Sessions

Nous sommes ravis de présenter nos invités pour les sessions du GoSec 2021. Comme vous le verrez-ci-dessous, nous avons une grande sélection d’experts et de spécialistes de l’industrie qui s’exprimeront sur un large éventail de sujets, notamment l’audit et la gouvernance, la gestion des risques, la recherche et la sécurité opérationnelle.

Inscrivez-vous au GoSec et vous aurez accès à toutes ces sessions. Revenez souvent pour consulter les mises à jours en cours.

Keynotes

Focusing On The Sophistication Of Recent Attacks Only Gives Us Half The Picture

The last 24 months have seen a significant escalation in the complexity and frequency of attacks launched by cybercriminals. However that’s not the elephant in the room. In this talk I am going to cover the obvious, the unremarkable and the ugly: The things we aren’t talking about – but which we need to – in order to actually start getting ahead of the cybercriminals.

Marc Rogers

Marc Rogers

Vice-Président de la Cybersécurité chez Okta

Never Waste a Crisis

For cyber security leaders and professionals, 2020 has been an unprecedented year on many fronts. As we begin to see an end to the pandemic crisis, the cyber security threat is continuing to proliferate. The challenge for us now is to ensure we leverage this crisis, and recent events, to help us advance our mission.

Moshe Toledano

Moshe Toledano

Directeur Cybersécurité d’entreprise au Groupe Technologies de l’information et des communications chez Hydro Québec

Ransomware, Nation State and Supply Chain Attacks

The attack on IT management software firm, Kaseya, combined two of 2021’s most notorious cyber-attack trends—supply chain attacks and ransomware. At least 1,000 businesses are said to have been affected by the attack, with victims identified in at least 17 countries. As a matter of fact, Check Point Research team found that average number of ransomware attacks increase by 93% in the last 12 months. It wasn’t that long ago that ransomware didn’t even exist. How did we get to this point? And is there any way to stop this most popular trend in cybercrime, before it’s too late? Join this session where Dr. Dorit Dor (PhD) Chief Products Officer at Check Point will provide more insights on the Ransomware phenomena and discuss how organizations can remain protected against this growing global trend.

Dr. Dorit Dor

Dr. Dorit Dor

Vice-présidente, Produits chez Check Point Software Technologies

Moti Sagey

Moti Sagey

Chef Évangéliste, Vice-Président marketing stratégique chez Check Point Software Technologies

Zero Trust Enables…Business Value?

We all know that Zero Trust has value in terms of technical security, but what about its impact on the bottom line? After all, given Zero Trust involves organizational and process changes—as well as addresses the new White House cybersecurity executive order—it’s easy to view it only as a necessary expense. Join Brad Doctor as he leads an exploration into how he and his team discovered and unlocked Zero Trust’s surprising little secret—it offers tremendous business value! By articulating a solid business case with a clear vision and strategy, your team can accelerate Zero Trust adoption and ensure your company is more competitive than ever.

Brad Doctor

Brad Doctor

Responsable - Ingénierie et architecture de sécurité chez VMware

Conférence spéciale

Lancement du Programme d’innovation en cybersécurité du Québec avec invité spécial – Bruce Schneier

CONFÉRENCE SPÉCIALE avec BRUCE SCHNEIER. À l’occasion du lancement du nouveau Programme québécois d’innovation en cybersécurité (PQC), Prompt présente une conférence spéciale – et virtuelle – avec la figure mondiale de la cybersécurité, Bruce Schneier.

Bruce Schneier est un spécialiste en sécurité informatique, crypotologue et écrivain américain. Surnommé « le gourou de la sécurité » par The Economist, M. Schneier compte plus de 14 livres et des centaines d’articles, d’essais et de revues universitaires en plus d’animer un blog « Schneier on Security » suivi par plus de 250 000 personnes. Ses thèmes de prédilection : la cybersécurité, ses enjeux pour les entreprises, les États et les individus.

Bruce Schneier est Fellow du Berkman Center for Internet and Society à l’Université Harvard et Fellow du Belfer Center à Harvard’s Kennedy School of Government. Il est aussi membre du conseil d’administration de la Fondation Electronic Frontier et responsable en chef de la technologie et conseiller spécial pour IBM – Resilient Systems. Dans un format de conférence dynamique, M. Schneier répondra aux questions des intervenants de l’écosystème québécois. Un genre d’événement à ne pas manquer!

