2. BCAWARE.CABC AWARE CAMPAIGN 2016BC AWARE CAMPAIGN 2016
Three years ago, members of the ISACA Vancouver leadership team realized
we had a serious education problem: Information security concepts were poorly
understood in our province—at a time when cyber security threats were on the rise.
We determined that as representatives of British Columbia’s IT Security, Risk, and
Governance communities, there was a role for our Chapter to play. Our team felt a
responsibility, to raise awareness and educate both professionals and citizens on
matters relating to cybersecurity. But we recognized we weren’t the only kids on
the block and therefore, to really move the needle for cybersecurity awareness and
training, the collective efforts of the broader community—including various levels
of government, industry, our higher education institutions, and other professional
associations—would be required.
BC Privacy & Security Awareness Day on Feb 6th, 2014 was our first foot forward
and from there our efforts have morphed to become what we now know as the BC
AWARE Campaign, an annual security and privacy awareness initiative belonging to
professionals of all stripes with an interest in maintaining the security and integrity
of our information systems.
Our BC AWARE Calendar-of-Events will unfold over the next couple of weeks—
from Jan 25th to Feb 5, 2016. On behalf of ISACA Vancouver and the BC AWARE
Organizing Committee, I would like to thank the many participating organizations
that have contributed their energy and experience to make this day, as well as
the overall campaign, a force to be reckoned with. I especially want to thank our
corporate sponsors, without whom none of us would be enjoying the phenomenal
line-up of speakers assembled here today.
I am proud to be a member of the ISACA Vancouver Chapter. With more than 500
members and growing, I invite each of you to explore the networking, educational
and career development opportunities we offer.
Enjoy the day, and please let us know what we can do to improve and be more
relevant for you in the years to come.
Sincerely,
Justin Malczewski
Chairperson, BC AWARE Campaign
A WELCOME TO BC AWARE DAY 2016!
3. BC AWARE CAMPAIGN 2016 BCAWARE.CA
DETAILS
PROGRAM
GUIDE
WHEN
JANUARY 26, 2016
8:00AM–9:00PM
WI-FI
TELUS_public
TWITTER
@BCAWARECA
#BCAWARECA
BC AWARE CAMPAIGN 2016
Where can I get the training I need to be a Cybersecurity leader?
Frank Schettini [ 24th Floor ]
ICSynergy: Health Information’s Balancing Act
Robert Martin [ 24th Floor ]
PCI Security Standards: Securing Payment Card Transactions
— It Takes a Village Emma Sutcliffe [ 9th Floor ]
Box: The Rise of Cyber Intelligence: Then, Now and Why
Joel de la Garza [ 24th Floor ]
BC BCI Forum: Business Continuity: Surviving in a Rough
Neighbourhood Clive Lunn [ 9th Floor ]
Women in IT Security and Governance
April Sather, Suzie Smibert, Jo-Ann Smith & Shanti Gidwan
(Moderator: Elisabeth Zorne) [ 24th Floor ]
(Lunch included)
Incident Preparedness: Strategies for Before, During
and After the Breach Conn Nicoll [ 24th Floor ]
Lancope: Flow Analysis — The Missing Link in your Security
Architecture Jeffrey M. Wells [ 9th Floor ]
Managing Business Risk through Enterprise Security Architecture
Geoff Besko [ 24th Floor ]
OpenDNS Presentation for the BC AWARE Campaign
David Cornell [ 9th Floor ]
Ernst & Young: SANS 20 Critical Security Controls: Key Actions
for Cyber Defense Abhay Raman [ 24th Floor ]
First West Credit Union: Top 10 Things You Can Do to Implement Better
Security Awareness April Sather (ft. Dominic Vogel) [ 9th Floor ]
Tenable Network Security: The DBIR beyond the DBIR
(Data Breach Incident Response) Jack Daniel [ 24th Floor ]
Protecting Industrial Control, SCADA & Production Control
Environmentsden Jon Stanford [ 9th Floor ]
MARS Hacker Social [ 24th Floor ]
10:00 AM
11:00 AM
12:00 PM
1:00 PM
9:00 AM
2:00 PM
3:00 PM
5:00 PM
4:00 PM
4. BCAWARE.CABC AWARE CAMPAIGN 2016
—
9:00AM — 10:00AM [ 24th Floor ]
Where can I get the Training I need to be a Cybersecurity Leader?
Frank Schettini, CIO, ISACA International
In enterprise IT, there is a single point where everything that matters in information,
technology and business converges: Cybersecurity Nexus (CSX), a new security
knowledge platform and professional program from ISACA.
CSX is helping shape the future of cybersecurity through cutting-edge thought
leadership, as well as training and certification programs for the professionals
who are leading it there. Building on the strength of ISACA’s globally-recognized
expertise, it gives cybersecurity professionals a smarter way to keep organizations
and their information more secure.
—
10:00AM — 11:00AM [ 24th Floor ]
ICSynergy: Health Information’s Balancing Act
Robert Martin, Chief Information Security Officer, Alberta Health Services
Personal health information is some of the most sensitive information collected —
and some of the most valuable information for sale on the black market.
