In today’s complex COVID-19 environment the CISO must navigate many challenges in building

and running a comprehensive enterprise security program remotely. The COVID-19 rapid and

unprecedented disruption to business and government has left all sectors struggling to

maintain cyber security and lower risk to the organization.

There is increasing complexity in the overall security programs combined with the expedited

move to the cloud for a number of organizations.

We know there will be a “new normal” that must be planed for. What will this new reality look

like? How can the CISO prepare?

The CISO must balance a business aligned integrated cyber focused programmatic response to:

 The need for resilience focussing on lowering risk

 A need to move more services to the cloud

 A dramatically expanding attack surface, with an emphasis on the remote user

 Increase in working from home, with less control on the physical environment

 Increase in use of shared and personal devices

 More corporate critical assets and data residing in the public cloud

 Inability to define the infrastructure in traditional terms

 Reliance on third parties within the supply chain

 And other….

The business model has evolved quickly, with the cybersecurity program playing catch up.

The goal of this talk is to discuss techniques that the CISO can use to:

 Promote a cyber culture;

 Remain business aligned, focused on resilience;

 Respond to the realities of the environment that COVID-19 has thrust upon us;

 Focus on moving to a new normal which is not yet defined.

Intended outcome of this talk is for the attendees to leave the session with practical advice to

help them build a comprehensive CYBER security program for today and the future.

Please join my meeting from your computer, tablet or smartphone.

https://global.gotomeeting.com/join/442512765

You can also dial in using your phone.

(For supported devices, tap a one-touch number below to join instantly.)

Canada (Toll Free): 1 888 455 1389

- One-touch: tel:+18884551389,,442512765#

Canada: +1 (647) 497-9391

- One-touch: tel:+16474979391,,442512765#

Access Code: 442-512-765

More phone numbers:

(For supported devices, tap a one-touch number below to join instantly.)

United States (Toll Free): 1 877 309 2073

- One-touch: tel:+18773092073,,442512765#

United States: +1 (571) 317-3129

- One-touch: tel:+15713173129,,442512765#

Join from a video-conferencing room or system.

Dial in or type: 67.217.95.2 or inroomlink.goto.com

Meeting ID: 442 512 765

Or dial directly: This email address is being protected from spambots. You need JavaScript enabled to view it..2 or 67.217.95.2##442512765

New to GoToMeeting? Get the app now and be ready when your first meeting starts: https://global.gotomeeting.com/install/442512765

Speaker Bio:

Michael Doucet - Executive Director
Executive Advisory, Office of the CISO

Michael Doucet brings more than 30 years of cyber security and information management leadership experience to his current role. As an executive director, executive advisory in the Office of the CISO at Optiv, Doucet uses his past and present experiences to assist public and private enterprises plan, create and execute security strategies. Doucet uses his vast information security expertise to lead organizations toward a proactive approach to threat intelligence, third party risk management, governance and compliance, and incident management.

As a subject matter expert in cyber security and information management, Doucet’s broad business, operational knowledge spans multiple disciplines including change management, IT service continuity management, capacity management, availability management, service-level management, service asset and configuration management, information security management, defense in depth, incident management, vulnerability management, and policy and standard development.

Prior to Optiv, Doucet built, managed and oversaw program, security, and technology initiatives in the Canadian Federal Government. As the executive director of the Security Intelligence Review Committee (SIRC), Doucet independently reviews the Canadian Security Intelligence Service (CSIS) on operations and complaints accountable to the Canadian Parliament in matters of Canadian national security. He previously was responsible as the chief technology officer (CTO) and then chief information officer (CIO) for the Royal Canadian Mounted Police (RCMP). Prior to leading the RCMP in information management, Doucet was the CIO/director general of the Information Management Services Branch at Correctional Service Canada. Doucet has also worked with the Communications Security Establishment of Canada (CSEC) where he represented Canada as CSEC’s senior cryptologic liaison officer to the National Security Agency (NSA).

PAM: Then and now

Privileged Account Management has come a long way since its inception nearly twenty years ago. While the key concepts remain the same,  improvements in technology have significantly increased the effectiveness and scope of their controls. In this presentation, we will have a look at how far Privileged Account Management has come, and what’s in store next for this critical area of focus for organizations big and small.  

Please join my meeting from your computer, tablet or smartphone.

https://global.gotomeeting.com/join/515072029

You can also dial in using your phone.

(For supported devices, tap a one-touch number below to join instantly.)

Canada (Toll Free): 1 888 299 1889

- One-touch: tel:+18882991889,,515072029#

Canada: +1 (647) 497-9373

- One-touch: tel:+16474979373,,515072029#

Access Code: 515-072-029

More phone numbers:

(For supported devices, tap a one-touch number below to join instantly.)