Conférencière : Frederic Bove

Directeur général chez Prompt

Mercredi 22 septembre 2021 de 9.00 AM (EDT)

Sessions

3 Essentials for Automating Security Across Hybrid Cloud

Today’s networks are expanding beyond on-prem to include cloud and hybrid deployments. While enterprises seek to balance agility and security, they are also faced with skills shortages and the need to work with the technology of multiple vendors. Automation is key to addressing these challenges while offering cloud, network and security teams the ability to drive efficiencies and reduce risk across their heterogenous environment. Join us to understand the essentials for automating security without compromise. During this discussion we’ll discuss:
• How to gain visibility and control of security policies across hybrid clouds;
• The role of automation in meeting business and compliance requirements; and
• Strategies for bridging skills gaps while balancing security and agility.”

Sattwik Gavli

Sattwik Gavli

Directeur des produits Cloud, Tufin

A Proven Non-disruptive Network Segmentation Solution: Achieving a Mature Cybersecurity Model

To address your multi-domain, multi-use case security scenarios, you are required to be agile if you want to be Cyber resilient. Your business must meet compliance obligations towards Cyber Risks. In today’s ever evolving digital world, how will you:

  • Achieve a near-real time visibility over what is connected to, beyond the users and your IAM control?
  • Eliminate disparate device access policies?
  • Address the Zero Trust security framework?

Join Forescout for this presentation that will cover those complex questions. Forescout helps organizations of all size in implementing a more mature Cybersecurity model that prevents lateral threat propagation within your environment.

Key takeaways you will get attending this presentation:

  1. Identify the baseline communication and attack surface, using real-time traffic of any “thing”.
  2. Map data flows and system interdependencies.
  3. Determine least privilege access leveraging user and device security context.
  4. The recipe for non-disruptive segmentation at every level: EDR, Switch, WLC, VPN, Firewalls, hypervisors and Cloud.
Jon Brown

Jon Brown

Ventes - segmentation de réseaux chez Forescout Technologies Inc.

Burnout : The Threat to Security Teams

Did you notice a shift in your mental health and/or your colleagues? Burnout was at an all time last year due to the surreal 2020. As we approach the end of the pandemic, we recognize how critical mental health plays when accomplishing goals and productivity output. This talk dives into the factors that lead to burnout among security professionals, the clear line between burnout and failure to retain team members, and how to invest in your team to make sure your team is able to thrive during stressful times.

Chloé Messdaghi

Chloé Messdaghi

Récipiendaire du prix changemaker et cofondatrice de We Open Tech

Change Your Perspective: View Your Network Like a Hacker

We all spend a lot of time and a lot of money trying to manage risk. We buy firewalls and NDR and EDR and maybe even XDR, and we buy a SIEM to pull all the logs together into one place we can’t keep up with. We run Vulnerability Assessments and get thousand-page reports on things we probably don’t have time to fix. We pay penetration testing companies a small fortune to find the holes in our network we really thought we’d closed. We hire as many SecOps staff and security analysts as we can afford, and we try to keep them long enough to get something done before they move on. Then we sit back and look at the logs of all the stuff we’re blocking, and we wonder: What are we missing? What aren’t we seeing? Hackers can be in the network for weeks or months without detection – are they here now? All these headline breaches – they all deployed similar security technology and staff. If they got hacked, why won’t I? At the end of the day, am I safer than I was yesterday? Last month? Last year? Well, now there’s a better way. What if you could see your network the way an attacker sees it? And what if you could do that every day, and find and prioritize every security gap in your network in real time? With Breach and Attack Simulation, you can do just that. Join us for this webinar and learn how.

Scott Register

Scott Register

Vice Président, Solutions de sécurité, Keysight Technologies

Come to the Dark Side

Come to the dark side! Charity Wright, a former NSA analyst and current Cyber Threat Intelligence Expert at Recorded Future will take you on a tour of the dark web, busting myths and explaining how you can collect and analyze pertinent intelligence from the dark web to neutralize threats at the earliest stages of the cyber kill chain. This session will take you on a guided tour of some of the hottest underground markets and forums where cybercriminals plan their attacks. See the most popular use cases for intelligence to protect your companies and learn how to implement dark web cyber threat intelligence into your current security program.

