For nearly a decade The Right Honourable Stephen J. Harper led Canada through the world’s most complex geopolitical, economic and security challenges as the country’s 22nd Prime Minister.

Since leaving office in 2016, Mr. Harper founded and is Chairman and CEO of Harper & Associates, a global strategic advisory firm, and the co-founder and Chairman of Vision One, a Miami-based investment fund. Mr. Harper is also the author of “Right Here, Right Now: Politics and Leadership in the Age of Disruption”, and a frequent speaker on geopolitical trends, technology, and business.

Daniel Wiley, Head of Threat Management and Chief Security Advisor, manages Check Point’s advanced security operations including Check Point Incident Response Service. His core responsibility is to bridge the gap between product and operational security and to provide actionable intelligence to Check Point customers. Daniel is an experienced cybersecurity leader with over 25 years of experience in the Cybersecurity industry, including government, civilian and service provider environments.

Keynote: Lessons and Observations from Incident Response and MDR teams

Alain Sanchez has more than twenty years of experience in networking and telecommunications. Alain joins Fortinet’s EMEA Field CISO office from Accenture, Huawei, Alcatel-Lucent, BT Global Services and Nortel, where he held senior management positions advising leading enterprises and operators on their digital transformation.   As Fortinet’s EMEA Field CISO, his role enables him to keep abreast of key developments in cybersecurity solutions, best implementation practices and pragmatic approaches to making our hyper-connected world a safer place.  Alain holds an engineering degree from the Université de Technologie de Compiègne and a Diplôme d’études approfondies in Industrial Process Analysis.

Keynote: The Future of Cybersecurity

With a career spanning more than 15 years in information security, Kristopher Russo has a deep understanding of how cybersecurity essentials are applied across a range of industries. As a consultant at Unit 42, he brings to client engagements an extensive knowledge of incident response, threat hunting, forensics, and risk management, as well as a deep understanding of threat actors’ tactics and of how to identify and deploy countermeasures that fit an organization’s unique risk profile

Keynote: Evolution of Threats: Analyzing Pre-Mortem Retrospective Lessons

Andréanne Bergeron has a Ph.D. in Criminology from the University of Montreal and works as a cybersecurity researcher at GoSecure. Acting as the social and data scientist of the team, she is interested in online attackers’ behaviors. She is involved in the infosec community as the VP engagement and outreach for Northsec. Her experience as a speaker includes BlackHat USA, DefCon, BSides Montreal, NorthSec, CypherCon and Human Factor in Cybercrime among others.

Olivier Bilodeau leads the Cybersecurity Research team at GoSecure. With more than 12 years of infosec experience, he enjoys luring malware operators into his traps and writing tools for malware research. Olivier is a passionate communicator having spoken at several conferences including BlackHat USA/Europe, Defcon, Botconf, Derbycon, and HackFest. Invested in his community, he co-founded MontréHack, is the President of NorthSec and host its Hacker Jeopardy.

Keynote: The Clash of Experts: How good of a solution are password managers?

Rick Vanover (Microsoft MVP, Cisco Champion, VMware vExpert) is Senior Director of Product Strategy for Veeam Software based in Columbus, Ohio. Rick’s experience includes system administration and IT management; with virtualization, cloud and storage technologies being the central theme of his career recently. In his role at Veeam, Rick sits at the crossroads of many types of storage. Whether it is storage systems, critical application data, data in the cloud or data anywhere in between; Rick has experience in the data management practice as IT practices change with new technologies.

Session: Practical Tips for Data Security and Data Protection Alignment

Ali has always been passionate about learning & the use of technology to improve quality of life. He started his career as a computer technician in public sector and later went back to school to get a degree in Computer Engineering (with a minor in security). He worked at EMC as a presales architect and after its acquisition by Dell, went back to school to pursue a master’s in engineering (M.Eng : Information Systems Security, with focus on IOT crypto protocols). He continued as a consultant for the biggest Telco/ISP in Canada for several years before joining the Canadian NETSCOUT team as a Cyber Security Specialist.

Session: Operationalizing the Attack Surface

Jonathan Ha-Tran is a seasoned cybersecurity professional with a wealth of experience in the field, specializing in risk management and cloud security. With a notable career at Deloitte, Ernst & Young and Zscaler, Jonathan has made significant contributions to the cybersecurity landscape. He excelled in conducting thorough risk assessments, identifying vulnerabilities, and delivering strategic recommendations to enhance clients’ security frameworks.

Jonathan’s journey led him to join Zscaler, a renowned cloud security company, where he continued to expand his expertise in safeguarding organizations against advanced cyber threats. As a member of the Zscaler team, he actively contributed to the development and implementation of cutting-edge cloud security solutions. Jonathan’s dedication to assisting clients in adopting Zero Trust architectures and embracing secure digital transformation has been instrumental in their success.