We cannot lock away health information. It needs to be shared to transform health
care and to improve patient outcomes. This creates a precarious balancing act
between security and access in information security.
In this talk, Robert Martin, Chief Information Security Officer of Alberta Health
Services (AHS), will share his experiences of creating, growing and maturing the
information security and risk management program in Canada’s largest healthcare
delivery organization. AHS is responsible for providing health services to the four
million people living in Alberta. It has a combined workforce of staff, physicians
and volunteers of over 110,000 people, making it one of the biggest, most complex
and most dynamic organizations in the country.
Robert will provide insight into the development of successful information secu-
rity and risk management programs. He will share his work in formulating an in-
formation security vision, based on his experiences that span from early formative
security events to the broad deployment of industry best practices.
PROGRAM
GUIDE
BC AWARE CAMPAIGN 2016
5. BCAWARE.CABC AWARE CAMPAIGN 2016
—
11:00AM — 12:00PM [ 9th Floor ]
BC BCI Forum: Business Continuity — Surviving in a Rough Neighbour
Clive Lunn, FBCI CRM
Business Continuity Management: Why, Who & How to get it right. This 45-min-
ute session will help decision makers and practitioners learn how a business
continuity program can protect an organization from incidents that range from
earthquakes to cyber attacks.
In addition it will explore how business continuity management makes communities
more resilient when implemented by critical infrastructure providers. The
presentation will also cover program governance including the key roles played
by executives and others, and it will introduce the attendees to the Business
Continuity Institute’s Good Practice Guidelines, the current leading practice and
the basis for ISO22301.
—
12:00PM — 1:00PM [ 24th Floor ]
Women in IT Security and Governance (Lunch included)
April Sather, Suzie Smibert, Jo-Ann Smith and Shanti Gidwan
Moderator: Elisabeth Zornes, Vice President Business Strategy & Operations, Cisco
This BC AWARE Day “Women in IT Security and Governance” panel discussion
promises to be a treat. In this session we will explore what drives our panelists,
how they got to where they are today, and why they love what they do. We will
ask such questions as:
• What attracted you to the IT field?
• What was your journey to become the leaders you are today?
• Why are IT Security and Governance important now? How are they connected?
—
10:00AM — 3:00PM [ 9th Floor ]
PCI Security Standards: Securing Payment Card Transactions
— It Takes a Village
Emma Sutcliffe, Director, Data Security Standards, PCI Security Standards Council
This session features insights from the PCI Security Standards Council (PCI SSC)
on the current threat landscape, the PCI ecosystem, and how to effectively apply
the PCI Data Security Standard (PCI DSS) to secure your environment. Learn
about the latest updates to PCI DSS, what’s ahead from PCI SSC in 2016, and how
your organization can take advantage of these resources to secure payment card
transactions in the year ahead.
—
11:00AM — 12:00PM [ 24th Floor ]
Box: The Rise of Cyber Intelligence: Then, Now and Why
Joel de la Garza, Box Chief Security Officer
Where did cyber intelligence originate? Growing out of governmental organizations
with security at the surface of operations, has made its way into the private sector
through organization-wide programs. Joel de la Garza explains how the history of
intelligence impacts modern robust security applications.
Garza offers guidelines on how to think about intelligence strategy, including the
potential pitfalls of unethical vendors, companies trying to generate revenue from
cyber intelligence, and the massive security disruption as CISOs try to continually
reinvent their strategy in the evolving threat landscape.
DON’T FORGET TO REGISTER FOR
CISCO SECURITY DAY
THURSDAY, JANUARY 28, 2016 / SHERATON WALL CENTRE
REGISTER HERE: http://bit.ly/CiscoSecurityDay
—
1:00PM — 2:00PM [ 24th Floor ]
Incident Preparedness: Strategies for Before, During and After the Breach
Conn Nicoll, Director of Security Solutions
Four months ago your organization laid off a disgruntled IT administrator. Four
weeks ago he got a foothold onto your network, and four days from now he plans
to wreak havoc by destroying servers, leaking data and spreading ransomware
throughout your systems. Are you able to detect his activity? Do you have a plan
to deal with the chaos once it erupts? How will you get your business operational
as quickly as possible and prevent his next attack?
—
1:00PM — 2:00PM [ 9th Floor ]
Lancope: Flow Analysis — The Missing Link in your Security Architecture
Jeffrey M. Wells, CCIE, CISSP, Director, Business Development, Lancope
Understand why companies, despite enormous investments in IT security
solutions, still can’t seem to find malicious actors in their environments until it’s
too late. Through the use of creative analogies to how we secure our everyday
lives, this presentation will demonstrate that IA security concepts are not difficult
to understand, expose the glaring weakness in most security infrastructures, and
discuss available, successful remedies to close the gap.