Charity Wright

Charity Wright

Cyber Threat Intelligence, Recorded Future

Continuous Reconnaissance Approaches to Reduce External Risk

In today’s post-COVID rapidly changing IT landscape, organizations struggle to keep track of their evolving digital footprint. Employees and consultants use an increasing number of known and unknown public cloud platforms, especially with the growing work-from-home trends, and rely on collaborative websites to share information and data. Malicious actors use advanced techniques to monitor for human errors and quickly take action on potential vulnerabilities. External-based continuous reconnaissance approaches provide modern ways for organizations to understand their security posture in real-time and identify imminent threats and critical issues, all from an attacker’s perspective. In this talk, we go over tools, techniques and processes to leverage this intelligence to better plan and execute defensive security strategies.

Yohan Trépanier Montpetit

Yohan Trépanier Montpetit

Chef de Produit, Flare systems

Cybersecurity Evolution / Cost Reduction Paradox

It is no secret that cybersecurity is an ever-evolving field, that attracts the brightest minds, both on offense and defense. In this session, Ajay will take us through the current state of the industry, what lead us here, and where we may be going.

Ajay K. Sood

Ajay K. Sood

Directeur des ventes - Canada

Cyberstorage: Stopping Ransomware at the Heart of the Enterprise

The bad guys don’t steal the network – they steal the data – and for nearly the last three decades organizations have been accumulating petabytes of data on unprotected and unsecured storage systems. Cyberstorage, a new market category defined by Gartner, defines the criteria for modernizing 90s unstructured storage technology to defend against modern threats. This talk introduces the concepts of Cyberstorage, and how a team of ex-NSA cyber dudes took a new perspective to solving one of the most complicated data security problems.

Eric Bednash

Eric Bednash

Co-fondateur et CEO RackTop Systems

Deconstructing Your Privileged Attack Surface

For years, Identity and security teams have been challenged with gaining visibility into and managing privileged access sprawl in their organization. Even today, there is no easy or cost-effective way for IT business and technical executives to manage and reduce this privileged access attack surface in systems. The bad guys need to obtain access to just one of these hidden or unknown admin accounts to move laterally from one compromised system to another to access the crown jewels of a company and cause financial damage. Attend this webinar to learn:

  • Market trends in privileged access
  • The challenges of growing privileged attack surface
  • Best practices for managing your privileged access risk
Sam Kumarsamy

Sam Kumarsamy

Directeur principal et chef de produit marketing

Executive Exposure: The Not-So-Secret Backdoor into your Organization

Enterprise leadership and high-profile employees are frequent targets of threat actors aiming to exfiltrate data, commit fraud, take over their accounts, disseminate false information, or impersonate them. Such forms of malicious exploitation often lead to initial compromise, can facilitate costly ransomware attacks, and ultimately result in serious operational, financial, and reputational consequences.

ZeroFox discusses several real-world examples of targeting, and through use cases, will highlight the benefits of an intelligence-based security program to reduce your exposure in a world of finite resources, active dark web actors, and a rapidly evolving threat landscape.

Olga Polishchuk

Olga Polishchuk

Directeur principal, Analytique et enquêtes, ZeroFox

Lewis Shields

Lewis Shields

Analyste des cybermenaces, ZeroFox

Finding the weakness: introduction of leakware as ransomware’s adaptation to countermeasures

There is a constant race between the introduction to cybersecurity practices and attack adaptation to surpass these countermeasures. As public and private organizations grow more resilient and implement measures to limit an attack’s impact, ransomware is also evolving to bypass these new countermeasures. Leakware is a type of ransomware whereby extortion is based on releasing the victims’ data if they do not pay instead of not decrypting the data. Consequentially, cyber-resilient countermeasures such as offline backups, reverse engineering or file recovery services are ineffective in avoiding paying the ransom and still be able to have the files back. The leakware extortion is set so that a payment is incited due to values of data remaining confidential. This presentation aims to offer an overview of ransomware attacks’ transformation since 2013, and how leakware became an adaptation to countermeasures set against ransomware. We will discuss the potential impacts of leakware on organizations. We will conclude with a short presentation on what future countermeasure could be used to limit the risk of leakware. This presentation will contribute to a better understanding of how and why adaptation occurs and why cybersecurity practices must also change with the trends.

