Day 1: Wednesday, Jan. 24


Office of the Information & Privacy Commissioner for British Columbia (KEYNOTE)
The latest perspective of privacy and security challenges of 2023  from the perspective of the OIPC.
Presenter: Michael McEvoy (Information and Privacy Commissioner, Province of British Columbia)

Keeping Research Open: Privacy and Cybersecurity at UBC ARC

University of British Columbia (KEYNOTE)
While surveillance can be an issue when it comes to cybersecurity and privacy concerns, in the research space, flexibility and open science are most at risk from overly restrictive cybersecurity. We will review of how privacy and cybersecurity intersect with research in general, then look at those few places where privacy and cybersecurity may conflict, and finally explore the wider issue of how we find the balance between maintaining privacy and security while ensuring science remains open and collaborative at UBC Advanced Research Computing.

Presenters: Scott Baker (Manager Sensitive Research) and Jessica Galo (Sensitive Research Security Analyst)

The Spectrum of Privacy and Security - How organizations in different industries tackle privacy and security 

Vivacity Technologies (GOLD SPONSOR)
This panel discussion delves into the reality of what the spectrum of privacy and security looks like within a variety of organizations: whether they really care about privacy, how prominent the need is for security, and what managing both on a day-to-day basis actually looks like. Join us as we hear from start-ups, municipal entities, large organizations, and national not-for-profits to learn about their experiences with protecting privacy and managing security within an organization.

Moderator: George Emery - CEO, Vivacity Technologies; Panelists: Lindsay Sill - Executive Director, CUCCIO; Brian Eshpeter - IT Director, Dawson; Luke Timms - Infrastructure Systems Manager, City of Kelowna; Stefano Stamato - Head of Product, Vivacity Technologies 

Back to the Basics: Why investing in fundamentals is still your best defense

We will examine some of the latest and greatest options in cybersecurity defense and discuss why the attackers keep winning despite these advances. We will review core areas of security that bring the best ‘bang for the buck’ in helping to minimize and contain damage from an attack, how these relate back to security governance and policy and why there is still a gap in practice.

Presenter: Mark Shykula

Bad Actors Are After Your Data, Now What?

Organizations today have become obsessed with data, collecting it in ever greater quantities. At the same time, the threat and activities of bad actors is on the rise. How can organizations protect themselves and guard against fraud? Join Ross and Marleen in a fireside chat as they discuss the reasons organizations are collecting data. They will also cover off strategies and best practices that organizations can utilize to protect their organization from bad actors. We will also deep dive into fraud. Where does fraud originate? What is the profile of a bad actor? And what are the strategies and tools organizations can use to detect and protect against fraud. Finally, we’ll also look at the options available to consumers so they can move forward with better awareness and confidence.

Presenters: Rossilyne Tan and Marleen Mavrow

Backup ≠ Cyber Recovery

Some things just don’t make any sense. Like using a garden hose to put out a five-alarm fire or a legacy backup solution to recover your data. Today’s cybercriminals are too organized and too sophisticated to trust your data—and your business—to anything other than a data security solution designed for cyber recovery. In this session, Rubrik experts will teach you how to: (1) Make your data impervious to cyber attacks, malicious insiders, and operational disruptions, (2) understand risks to your data, and (3) spot threats sooner, recover faster, with better precision, and without reinfection.

Presenters: Werner Vorster, BC Account Executive, Rubrik & Derek Keen, BC Sales Engineer, Rubrik

Zero Trust Unleashed: Elevating Security in SASE- From Continuous Verification to Cloud Excellence.

PaloAlto Networks (SILVER SPONSOR)

Tn a Secure Access Service Edge (SASE) discussion led by Alex, the conversation delves into the core principles of zero trust security and network access, emphasizing the importance of continuous verification and security inspection efficacy. The conversation broadens to encompass cloud application security and data loss prevention strategies. Further, the discussion explores the intricacies of how a cloud delivered security solution can improve performance and user experience for an organization.

Presenter: Alex Macdonald

When Needs are High but Budget is Low

Amidst the prevailing macroeconomic landscape, where organizations are still navigating their way out of a recessionary environment, IT leaders face the ever-present challenge of minimizing risk exposure and enhancing security posture. Join Michael Kwan as he explores the evolving trends in security monitoring, discusses the types of security monitoring tools in the marketplace, and provides insights on leveraging complimentary resources to optimize your cybersecurity team and budget.

Presenter: Michael Kwan

Redefining Priorities in Data Security: Why Protecting 'Low-Risk' Data is Key to Safeguarding High-Value Assets

In the rapidly evolving landscape of data security, conventional wisdom has often focused on identifying and protecting only sensitive, private, or high-risk data. However, this approach, while adequate for data compliance, overlooks a crucial aspect of comprehensive data protection: the significance of low-risk data. Through our partnership with X10 Technologies, Imperva is at the forefront of redefining this paradigm, asserting the vital importance of safeguarding all data including that categorized as 'low-risk.'

Presenters: Paul Steen - Principal Engineer, Imperva, Thales Company & Simon Copon - Sr Account Manager, X10 Technologies

Just API’s, Apps & Users: How to power your hybrid workforce

Recent trends have shown an alarming increase in Generative-AI attacks and Ransomware-as-a-Service, two types of cyberattacks that pose significant risks to organizational data and user safety. In the session “Just APIs, Apps & Users: How to power your hybrid workforce”, hosted by Sudden Technologies, Abnormal Security, and Zscaler, you’ll receive valuable insights on how to implement measures that reduce your attack surface and protect your data and users. Attendees can expect to learn cutting-edge cybersecurity techniques that can be deployed to enhance the resilience of your organization against the ever-evolving threat landscape. We highly recommend this session to individuals seeking to stay informed on the latest cybersecurity practices.

