13th Annual Privacy and Security Conference
Keeping Pace with the Digital Revolution February 16 & 17, 2012
|
Wednesday, February 15, 2012 | |
Pre-Conference Privacy and Security Workshops Please note: Workshop information will be updated as it is received. You do not need to pre-register. Workshops will be seated on a first come, first serve basis. |
|
9:00 – 12:00 |
Morning Workshops
|
9:00 – 12:00 Saanich |
McAfee presents; Advanced Persistent Threats (APTs) and stealth hacking techniques unfortunately are commonplace in today’s IT threat landscape. These sophisticated threats entrench themselves below the operating systems of IT assets - easily bypassing and not visible to traditional anti-virus, anti-malware security solutions. Hear from security experts on why the risks associated with these types of threats are real and need to be addressed as part of your overall security program. Come see a live demonstration of McAfee and Intel’s hardware-assisted DeepSAFE technology and how it detects and blocks these advanced, hidden threats such as stealth rootkits and APTs in real-time.
Edward Metcalf, Director, Product and Solution Marketing, McAfee, Inc. |
9:00 – 12:00 Oak Bay II |
Ethics presents; Many lawyers and privacy officers tend to think of “ethics” as a code of conduct and “privacy” as a set of best practices that accord with legislative standards. This pre-conference workshop, conducted by Ian Kerr, Canada Research Chair in Ethics, Law & Technology, offers a broader understanding of ethics and privacy through a consideration of various theories of privacy and the ethical values that underlie them. Learning objectives for participants of this workshop include:
Ian Kerr, Canada Research Chair in Ethics, Law & Technology, Faculty of Law, University of Ottawa |
9:00 – 12:00 Oak Bay I |
Office of the Chief Information Officer presents; This workshop will provide an overview of the new Information Incident Process and Practices of the BC Government including training overview, incident handling, assessing harm and notification practices and prevention through lessons learned. Participants will be given case studies and will participate in interactive activities covering these areas.
Wendy Taylor, Director, Privacy Investigations, Office of the Chief Information Officer, Ministry of Labour, Citizens' Services and Open Government
|
9:00 – 12:00 Sidney |
CA Technologies presents; Click here for more information. Privacy in the Workplace: Who’s Privacy are we really concerned with?
Let’s talk about a Privacy Survival guide. Is what you do really private; and should it be? Is the guide for the employee or for the employer or both? Every day employees dole out information about themselves, where they work, using work related hardware. Sometimes deliberately and sometimes not. Come find out some of the industry best practices about the different types of information that is commonly protected, and the methods used dealing with topics like Code of Conduct, Ethics, Internal Policies etc.. Learn about policy management, legalities, regulatory requirements, implementation and other topics and how they affect you.
Bring your Own Device: Where do we draw the line?) Over 75% of the organizations allow employees to bring their own devices to work and school. Do you have your favourite mobile device to get your job(s) done from day to day. Are they appropriate? Are they secure? Are they integrated into your day to day work like or do they only do part of the job you need to them to do. There are benefits and challenges that can both save and costs 1000’s of dollars for employers to manage and integrate. Is it worth it? If you’re either one of the many that is tethered to a mobile device from one of the popular brands that is flying off store shelves today or an IT person or employer that needs to manage the those devices in your environment, come hear what concerns and challenges others are hearing. 10 years ago when you came to work you knew what tools were there for you to do your job. Maybe a personal laptop, desktop or a new fancy Blackberry but is that still the case?
Speaker Biography Denny Prvu – Sr. Principal Security Consultant – CA Technologies Denny has spent the last 15 years guiding private and public sector organizations to deliver secure, privacy-enabled business transformational projects. The past 7 years have been focused on not only the privacy and security of users and their identities but also the privacy concerns around them. As an active member of the Kantara, eGov, ICAM and numerous other panels and working groups he leads organizations and their directions in the realms of privacy and security. With a rapidly changing landscape, in 2008 Denny began the quest for protecting users in the mobile and cloud realms and implementing secure technologies for their email and day to day activities in an device agnostic world. Denny Prvu, Sr. Principal Security Consultant – CA Technologies |
9:00 – 12:00 Theatre |
Oracle presents; The amount of digital data within organizations is growing at unprecedented rates, as is the value of that data and the challenges of safeguarding it. Yet most IT security programs fail to address database security—specifically, insecure applications, protecting data at rest, and restricting access to data by privileged users. So how can you protect your mission-critical information? Avoid risky third-party solutions? Defend against security breaches and compliance violations? And resist costly new infrastructure investments? Join us at this half-day seminar, Oracle Database Security Solutions: Complete Information Security, to find out. Learn how Oracle Database Security solutions help you:
Spiros Angelopoulos, Oracle Enterprise Architect, Oracle Public Sector |
9:00 – 12:00 Esquimalt |
Sierra Systems presents; As Near Field Communications (NFC) penetrates the mobile device market, the opportunities to provide two factor mechanisms for authentication and storage of identity credentials increases dramatically in a compelling way. This workshop will review the typical business requirements for identity and access management, the technologies available for secure storage of identity credentials on mobile devices and their use through NFC, and the policy hurdles around the introduction of mobile devices as an authentication factor. This workshop will arm you with additional information to plan strategies for NFC-based identity credential management and demonstrate some of the technologies involved in this exciting space. Martin Kyle, CISSP, CSSLP, GISP, Principal Sierra Systems |