Vicky Desjardins

Vicky Desjardins

Candidate au doctorat en criminologie de Université de Montréal

Gouvernance d’un programme de tests de sécurité en entreprise

La rareté des ressources est souvent un obstacle à la mise en place d’un programme complet de sécurité en entreprise. Cette présentation vise à expliquer comment construire un programme de test d’intrusion en entreprise, quels sont les défis pour recruter et conserver le talent, quelles sont les règles d’engagements à mettre en place et comment favoriser une culture organisationnelle de sécurité basée sur la confiance et la collaboration. À la fin de la présentation, l’audience devrait avoir une meilleure compréhension des stratégies de tests en entreprise, de la rétention et la mise en place d’une équipe de sécurité.

Laurent Desaulniers

Laurent Desaulniers

Directeur de l’équipe de test de pénétration chez GoSecure

How businesses should think about their cybersecurity investments?

It is no secret that the requests for cybersecurity investments are constantly increasing. Businesses have complicated technology environments, complex business models and relentless regulatory and consumer demands. How should business owners approach innovation while also extracting value from their cybersecurity investments? Shamla will share her practitioner experience on this topic while offering us a constructive approach to make these decisions.

Shamla Naidoo

Shamla Naidoo

Chef de la sécurité de l’information, responsable des stratégies Cloud chez Netskope

How To Achieve Better Endpoint Management with the Proper Remote Connection Tool

Endpoint management without a specialized tool can be error-prone and become quite costly due to lost productivity. With the right tool, you can quickly discover endpoints and easily import them from multiple sources. It will also provide you with a rich credential management layer to obtain credentials “just-in-time” while automatically injecting them upon launching your chosen remote access protocol. This session will showcase Remote Desktop Manager’s versatility while also demonstrating the increased gain in productivity without compromising the highest standards in security.

Maurice Côté

Maurice Côté

Vice-président, Solutions d’affaires

How to increase SOC efficiency with automatic incident detection and response

The challenge of wading through billions of security events that constantly change in scope and nature is increasingly difficult. SOC analysts are faced with an overabundance of false positives and lack the tools to achieve results in required time frames. Attend this session to learn how LogPoint SOAR helps your team autonomously build investigations and accelerate response to threats to your infrastructure.

Doron Davidson

Doron Davidson

Vice-Président Services Globaux, LogPoint

Improving Data Lake Security

Data lakes are a strategy for data storage that has received a lot of hype of late. The term has been used to describe any storage repository that holds a vast amount of raw data in its native format until it is needed. Ron can explain why security, compliance and privacy are the biggest “threats” to everyone’s Data Lake projects and how leaders are addressing these needs. He can speak to the fact that the hardest challenges today for big data projects, data lakes and especially data lakes o the cloud are good security controls, addressing privacy and compliance requirements etc., what to do about it, and what are the world’s best organizations doing in the field.

Ron Bennatan

Ron Bennatan

Premier vice-président et directeur général, Sécurité des données, Imperva

IoT as the New Identity: 6 Game Changing Principles for Proper Control and Transformation of Your Things Environment

Congratulations on your new Identity! Along with your consumer and workforce users, you now have another identity to welcome to the family. I’m sure you have big plans for it…or do you? While you may have thought of your IoT as just a bunch of edge or infrastructure devices, not managing these “things” as full-fledged identities of your organization may mean missed opportunities and lost revenue. In this session, you’ll learn: Why is too much emphasis being placed on securing these devices and not enough on how they can serve the strategic interests of your organization? What are the best practices of managing IoT as identities? The benefits of tying together relationships between your device and human. Join ForgeRock’s Jeff Carpenter, CISSP, CCSP, in this informative and somewhat entertaining discussion of all things Internet of Things.

Jeff Carpenter

Jeff Carpenter

Responsable marketing produits - IAM, IoT & Directory Services

IR Playbooks – A New Open Source Resource

I often hear that Playbooks can’t be shared because they are org specific. I strongly believe this is not true. In most organisations I’ve worked with the exact same steps are taken when a specific security event occurs. When a malware is identified, almost everyone will at some point check the hash on VirusTotal. In this talk I will present a “new” format of Playbook based on workflow and markdown files. I will also share a Git repo to find more playbooks to get your IR Program started.