Session: The Elements of a Zero Trust Architecture

Bryan Whyte, CISSP holds a Masters in Electrical Engineering and has spent over 20 years developing software applications to test hardware such as Torpedoes, Circuit Boards and Digital Subscriber Line (xDSL) modems. He has contributed to product development for Embedded and Distributed Enterprise Applications. He joined IBM Security in 2015 as a Technical Pre-Sales Engineer focused on the AppScan tool suite for Static, Dynamic and Mobile Application Security Testing. He joined Sonatype in 2019 because the growth of Open Source Software has made Software Composition Analysis critical to Application Security.

Session: Maximizing the Potential of Software Supply Chain Security with Better Consumption

John Engates joined Cloudflare in September of 2021 as Field Chief Technology Officer and is responsible for leading the Field CTO organization globally. Prior to Cloudflare, John was Client CTO at NTT Global Networks and Global CTO at Rackspace Technology, Inc. Earlier in his career, John helped launch one of the first Internet service providers in his hometown of San Antonio, Texas.

John is a graduate of the University of Texas at San Antonio and lives in Texas with his wife and
two daughters. He is passionate about technology and enjoys mountain biking, snowboarding,
and spending time traveling with his family

Session: Internet Threat Radar – The Current Cyber Threat Landscape

Mick Leach is Head of Security Operations at Abnormal Security, where he is responsible for threat monitoring and detection, incident response and handling, vulnerability management, and identity and access management. A cornerstone to his mission is ensuring that Abnormal employees stay safe from email attacks using, you guessed it—Abnormal. Prior to joining Abnormal, he led security operations and engineering teams at Alliance Data and Nationwide Insurance, and previously spent more than 8 years serving in the US Army’s famed Cavalry Regiments.

He is a passionate information security practitioner with 7 active certifications from SANS/GIAC. When not digging through logs or discussing operational metrics, Mick can typically be found on a soccer field, coaching one of his 13 kids.

Session: Stop Phishing for Needles in a Haystack: How Phish are Crushing Your SOC

Nathan Wenzler is the Chief Security Strategist at Tenable, the Exposure Management company. Nathan has nearly 25 years of experience both in the trenches of and as executive management of Information Security programs for government agencies and private sector firms alike, often building them from scratch. He has served as an executive management consultant and vCISO for C-suite execs across a wide array of Fortune 1000, nonprofit and government organizations looking to optimize and improve their security programs focusing on process, program and personnel improvements to mature and accelerate their Information Security and risk management efforts.

Nathan’s focus areas include vulnerability management, privileged access management, incident response, process and workflow improvements, executive level program management and the human-focused aspects of InfoSec. Nathan has 25 years of experience in the trenches of and as CISO of InfoSec programs for government agencies and private sector firms alike, often building them from scratch. He has served as a management consultant and vCISO for C-suite execs looking to optimize and improve their security programs.

Session: Master the 3 Levels of Risk Decision-Making

Nadir Izrael guides the technology vision for Armis. Drawing from his deep programming and software engineering expertise, he has overseen the rapid evolution of the Armis platform to provide complete asset visibility and security for every enterprise asset. Nadir co-founded Armis in 2015 with his friend and army colleague, Yevgeny Dibrov, after the two started looking for new and interesting problems to solve in technology.

Prior to founding Armis, Nadir spent four years as a senior software manager at Google, working on Google Maps and Google Autocomplete. He began his career in the Israel Defense Forces in the elite Unit 8200 intelligence corps where he served first as a software developer and then as a team leader, ultimately achieving the rank of captain. Beyond helping to solve visibility and security challenges for connected assets, he is adept at creating simulations of particle systems and cosmological models, and is very experienced with machine learning algorithms and statistical models. Nadir holds Bachelor of Science degrees in computer science and physics from the Technion, the Israel Institute of Technology, finishing summa cum laude.

Session: Security in a hyper-connected, asset-driven world & the real world attacks that follow

Maurice Côté, Vice-President of Products at Devolutions, brings over 15 years of IT experience to the company’s team. For 12 years, he served in the Canadian Forces as an avionics technician and instructor, acquiring solid technical and pedagogical experience. Maurice Côté has held positions as system, network and database administrator, solutions architect and team manager. Thanks to his versatile expertise, he has successfully completed a number of projects for world-renowned companies in the medical industry and online marketing.

Session: Managing passwords is obsolete, manage privilege instead!

Guillaume Ross is a seasoned cybersecurity professional with over a decade of experience, specializing in building blue teams, cloud security, and wielding ridiculously old but amazingly still useful Active Directory security skills. As a veritable relic in the field, Guillaume once held a CISSP certification but chose to part ways with ISC2 due to disagreements.