United States (Toll Free): 1 866 899 4679

- One-touch: tel:+18668994679,,515072029#

United States: +1 (571) 317-3116

- One-touch: tel:+15713173116,,515072029#

Join from a video-conferencing room or system.

Dial in or type: 67.217.95.2 or inroomlink.goto.com

Meeting ID: 515 072 029

Or dial directly: This email address is being protected from spambots. You need JavaScript enabled to view it..2 or 67.217.95.2##515072029

Speaker Bio

Duncan is a solutions engineer at CyberArk, and joins us from Ottawa. Duncan has a background in security solution architecture, and has been with CyberArk for three years, with a focus on federal and enterprise accounts across Canada.

Topic:  Attacking & Defending Active Directory Workshop

How do you defend Active Directory, aka the “keys to the kingdom,” if you don’t know where the attacks are coming from? Hackers constantly find new ways to break into AD. And once inside, they’re increasingly adept at covering their tracks to silently create backdoors and establish persistent privileged access.

In this workshop, we’ll demonstrate real-world attacks that are frequently used against AD, including credential theft, Kerberos-based attacks, Group Policy-based attacks, and ACL attacks.

During this workshop, we’ll play out both perspectives:  the attacker and defender.  This is a red vs blue standoff, so don’t expect a bunch of slideware.  We’ll show:

Ways that hackers can exploit AD in every stage of the cyber kill chain

Common AD hacking and discovery tools such as Mimikatz, PowerSploit, and BloodHound

Proactive steps to identify vulnerabilities in your AD configuration

Strategies to harden your AD so that hackers don’t have an easy path to Domain Admins

Agenda

11:30-11:50 setup and test,

11:55 SPIE Announcements,

12:00 Speaker Presentation

───────────────────────────────────────────────

Please join my meeting from your computer, tablet or smartphone.

 https://global.gotomeeting.com/join/341772605

You can also dial in using your phone.

(For supported devices, tap a one-touch number below to join instantly.)

Canada (Toll Free): 1 888 455 1389

One-touch: tel:+18884551389,,341772605#

Canada: +1 (647) 497-9391

One-touch: tel:+16474979391,,341772605#

Access Code: 341-772-605

 More phone numbers:

(For supported devices, tap a one-touch number below to join instantly.)

 United States (Toll Free): 1 877 309 2073

One-touch: tel:+18773092073,,341772605#

United States: +1 (571) 317-3129

One-touch: tel:+15713173129,,341772605#

Join from a video-conferencing room or system.

Dial in or type: 67.217.95.2 or inroomlink.goto.com

Meeting ID: 341 772 605

Or dial directly: This email address is being protected from spambots. You need JavaScript enabled to view it..2 or 67.217.95.2##341772605 

Presenter:  Darren Mar-Elia, VP of Products, Semperis

A 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. Prior to launching SDM, Darren held senior infrastructure architecture roles in Fortune 500 companies and was also the CTO of Quest Software. As a Microsoft MVP, Darren has contributed to numerous publications on Windows networks, Active Directory and Group Policy, and was a Contributing Editor for Windows IT Pro Magazine for 20 years.

Defending against the modern dynamic attacker requires a pivot towards proactive security practices. Using Mitre ATT&CK Framework and automations learn how to better understand your attacker and validate the efficacy of your security tools.

Security Service Innovation Lead, Jamie McMurray from Mobia will cover:

·         The challenge of security tool efficacy and seeking new budget/change

·         Aligning security practices with repeatable DevSecOps process

·         Mitre ATT&CK Framework Overview

·         Estimating expected detection capability using Splunk and AttackDatamap

·         Understand your adversary using Mitre ATT&CK Navigator

·         Testing security tools against Mitre ATT&CK Framework using Red Canary's Atomic Red Team

·         Visualizing and Identifying gaps in detection using Mitre ATT&CK Navigator

·         Using automation tools to help reduce the overhead (Vagrant, Ansible, Terraform, and Splunk Attack Range)

Join Zoom Meeting
https://zoom.us/j/93101834991?pwd=OFFvRlNkZEpTcThwcFpTeFBPUkhPUT09

Meeting ID: 931 0183 4991
Passcode: 156479
One tap mobile
+16473744685,,93101834991#,,,,*156479# Canada
+16475580588,,93101834991#,,,,*156479# Canada

Dial by your location
        +1 647 374 4685 Canada
        +1 647 558 0588 Canada
        +1 778 907 2071 Canada
        +1 204 272 7920 Canada
        +1 438 809 7799 Canada
        +1 587 328 1099 Canada
Meeting ID: 931 0183 4991
Passcode: 156479
Find your local number: https://zoom.us/u/adglo5G8P5

About our speaker 

Jamie McMurray is the Security Services Innovation Lead and Member of the Office of the CTO for Mobia Innovations. He has a background is software development, coupled with 15 years of experience as an Independent Security Consultant, Security Operations Lead and Professional Services Engineer.  Having experienced security from both an operations and delivery perspective, Jamie brings his unique insights to Mobia’s Security Services practice. His focus is on creating high-value low-footprint automated delivery (IaC) and tools development for modern security teams.