Mathieu Saulnier

Mathieu Saulnier

Mentor pour le Defcon’s Blue Team Village

Malicious Masquerade: Preventing Account Takeover Attacks

Account takeovers (ATOs), in which criminals impersonate legitimate account owners to take control of an account, cost businesses time, money and often, their reputations. In addition to credential stuffing, criminals are making bots more sophisticated and using human “CAPTCHA farms” to be more effective at account takeovers. Discover the techniques cybercriminals are using to steal sensitive data and how their tactics are evolving. Learn the multiple security capabilities that may counter ATO attempts during each stage of the bot kill chain. The speaker will explain the economics of these malicious activities and how to prevent your own company’s data from being compromised.

Aparna Rayasam

Aparna Rayasam

Vice-présidente principale et directrice générale, Sécurité des applications

Meeting the Challenges of a Multicloud World – Privileged Access & Identities

Today, most organizations aren’t merely in the cloud—they’re in many clouds (PaaS, IaaS), and their end users regularly consume dozens, or even hundreds, of different SaaS applications. The great cloud migration is enabling the successes of increased remote working and is propelling a renewed embrace of digital transformation initiatives. Yet, more clouds can also mean more challenges. In addition to the fundamental cloud security issues, there’s the additional complexity and interoperability issues arising from siloed identity stores, native toolsets, and conflicting shared responsibility models between cloud providers. This creates an expanded attack surface that is attractive to threat actors seeking ways into your environment. The identity challenge is the most important security problem for organizations to solve across cloud and on-premises environments. This is best accomplished by standardizing the management and security controls across the entire IT ecosystem.

Chris Hills

Chris Hills

CTO adjoint et CISO, BeyondTrust

Mieux vaut prévenir ET guérir : l’impact d’une posture de cyber-résilience sur la réaction du public à la suite d’un vol de données chez les entreprises

Les recherches montrent que les clients ne prennent guère de mesures pour se protéger des crimes qui peuvent découler d’une brèche de renseignements confidentiels au sein d’une entreprise. Plutôt, ils considèrent que la firme — hébergeuse de leurs informations personnelles — à la responsabilité absolue en matière de l’intégrité continue de leurs données. Les commerces qui manquent de protéger adéquatement les informations clients risquent en revanche de subir des torts réputationnels ruineux. Cela dit, peu de travaux explicatifs sont effectués sur la résilience des entreprises face à la réaction négative du public après un vol de données. Ainsi, une étude expérimentale basée sur des vignettes de cas a été menée à l’aide du modèle de la victime « idéale ». Les mises en situation illustrent : (1) une entreprise victime décrite comme ayant une forte posture de cyber-résilience ; (2) une entreprise victime décrite comme ayant une faible posture de cyber-résilience. Sept cent quatre-vingt-douze participants ont été aléatoirement affectés à l’une des deux conditions expérimentales principales. Les résultats révèlent que, comparativement à une faible posture de cyber-résilience, une bonne posture de cyber-résilience minimise les attitudes négatives des clients et favorise leurs comportements positifs vis-à-vis la firme victime. De même, plus qu’une personne a des attitudes négatives à l’égard de l’entreprise, moins elle se comporte favorablement à son égard. À la lumière de ces résultats, la cyber-résilience, qui a principalement fait l’objet d’une attention conceptuelle, acquiert un fondement empirique. Par ailleurs, ce projet de recherche contribue plus généralement au développement de la victimologie des entreprises.

Traian Toma

Traian Toma

Candidat à la maîtrise en criminologie de Université de Montréal

Preparing Your Organization for a Post-quantum World

Preparing Your Organization for a Post-quantum World With the rise of quantum computing, the cybersecurity community now faces the prospects of migrating public key cryptography to new standards — an undertaking that many agree will be complex given its massive scale. In this session, we will discuss the motivations and timeline of this coming change and key issues to watch for in the evolution of scaled quantum computing. We’ll also talk about the new post-quantum cryptography algorithms and how your organization can prepare itself for what’s to come. This includes an industry-wide call for cryptographic agility in the systems we develop and deploy.

David Ott

David Ott

Chercheur principal et directeur du programme universitaire chez VMware Research

Rise of Secure Access Service Edge (SASE)

Secure access service edge has quickly emerged as a hot topic in cybersecurity, but what exactly does it mean and why should organizations care? As cloud migration, BYOD adoption, and remote work have skyrocketed in prevalence, it has become increasingly apparent that organizations need to think differently about security. While legacy tools like firewalls are no longer equipped to handle the modern IT ecosystem, SASE platforms like Bitglass are built for this exact moment. In this presentation, you will learn: The core components of a SASE platform like Bitglass. The functionality you need to secure cloud, web, and remote access use cases. Architectural considerations you should keep in mind when comparing SASE vendors. SEED QUESTIONS: How do I determine where to begin my SASE and digital transformation journey? How do I justify the cost of SASE?

