Sessions | 2019
I'm a paragraph. Click here to add your own text and edit me. It’s easy. Just click “Edit Text” or double click me to add your own content and make changes to the font. I’m a great place for you to tell a story and let your users know a little more about you.
ONE DOES NOT SIMPLY... PROTECT PRIVACY
CAT COODE (BINARY TATTOO)
How every team member has a role to play in protecting precious data.
Security protects your company but it's privacy that protects the individual and their data. From privacy regulations and engineering, to incident response management, everyone in your company has a role to play. Get a better understanding about why putting privacy first matters, and how working together as a fellowship helps mitigate risk.
"Even the very wise do not see all ends." - Gandalf
DEFEATING INSIDER ATTACKS BY DESIGN
SUBIR BISWAS (MCAFEE)
While an exhaustive protection against an insider attacker is next to impossible, we propose a set of proactive measures for the “design and architecture” phase of a software product, that could significantly reduce the attack surface for a potential insider attack later in the production.
DETECTING ACTIVE THREATS IN CLOUD ENVIRONMENTS
JACOB GRANT (ESENTIRE) &
KURTIS ARMOUR (ESENTIRE)
Cloud adoption rates are increasing. Cloud represents an incredible opportunity for companies to scale and innovate, but it also introduces a new attack surface that is hard to secure, let alone monitor. This talk will review some effective monitoring and detection methods for use in the cloud.
GEO-POLITICS AND THE CANADIAN NATIONAL SECURITY POSTURE
AARON SHULL (CIGI)
The international legal rules governing cyber war and espionage are broken; they were written at time before there were computers. Adversaries are taking advantage of this, but Canada is responding. This talk will outline the big trends, Canada’s response, and ways that we can move forward.
HARDWARE SECURITY BINGO
JEREMY BOONE (NCC GROUP)
This talk will cover the most common classes of vulnerabilities that frequently affect embedded devices. It will be centered around a “Hardware Security Bingo” game and is presented as a series of brief and educational case studies, demonstrating real world examples of device vulnerabilities.
ONE YEAR AT A STARTUP
SEAN HOWARD (ROADMUNK)
Looking at challenges of working as the first security hire at a mature startup. Tackling challenges around getting the basics dealt with, dealing with regulation and compliance, as well as culture. With a focus on interteam definitions of these problems.
SURVIVING RANSOMWARE: THE FIRST 48
HANS STUDY (LAYER0 SECURITY INC.)
When ransomware strikes most organizations are unprepared. This talk will take you through the first 48 hours of a ransomware attack from detection to remediation, pulling from real-world incidents and giving tips and tricks on navigating both the technical and regulatory/legal hurdles before you.
THREAT HUNTING AND INTELLIGENCE - A SYNERGY
ADRIAN CHEEK (DELOITTE) &
HYEJOONG KIM (DELOITTE)
Most companies have an IT team they also assume they provide the intelligence, poke around for holes and threats and also run the company infrastructure leading to cut corners, tunnel vision, and ultimately, the worst-case scenario. Intelligence & Hunting fills this gap and adds context to content.