6. BCAWARE.CABC AWARE CAMPAIGN 2016
—
4:00PM — 5:00PM [ 9th Floor ]
Protecting Industrial Control, SCADA Production Control Environments
Jon Stanford, Principal, Cisco Security Solutions
Jon serves as a trusted advisor to C-level executives globally in the utilities,
manufacturing, energy, transportation, and other industrial sectors. His session
will cover some of the issues unique to the protection of industrial control and
production systems.
—
5:00PM — 9:00PM [ 24th Floor ]
MARS Hacker Social
Jordan Schroeder, Jason Ng, Chandra Majumdar, Raul Alvarez
The Mainland Advanced Research Society (MARS) has teamed up with ISACA
Vancouver to host The MARS Hacker Social @ BC AWARE Day. This early evening
event, part of the greater BC AWARE Day, will be a great opportunity to socialize
with some of Vancouver’s top information security talent, talk tech and hear three
great talks delivered by members of our local community. So turn off your WiFi/
Bluetooth (you know why) and join us for a great evening!
—
2:00PM — 3:00PM [ 24th Floor ]
Managing Business Risk through Enterprise Security Architecture
Geoff Besko, SVP of Strategic Advisory Services, Above Security
Oftentimes, organizations struggle with how to effectively manage risk as they
face changing compliance requirements, ongoing audits, a rapidly changing
threat environment, and are inundated with changing technologies and new
best practices. The key is to cut through the noise and understand what is truly
important to the organization; what the security program needs to enables,
support, and protect; and to take a proactive stance to managing risk.
Taking a pragmatic, business-driven approach to understanding an organization
through the lens of risk is key to being proactive in safeguarding the organization
from the constantly changing threat landscape. Utilizing his 20-years of experi-
ence as a business executive, enterprise architect, and security practitioner, Mr.
Besko will provide common sense advice, based on best practices and practical
experience, to help you focus your cyber security efforts in the right areas to
manage risk proactively and effectively.
—
2:00PM — 3:00PM [ 9th Floor ]
OpenDNS Presentation for BC AWARE Day
David Cornell, Director, Security Platform OpenDNS
Learn how OpenDNS detects and blocks malicious traffic using machine learning
and big data. One of Canada’s security success stories, OpenDNS does much of its
development at its Gastown facility in Vancouver, BC.
—
3:00PM — 4:00PM [ 24th Floor ]
EY: SANS 20 Critical Security Controls: Key Actions for Cyber Defense
Abhay Raman, National Cyber Security Practice Leader for EY Canada
Preetinder Bedi, Senior Consultant at Ernst Young LLP
Join Abhay Raman, National Leader for Cyber Security at EY Canada and
Preetinder Bedi – Cyber Security Analyst at EY Canada as they share key insights
over the key benefits and mechanisms to secure your Cyber Infrastructure and
how the SANS 20 Critical Security Controls can help you mitigate known attacks,
address a wide variety of attacks and identify and stop attackers early in the
compromise cycle.
—
3:00PM — 4:00PM [ 9th Floor ]
First West Credit Union: Top 10 Things You Can Do to Implement
Better Security Awareness
April Sather, Assistant VP, Information Technology, First West Credit Union
Featuring: Dominic Vogel, Security Consultant
Recent studies have found that, on average 70-95% of security incidents are
a result of innocent human error. In an instant, and without malicious intent,
employees may expose data, introduce malware, or otherwise put an organization’s
technology ecosystem at risk. This session will share ten low-tech, low-budget
ways to help you educate your staff, promote security and privacy awareness, and
protect corporate assets.
—
4:00PM — 5:00PM [ 24th Floor ]
Tenable Network Security: The DBIR beyond the DBIR (Data Breach
Incident Response)
Jack Daniel, Strategist for Tenable Network Security
Understand why companies, despite enormous investments in IT security
solutions, still can’t seem to find malicious actors in their environments until it’s
too late. Through the use of creative analogies to how we secure our everyday
lives, this presentation will demonstrate that IA security concepts are not difficult
to understand, expose the glaring weakness in most security infrastructures, and
discuss available, successful remedies to close the gap.
7. BCAWARE.CABC AWARE CAMPAIGN 2016
TITLE SPONSOR
PLATINUM SPONSOR
GOLD SPONSOR
PARTICIPATING ORGANIZATIONS
CIO Association of Canada, Office of the Information Privacy Commissioner
(OIPC), Business Continuity Institute, OpenDNS, (ISC)2
Vancouver Chapter,
Vancouver SecSIG, MARS, IAPP, IIA, First West Credit Union, PCI Security
Standards Council, Lancope, NYIT, UBC, SFU, BCIT, TRU, Chartered Professional
Accountants of British Columbia, Reboot Communications, and ISACA Vancouver
THANK YOU
OUR
SPONSORS
8. BC AWARE CAMPAIGN 2016 BCAWARE.CA
The BC AWARE Campaign 2016 is an important opportunity to engage the public
and increase awareness about privacy and security across the Province of BC.
ADDITIONAL NOTES:
9. BC AWARE CAMPAIGN 2016
BCAWARE IS PRODUCED BY ISACA VANCOUVER
WWW.BCAWARE.CA