Jonathan Andresen

Jonathan Andresen

Directeur principal, marketing et Produits, Bitglass

Security Doesn’t Live on Paper — An Interactive Crisis Simulation

When the worst happens not even the best incident response plans can account for the human element. You might know how your tech will work under pressure but what about you and your people? In this interactive session, you’ll use your decision-making skills to find the threat and manage the growing crisis.

Join this session to:

  • See the real time impact of the human element in crisis management and response
  • Gain a greater understanding of how decisions in a threat scenario have a business-wide impact
  • Discover how to strengthen your organization on both sides of “the boom”, so it’s as ready before the impact as it is after it
Jake Alosco

Jake Alosco

Directeur principal des canaux de ventes à Immersive Labs

Jeffrey Wu

Jeffrey Wu

Ingénieur Commercial, Immersive Labs

Security from day 1: Lessons, tools and tips from the land of the greenfield

Many of us have wished to start from scratch when trying to implement security in an organization. For some of us, it can become a reality through working for a new company or project, but the reality is, nothing is ever a true green field. Partners, compliance, vendors, getting to market and conflicting priorities can make it sound difficult to implement security in a brand new startup, but it is possible. In this talk, you will learn how you can implement a security program as early as possible in the life of a startup, by taking advantage of some of the benefits that come with being small and agile, as well as having tools that are easier to configure than most “enterprise” solutions and focusing on a cloud-first architecture.

Guillaume Ross

Guillaume Ross

Chef de la Sécurité à Finaptic

SOAR Beyond the SOC

SOAR has traditionally been the purview of larger enterprises with SOC teams. However, with the recent world disruptions, cybersecurity teams are leveraging automation to ease transition, streamline processes, and ensure their companies and employees are secured. Security automation has risen to the forefront as the “glue” that can orchestrate silos of people, tools and processes and we believe that more security teams can, and should, take advantage of the benefits of automation. In this session, we will cover the drivers for security automation, and show how SOAR can be just as easily applied to many areas outside of the SOC to help security teams of various sizes better cope with the new “normal” of work. We will explore different areas of security, with real-world automation use cases, as well as share experiences of how our own Palo Alto Networks security teams and our customers have leveraged automation to great effect for their teams.

Mark Allen

Mark Allen

Ingénieur Système - Palo Alto Networks

Taking our head out of the sand – Challenges of Operational Technology Security at an Airport

IT Security staff have grown up in a world of patch management, mirrored test environments, DMZs and defense in depth. We have code and penetration testing to find security concerns with deployments. We have mature frameworks with NIST, PCI and ISO to guide our way to establish risk appetites and identify improvements needed. The world of Operational Technology is difficult for an IT Security practitioner to understand and work within given its different objectives, culture and background. Toronto Pearson airport is currently in a operational technology shift which is challenging our business, our IT security department and our management. I will highlight this progression of this technology and culture shift and provide our learnings and pitfalls. My goal is to provide you with our experience as we mature the technology security in our operational environment at the airport.

Andrew Faber

Andrew Faber

Directeur de la gouvernance des risques et de la sécurité des TI à l’Autorité aéroportuaire du Grand Toronto

The Mass Effect: How Opportunistic Workers Drift into Cybercrime

By focusing on the most visible cybercriminals, our security community often overlooks the impact of massive groups supporting criminal activities. Yet, these groups act like the “mass effect”, where a primary pathology generates an inflating mass that pressures its surrounding, increasing the initial problem’s scale. This research was motivated by a desire to uncover the context and motivations of individuals involved in spreading the Geost banking Trojan, and ended with large-scale statistical analyses of behaviors in an informal online market, one of the largest out there. The market was found to host dubious activities through a hide in plain sight approach.

The research unexpectedly opened-up an alternative way of conceptualizing cybercrime economies, one that includes an ordinary working class, involved in any economic activity for the sake of little crumbs of profit. More than that, we realized that the motives of these individuals did not represent the excitement that is traditionally depicted by cybersecurity storytelling, nor they embodied the criminal ethos. What is concerning is rather their aggregated effect, their growing mass.