Guillaume’s passion for cybersecurity is both contagious and hilarious. He actively participates in the security community, presenting at conferences, contributing to open-source projects, and mentoring aspiring professionals. His ability to break down complex concepts into easily digestible and humorous content has made him a sought-after speaker at events like BsidesLV.

Session: Using the Cyber Defence Matrix (CDM) to Understand Security

Mathieu Saulnier is a security enthusiast and Core Mentor for Defcon’s Blue Team Village. While leading Sumo Logic’s Threat Labs, he focused on research, hunting & detecting adversaries. With 2 decades now in the security space, he’s had the opportunity to work for amazing organizations and make an impact in cyber defense. He shared his passion at Derbycon, SANS Summits and RSA, amongst others.

Session: Password Audit Cracking in AD: The Fun Part of Compliance

Michael Goetzman, Hacker & Cybersecurity Leader, enjoys experimenting with cloud security applications, genetics/bio-hacking, hacking connected devices, and examining the confidentiality of critically sensitive connected products, medical devices, and electronic medical records.

He holds a Masters of Science (M.Sc) in Business Management involving international healthcare studies in Havana, Cuba along with earning his CISSP. and 10+ other certifications. In his free time, Michael enjoys exotic rides in zeppelins, soaring in experimental planes, and piloting colorful hot air balloons around rural Wisconsin.

Michael believes in freedom of non-harmful information, equality before the law, the advancement of scientific fringe research by the way of individual imperatives.

Session: Evolving from Cyberpunk to Solarpunk: Actionable Guidance from a hacker for hope into the future

Vicky Desjardins is a criminology PhD candidate and a cyber threat intelligence analyst at Hitachi Systems Security. Her PhD dissertation is on the coevolution of ransomware attacks from a game theory perspective.

Her master’s degree was on the prioritization of risk of offline sexual contacts against minors in online sex solicitations. Vicky’s expertise focuses on understanding criminal behaviours and viewing risk from a criminal opportunity perspective.

Her curiosity of criminal behaviours is at the heart of all her research projects and work. Her experience as a researcher help build the methodology skills needed to perform multiple types of research that have the goal to make the world a better place.

Session: Hackers, threats & vulnerability management – Stealerlogs: The doggy door to your organisation

Having started his career in the Canadian Armed Forces, Victor has worked in the security field for the past 10 years and specialized in information security for the last 6. He holds a B.Sc. and a M.Eng. in cyber security. In the private sector, he has assisted numerous organizations to recover from information breaches and improve their internal controls to reduce information leakage.

Victor is primarily focused on helping organizations protect critical systems and sensitive information from attackers. In his spare time, Victor enjoys writing blog posts on his Medium and studying to obtain his MBA in business management.

Session: The 5 obstacles organizations forget when designing their cybersecurity program

Paul Figura is a Chief Architect at Indigo Consulting with nearly two decades of Identity and Access Management (IAM) expertise, Paul has developed a robust skillset and deep IAM expertise across a wide variety of product suites and deployment environments. Paul’s IAM career first started in 2008, and since then he has continuously demonstrated his deep understanding of the many critical aspects of Authentication, Authorization, and Identity Management and Governance.

Session: How to Design Single Page Apps with a BFF to make API calls Securely and Prevent Token Hijacking

Anna Sarnek is a highly experienced strategic business development professional, launching innovative product lines and driving growth through strategic partnerships. With over 10 years of experience in the field, Anna has a technical background and a macro-level perspective on technology problems, allowing her to identify unique joint development and go-to-market opportunities.

Her background in cybersecurity, international relations, and economics positions her to provide a unique perspective on how cybersecurity is a financial sustainability risk to the business and the economy, as well as how it ties into ESG. Anna is the former Head of Technology Alliances at RSA and the Head of Risk Solutions and Strategic Alliances at SecurityScorecard. She is currently the Head of Strategic Alliances at Valence Security where she’s helping to automate the SaaS security implementation and remediation. She also volunteers as a content contributor for Women in Identity where she drives the conversation around equity and inclusivity in identity security.

Session: Two steps forward for SaaS Adoption, One Step Back for SaaS Security

Dr. Ahmed Refaey Hussein is a renowned cybersecurity expert specializing in cloud security and large-scale distributed denial of service attacks. He holds a Ph.D. from Laval University and currently serves as an Assistant Professor at the University of Guelph and an Adjunct Research Professor at Western University in Canada. Before his academic career, he excelled in the telecom industry, leading teams at prominent companies like Fujitsu, Vodafone, and Alcatel-Lucent in Egypt. His research has led to significant advancements in wireless communications hardware implementations.

