrics program enhances decision-making and stakeholder communication, offering early issue detection and aiding resource allocation decisions. However, it is imperative for CISOs to take a closer look at metric selection taking into account emerging threats in the quickly evolving landscape.

Join this session to discuss:

Forward-thinking strategies in interrogating your current metrics program
The role of emerging technology when considering essential metrics
Tool recommendations for gathering and generating meaningful metrics for your security program

1:35pm - 2:20pm Executive Boardroom

Protecting Innovation: Rethinking Data Security Strategies

Nishant Doshi

Chief Product and Development Officer

Cyberhaven

Tushar Patel

Director, Cybersecurity Governance and IT Risk Management

BFL Canada

David White

Director, Cybersecurity

OMERS

AI makes creating and consuming data easier than ever, with shadow AI and dark data presenting new challenges to security teams. As the tactics for protecting data evolve, security leaders must adopt a risk-based strategy to protect mission-critical data and safeguard innovation.

Join this session to discover:

Effective practices for ongoing monitoring to identify risks
Rapid investigation and response techniques for insider threats
Strategies for evolving your data protection approach

2:20pm - 3:00pm Networking Break

2:25pm - 2:50pm Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm Breakout Session

Balancing Innovation and Security

Joanne Coles

Managing Director, Enterprise Technology

Onex

Kevin Northrup

Vice President, Head of Analytics and AI

Onex

Security and innovation can often times be seen as opposing forces. But when partnerships are established and security is part of the innovation process, organizations can ensure they are both cutting-edge and resilient to emerging threats.

Join this session to learn about:

Enabling trust to mitigate risks without stifling creativity
Developing sustainable business resiliency
Delivering outcomes with security in mind

3:00pm - 3:45pm Executive Boardroom

Assessment to Action: Enhancing Third-Party Risk Management

Elena Carroll

Director, Information Security

Davies Ward Phillips & Vineberg

Umar Hossain

Global Leader, IT Infrastructure & Operations

Mattr

Jeet Jariwala

VP of Information Security

Beem Credit Union

You won’t luck your way into safe and successful third-party relationships. But by thoughtfully developing a cadence of third-party risk identification, assessment, and mitigation, CISOs can safeguard their own operations, protect key data, prevent reputational damage, avoid financial losses and bring peace to stakeholders.

Join a your CISO peers to:

Develop new risk-aware relationships, or perfect existing ones
Share and gather insights on a growing network of third parties
Confirm the importance of a well-developed third-party risk management plan

3:00pm - 3:45pm Executive Boardroom

True Defense Against API & Application Incidents

Larry Maccherone

Dev[Sec]Ops Transformation Architect

Contrast Security

Nabeel Yousif

CISO

Momentum Financial Services Group

Vishal Sharma

CISO

Achievers

Cybersecurity measures are adept at detecting and responding to incidents across various layers, but the application layer often remains vulnerable. Many organizations have a massive vulnerability backlog that demands timely and effective defense.

Join us to explore:

Understanding the scale of the backlog and strategies to prevent exploitation
The intricacies of application and API protection within the security operations ecosystem
Benefits of having a comprehensive blueprint that reveals attack surfaces, defenses, dangers, and connections

3:00pm - 3:45pm Executive Boardroom

Empowering CISOs in the Age of Modern Data Access

Teodor Pana

Director, Cyber Security

SE Health

Sandra Liepkalns

VP, Information Security & Data Governance

Choice Properties REIT

Raj Sivarajah

SVP, CISO

CI Financial

As enterprises move to cloud data infrastructures, safeguarding critical data is vital. Traditional security models struggle with increased complexity and global regulations. CISOs must lead innovative, holistic approaches, collaborating with business partners to ensure alignment and demonstrate value.

Join this session to discuss to:

Develop robust data security strategies aligned with enterprise goals
Address business users' data access needs while ensuring compliance
Enhance data security and identify vulnerabilities in real-time

3:45pm - 4:10pm Break

4:10pm - 4:45pm Keynote

The Alchemy of Talent: Teams that Thrive in the Face of Uncertainty

Vijay Pendakur, Ph.D.

Team Effectiveness Coach

Guest Speaker

Disruption, change, and extended uncertainty are hallmarks of our time, but can lead even strong teams to fail. How can some teams outperform consistently in these conditions? The Alchemy of Talent is Dr. Pendakur’s proven model for high performing teams, backed by extensive research and his own experience leading teams across numerous complex organizations. This high-energy keynote will focus on the science and skills of trust and team connection, along with the innovation potential of harnessing team complexity.
Audience members will learn:

How to harness team complexity as a driver for innovation
A new toolkit for using trust to unlock team performance
Innovative new approaches to increasing team connection and resilience

4:45pm - 5:00pm Closing Comments and Prize Drawing

5:00pm - 6:30pm Governing Body Reception

Governing Body Reception

Our evening will conclude with a reception featuring a book signing with Closing Keynote Speaker, Dr. Vijay Pendakur. Executives will have the chance to network with peers while participating in a charity event for SickKids, The Hospital for Sick Children in Toronto.

December 11, 2024

morning afternoon evening

Apply to join

ALREADY A MEMBER? SIGN IN TO REGISTER

Evanta facilitates exclusive, C-level communities by personally qualifying and understanding the priorities, challenges and interests of each member.

Our selective approach maintains the high quality of the network and ensures top-level discussions with peers from the world’s leading organizations.

Community Member Criteria

To ensure peer connections and conversations at the highest level, members must meet the following criteria:

- C-level or senior most executive for respective function

- Organization revenue of $500M+

Exceptions are considered.

I meet the criteria above

I would still like to be considered

My contact information is….

By checking this box, you agree to our Privacy Policy and T&Cs.

FORM CONTAINS ERRORS, PLEASE REVIEW THE ABOVE

We look forward to seeing you at an upcoming in-person gathering

Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location

Venue & Accommodation

Chelsea Hotel

MORE INFORMATION

A block of rooms has been reserved at the Chelsea Hotel at a reduced conference rate. Reservations should be made online or by calling 1-800-243-5732. Please mention Evanta CISO Executive Summit to ensure the appropriate room rate.

Deadline to book using the discounted room rate of $189 CAD (plus tax) is November 18, 2024.

RESERVE ROOM