This presentation shares our research journey, depicting the actors involved in the operation of a botnet, their motivations, challenges, and an analysis of the informal market in which they grounded their criminal activities. By using machine learning techniques and a statistical analysis of the informal market population, we found other similar opportunistic entrepreneurs. The analysis also indicated that the informal market may be a revolving door to underground, more criminally prone, communities.

Through this research, we hope to provide researchers, law enforcement officials and policy makers a better grasp on this type of cybercrime economy and a point of view that is closer to what these individuals actually experience.

Maria-Jose Erquiaga

Maria-Jose Erquiaga

Chercheur au laboratoire Stratosphere du CVUT

Sebastian Garcia

Sebastian Garcia

Chercheur sur les logiciels malveillants et Professeur adjoint

Masarah Paquet-Clouston

Masarah Paquet-Clouston

Chercheur en cybersécurité chez GoSecure

Serge-Olivier Paquette

Serge-Olivier Paquette

Chef d'équipe science des données chez Secureworks

Vulnerability Management – Lessons Learned & Wisdom Earned

Virtually all companies today rely on technology to deliver their products or services, even the old bricks and mortar companies.  Despite having various needs for their technology, a retail chain, an energy company, and a bank all share one thing in common.  The patch Tuesday, exploit Wednesday monthly cycle.  This talk will look at how various companies solve the patch and scan headache and its growing technical debt.

Randy Martin

Randy Martin

Directeur de la gestion des vulnérabilités, Gosecure

What role does cryptocurrency play in the spread and evolution of ransomware attacks?

In recent years, the quantity and quality of ransomware campaigns has increased significantly and if nothing changes, the impact of ransomware is likely to persist for the foreseeable future. It was also worrying to see that recent attacks are increasingly targeting organizations that provide essential services to the public. Is the popularity of cryptocurrency and the increase in ransomware attacks a coincidence? Could means such as regulating cryptocurrency or prohibiting ransom payment by cryptocurrency significantly reduce the scale of ransomware attacks? In order to explore these questions and try to answer them, Sébastien Lapointe meets with information security experts Éric Hébert and Nicolas Bergevin, all in the form of a radio talk show.

Nicolas Bergevin

Nicolas Bergevin

Chargée de clientèle senior chez Armis

Éric G.Hébert

Éric G.Hébert

Vice-président, Chef de la sécurité de l’information, CISO Québecor Média inc.

Sébastien Lapointe

Sébastien Lapointe

Officier de sécurité d’affaire chez Groupe Desjardins

Zero, Dark and Dirty – Zero Trust like you’ve never seen it before

This is not your father’s Zero Trust presentation. This talk will look at offensive playbooks used by threat actors to attack organizations like yours and how a Zero Trust Architecture forces you to think about how you enforce internal and external policies. But what are those policies really capable of protecting, and how can they be broken? All roads lead nowhere. Trust No One.

Aamir Lakhani

Aamir Lakhani

Stratégiste principal en sécurité, Fortinet

Zero Trust : quelles démarches pour bien commencer?

Venez écouter les experts Linkbynet pour découvrir leur retour d’expérience sur la mise en place d’une démarche Zéro Trust. Description conférence : Vous avez lancé, ou envisagez de lancer, un projet stratégique de mise à niveau de la sécurité de votre système d’information en vous basant sur le modèle du Zéro Trust ? Vous connaissez les principes du Zéro Trust mais vous avez de la difficulté à identifier les chantiers nécessaires à leur mise en application ? Fort de son expérience, Linkbynet vous invite à venir découvrir à travers cette allocution quelles sont les questions à se poser pour mettre en place une solution de Zéro Trust résiliente et les prérequis qui vous permettront d’appliquer les principes du Zéro Trust. Nos experts vous partageront à cette occasion un cas client réalisé pour un acteur majeur du secteur des transports. Cette présentation virtuelle s’adresse aux responsables TI & sécurité, aux analytes et aux architectes qui sont impliqués dans les sujets de la sécurisation des systèmes d’information.

Quentin Guiguet

Quentin Guiguet

Consultant cybersécurité - Linkbynet – Partie d’Accenture

Antoine Paris

Antoine Paris

Responsable d’équipe et consultant en cybersécurité, Linkbynet – Partie d’Accenture