Presenters: Michael Kennedy (Sudden Technologies), Beth Hartwell (Abnormal Security) and Scott Smith (Zscaler)

How to build in a secure enterprise landscape with NO IMPACT on privacy

In a world filled with privacy regulations and compliance obligations, Oracle takes its role in protecting customers data which are the most critical assets of every organization. With over 40 years of experience in the design and development of secure database management, data protection, and security solutions, we will demonstrate our defense in depth that has NO IMPACT on privacy.

Presenter: Samantha Phillips, CISM - Sales Specialist, Oracle

The Evolution of Physical Security - Protecting People, Private, and Assets

We will cover the evolution of physical security, and how new technology enables users to be proactive about their security, and privacy, rather than reactive.

Presenter: Carmine Amorelli of Verkada

Day 2: Thursday, Jan. 25

Digital Harmony: A Secwépemc Perspective on Balancing Privacy and Security.

Tk̓emlúps te Secwépemc / TRU Office of Indigenous Education (KEYNOTE)
In today’s interconnected world, the delicate balance between privacy and security takes on a unique significance when viewed through an Indigenous lens. In this keynote presentation, we will explore the profound implications of this balance from the perspective of Secwépemc communities. Focusing on web and app development projects that honour cultural privacy and digital sovereignty, we will delve into the principles and practices that ensure Secwépemc values and believes are respected in the digital realm.

Presenter: Gabriel Archie

Implementing a Layered Security Approach with Microsoft 365
Microsoft 365 stands out for its integrated security features, offering a comprehensive suite that includes identity and access management, threat protection, information protection, and security management. This integration streamlines the complexities often encountered in managing disparate security systems. In this presentation, IX Solutions and the City of Kamloops will discuss their journey to introduce a layered security approach in the City using Microsoft 365. It will include thoughts on the City licensing decision making process, deployment planning and execution highlights, monitoring and reporting requirements and IT staff training needs. The goal of this discussion is provide other organizations with insight and tips into how they can successfully leverage a layered security approach to reduce risk and ensure business continuity and stability.

Presenters: Chris King (IX Solutions), & TBD (City of Kamloops) 

Defy the Inevitable: Radical Resilience in the Public Sector
Don’t Become a Ransomware Headline. Secure backup is your best line of defense.
Jeff Reichard, VP, Product Strategy at Veeam, will share his knowledge and insights on safeguarding critical data and how you can develop an effective disaster recovery plan to ensure business continuity. Flexible recovery options are key to fast recovery from any cyber‑attack. Access to clean, reliable backups gets you back to business without paying the ransom. This is the session of 2024 you don’t want to miss.

Presenter: Jeff Reichard, VP, Product Strategy

Punch Above Your Weight – 3 strategies to gain rapid advantage

Organizations of all size and type are driven to effectively elevate their levels of protection and resilience while being asked to do more with less. Regulations, frameworks, and assessments do well to prescribe “what” we must do, but the “how” has become increasingly challenging. Finding ways to overcome constraints and achieve the security we need is an imperative. This session will present 3 primary strategies that can be effectively implemented to gain rapid advantage – reducing complexity and simplifying, creating greater value from what you already have, unifying the ecosystem and finding efficiencies in collaboration.

Presenter: Gary Miller, Field Chief Technology Officer, Compugen

How to Build your Network Security Strategy with AI and NextGen Solutions

There is no escaping the daily articles that either hype AI as our saviour or describe it as humanity’s impending doom. In this session, we will go beyond the hype and find out if and how AI impacts your cybersecurity strategy. Organizations continue to face challenges moving their applications and security to the cloud. This hybrid security architecture increases complexity, as well as operational and training costs. It also creates security gaps, due to the lack of unified visibility across the cloud and on-premise components. The ideal security architecture provides complete and holistic protection across the organization by (1) Simplifying your network security environment, (2) Accelerating user access to applications, (3) Securing your organization to global standards, and (4) Providing the automated expertise to ensure your environment is up to date and fully secure.

Presenters: Scott Parker, Doug Atkinson, & Rob Kyle

A picture (memory image) is worth a thousand words (logs)

Join me for a demonstration hosted by Thompson Rivers University's Information Security Department, where we'll delve into the integration of memory forensics within our Incident Response Plan (IRP). This session provides an insightful look into how memory forensics is crucial in our post-incident analyses to understand the 'how' and 'why' of security breaches. We will showcase the use of the open-source tool, Volatility (V3), applied to a computer compromised by a rootkit. Discover how TRU leverages Volatility for effective combat against rootkits and to conduct forensic investigations. This presentation is especially beneficial for individuals keen on forensics, as well as network and system administrators looking to deepen their understanding of security response strategies.

Presenter: John Cuzzola, Information Security Director, of Thompson Rivers University.

Understanding the Latest MITRE ATT&CK Evaluation Data

How good is your current endpoint solution? Learn how to interpret one of the best and free resources, the MITRE ATT&CK evaluation data and find out!

Presenter: Norm Chan, Enterprise Solutions Engineer, Western Canada, of SentinelOne