The current OT cyber security landscape sees common trends such as increased cyber risk, growing pressure from corporate and regulatory bodies to implement security programs, and an influx of IT teams muscling their way into OT in OT cyber security practice. These trends put pressure on OT practitioners to accelerate their use of technology and find innovative ways to scale solutions across multiple assets and sites. Managed by a scarce, often remote, support team while balancing the use of IT tools in an OT-safe process, it’s time to find a better way.

This familiar scenario led a number of operational entities to employ a new approach to OT cyber security called “Think Globally, Act Locally.” It provides multiple benefits to the operating company such as:

Reducing redundancies of people, process and technology

Oversight by key OT staff to ensure safe operations

Granular insight and control in the identification and application of compensating controls when patching is not possible

Bridging and leveraging the best of both IT skills and OT insight

Providing operators with a way to take action as opposed to just alerting

Join Rick Kaun, VP Solutions of Verve Industrial, as he provides insight into what the “Think Globally, Act Locally” approach is, a real-world case study example, and suggestions for adopting the framework at your organization.

 https://vimeo.com/683076339 

Speaker Bio

Rick Kaun - VP Solutions, Verve Industrial Protection

Rick Kaun has nearly 20 years of experience in IT and security. He has provided varying levels of consulting projects to a wide range of clients in multiple industries including oil and gas, refining, mining, power, pulp, and paper as well as a handful of discrete manufacturing industries. As the former chair for the NPRA cybersecurity committee, or as a contributing member to the Control System Security Working Group, Rick always approaches engagements with an eye towards building a scalable, cost-effective and manageable solution. Because security is a program that requires constant attention, collaboration, and innovation, Rick strongly believes in the need for cooperation, creative thinking, and a consistent focus in order to drive results.

Zero Trust is becoming an essential component of every company’s #cybersecurity strategy. Listen as #Fortinet's Sean Weiss discusses five key items you need to know to successfully implement #ZeroTrust policy.

Sean Weiss

Sean Weiss is a Systems Engineering Manager with Fortinet Canada, where he manages a group of Systems Engineers responsible for advising and consulting with solutions partners and customers on mission critical security issues such as satisfying compliance, mitigating risk, protecting digital assets and advanced threat protection. After serving in the military, Sean graduated from Mount Royal in 1994 in Criminology and has over 20 years of experience in the cybersecurity and networking industry. Sean’s experience also includes having worked for other technology organizations such as MRV, Hewlett-Packard and McAfee. When not playing or coaching soccer, ATV’ing in the Rockies or hiking with his two young daughters, Sean can be found buried in books where he spends far too much time pursuing his love of teaching and learning all things security and networking and is currently taking his Executive MBA.

Join us to learn more and apply these essential concepts to your organization.

Register Here: 

IN PERSON SESSION - LUNCH INCLUDED! 

Session Description

Steve Biswanger believes it is time to rethink how we protect and leverage OT systems. Traditionally critical infrastructure and operational technology (OT) environments have been separated from IT environments for security. This solves the security problem, but creates significant business challenges as we evolve to data driven organizations. We don't separate critical IT systems this way: HR or Finance don’t have separate environments for their systems. What can we learn from the IT environments to improve our OT environments.  

Changes to critical systems usually take a long time, so can we wait to evolve - or is it time for a design revolution? Steve proposes a three step plan to go from segregated SCADA OT, to an OT revolution that unlocks critical data for the new world.

Guest Speaker - Steve Biswanger - VP & CISO (ATCO)

Steve Biswanger’s career has focused on cybersecurity for over 25 years. Working with large consulting companies and boutique cybersecurity firms around the world he has improved security for organizations like Verizon, Google, Yahoo! and the United Nations in industries such as online Casinos, Japanese Banking, Oil & Gas and Telecommunications. A deep technical background combined with a passion for practical governance is a unique combination that allows him to translate risks and requirements from both perspectives. His current role as CISO for ATCO puts him on the leading edge of risk management for the global infrastructure and logistics company. Steve is also Past President of the CISO Division of the CIO Association of Canada where he fosters an environment of information sharing and helps prepare the next generation of cybersecurity executives to be successful.

One thing that has been true throughout his career, It’s not about security. It’s about trust.

SPIE looks forward to our first in-person and interactive session of 2022 on this thought provoking topic on Thursday, April 21^st.

Why Securing Active Directory Matters..23 Years Later

A Look to the Past for the Future of Cybersecurity