Throughout his illustrious career, Dr. Hussein has been instrumental in developing an open-source version of the software-defined perimeter reference architecture, addressing large-scale distributed denial of service attacks. He has made notable contributions to cloud security standards, collaborating with organizations like the US National Institute of Standards and Technology (NIST) and the Cloud Security Alliance. His current research focuses on key management challenges in the blackened cloud, exploring control authentication and encryption keys in the context of the zero-trust concept. With over 80 technical articles, one granted patent, and three patent applications to his name, Dr. Ahmed Refaey Hussein continues to shape and elevate the field of cybersecurity.

Session: Zero-Trust Architecture: Securing Next-Generation Networks

Gary Givental, is known for his comprehensive expertise in security analytics and automation. His career journey, commencing in 1998 with Netrex, advancing through ISS, and ultimately leading him to IBM, exemplifies his enduring commitment to innovation and technical excellence. Equipped with a Bachelor’s degree in Computer Engineering from the University of Michigan and a Master’s degree in Software Engineering from Lawrence Technological University, Gary’s robust academic credentials underpin his profound technical skills. From 2014-2018, he served as an Adjunct Faculty at Lawrence Technological University, imparting his wisdom in Software Engineering and Artificial Intelligence. Gary’s unique ability to amalgamate technology and operational efficiency is evident in his co-creation of the Advanced Threat Disposition System (ATDS), a key threat triage and automation capability for IBM’s X-Force Protection Platform. Furthermore, his architectural acumen was key to the development of the Advanced Ticket Routing platform, leading to significant process automation. Recently, he has been delving into the groundbreaking realms of Generative Pretrained Transformers (GPT) and Large Language Models (LLMs), further demonstrating his foresight and adaptability. Receiving the 2020 People’s Choice Culture Award, Gary epitomizes a balanced blend of personal and professional excellence, contributing to the software industry as a seasoned technologist, a committed mentor, an inventor with over a dozen patents and a driven leader.

Session: Pragmatic and Trustworthy AI in Cybersecurity

Evgeniy Kharam is a seasoned cybersecurity expert with over 20 years of experience, boasting 40,000 hours of pre and post-sales support as an architect and principal consultant for medium to large enterprises. His technical expertise spans Endpoint and Network Security, SIEM/SOC/SOAR, SASE/SEE, VMS, and Cloud Security. Evgeniy spent 15 years at the Herjavec Group as the VP of Security Architecture. In addition to running his own cybersecurity consulting service and media company, Evgeniy has produced over 200 episodes of podcasts, live shows, panel moderations, webinars, and technical training, becoming a prominent figure in the cybersecurity media landscape. He currently provides cybersecurity guidance to vendors, VARs, and MSSPs

Session: Mastering Vendor Engagement in Cybersecurity

Thomas is a seasoned cybersecurity expert with 15 years’ experience in the banking sector. Passionate about business transformation, he is recognized for his advanced technical skills in cryptography. After starting out as an information systems security administrator, he quickly rose through the ranks to become head of the secret management team at a major financial institution.

This experience led him to set up encryption and key management service offerings, offering a high level of availability for crucial issues such as data protection and the prevention of cyber-attacks. Thanks to his leadership, Thomas has played a key role in the organizational transformation of the bank’s cybersecurity teams, encouraging a proactive approach to security.

His passion for continuous improvement was reflected in his work with the teams, guiding them towards greater maturity in their daily deliveries. Today, as head of Neotrust’s Canadian office, Thomas has built up a team of cybersecurity experts capable of supporting their customers on two distinct levels.

Session: Why a proactive security approach is link to a constant cyber transformation and what is the benefits for companies?

As a Senior Counsel at Clyde & Co Canada, Laure Bonnave serves as a “breach coach” in cases involving cybersecurity incidents, including data breaches or privacy breaches. In the scope of her practice, she has advised clients on numerous cyber incidents, both locally and internationally.

In her role, Laure regularly provides her clients with expertise in managing cyber incidents, which includes:

Overall management of responses to incidents and coordination with service providers.
Responses to ransomware attacks and data recovery.
Analysis and reporting of data protection breaches.
Handling cases of payment diversion fraud, locating funds, and recovering them.
Developing a communication strategy and managing stakeholders.
Preparing reports for regulatory authorities.
Managing risks related to class actions following a privacy breach.

Session: How to minimize legal risks in the event of a security incident?

François is a Senior Product Security Engineer for BoostSecurity, where he leads the Supply Chain research team. With over 10 years of experience in building AppSec programs for large corporations (such as Intel) and small startups he has been in the heat of the action as the DevSecOps movement took shape. François is one of founders of NorthSec and was a challenge designer for the NorthSec CTF.

Session: Broken Links: Behind the Scenes of Supply Chain Breaches