9:00 – 3:00pm Colwood |
IAPP CIPP/C Training Click Here for information and registration |
1:00 – 4:00 |
Afternoon workshops
|
9:00 – 3:00pm Colwood |
IAPP CIPP/C Training Click Here for information and registration |
1:00 – 4:00 Theatre |
HP Presents;
Social media has been touted as a “game changer”, revolutionizing the way people interact with each other, with the companies they buy from, and with their governments. Every day citizens interact through the web, in person and on the phone - and with each other on social media. Over the last decade, we have learned how to channel and mine data from each one of these channels independently - often missing the big picture. As time has progressed, the method in which citizens have engaged also has changed. Replacing "rows and columns" forms of data are more human-friendly forms of electronic communications: email, recorded phone calls, Internet videos, Twitter, social media sites and blogs. The power and influence of these types of data cannot be ignored - just ask a famous Airline about how they dealt with guitars. Also locked within this data is a wealth of information for the government and private sector's operations. Knowing sentiment of the constituency, or providing easy access to private industry partners can help to stimulate economic activity. Data is collected in multiple silos, of which the collation of the data can border on intrusion. Business and government need to be vigilant in privacy and security while also having the tools to proactively sweep for these breaks. By understanding the meaning of data across multiple channels, only then privacy issues can be identified and proactively managed. Brian McGlynn, VP Global Accounts, Autonomy, an HP Company |
1:00 – 4:00 Esquimalt |
Adobe Systems Inc. presents;
Privacy and data protection are typically at the core of government service delivery strategies. For organizations striving to “capitalize on an interoperable ecosystem of data-level security”, it’s an added bonus to also strengthen customer relationships and streamline process efficiency at the same time… if they do it right. Attend this workshop to dive into actual use cases that demonstrate how innovative public sector security practices have helped to deliver optimal user experiences and measurable results in service delivery. Michael B. Jackson, Director, Public Sector Solutions and Strategy, Adobe Systems, Incorporated
|
1:00 – 4:00 Oak Bay I |
Office of the Chief Information Officer presents;
This workshop will explore the recent amendments to BC’s Freedom of Information and Protection of Privacy Act (FOIPP Act), including new provisions which enable public bodies to leverage technology, take advantage of social media, and better deliver services. The workshop will also provide the ABC’s of the Privacy Impact Assessment (PIA) process, including a walkthrough of the new legislative requirements for public bodies. As well, there will be an introduction to the updated PIA template and new “Corporate PIAs” on certain social media such as Facebook, Youtube and Flickr. If you are interested in learning more about BC’s FOIPP Act amendments, how they impact the work you do, and the tools available to help you, this session is for you. Charmaine Lowe, Executive Director, Knowledge and Information Services Branch, Office of the Chief Information Officer, Province of B.C |
1:00 – 4:00 Sidney |
SafeNet presents;
Multi-factor authentication solutions today are not typically a one-size-fits-all. Traditional solutions in the market have been centered for years around the hardware One-Time-Password (OTP) token for remote access authentication. A modern IT infrastructure that enables increased collaboration with business partners and customers, and the move into the cloud, are fuelling an increased need for advanced authentication mechanisms that are easy to adapt to an evolving IT infrastructure and address the ever changing needs of users and use-cases. Different authentication use-cases and diverse user preferences call for a mix-and-match approach – matching the token technology (i.e. OTP or PKI) and the token form-factor (i.e. software, hardware, hybrid) to the use-case (i.e. smart card logon and on premise access, remote access VPN, web portal, digital signing, etc.) and the user preference. This session will explore this subject and examine some of the scenarios, approaches and solutions available today. Tsion Gonen, Chief Strategy Officer, SafeNet |
1:00 – 4:00 Oak Bay II |
IAO
Information Access Operations, Ministry of Labour, Citizens’ Services and Open Government presents: This workshop is being presented by IAO, and will provide an overview of how public records have evolved with the digital pace. As leaders of FOI and Records Management services on behalf of the province, IAO provides guidance to public body clients in fulfilling their obligations under the Freedom of Information and Protection of Privacy Act (FOIPPA); the Document Disposal Act (DDA); and, the Core Policy and Procedures Manual (CPPM) Chapter 12. This workshop will take a look back at records and how records have evolved over the past decades, and citizens’ access to these records. Participants will be involved in an interactive discussion with activities involving records management and access to information.
Tim O’Connor, Information Privacy Analyst, Information Access Operations (IAO) – Ministry of Labour, Citizens’ Services and Open Government |
1:00 – 4:00 Saanich |
Grant Thornton LLP presents; Implementing effective security practices remains an elusive goal for many organizations. While focusing on existing threats and incidents addresses management concerns, it may leave an organization ill prepared to respond to new challenges. Likewise, in quieter times, management may question the purpose of IT/security and how effective it is at reducing risks. Meanwhile, end users and business process owners are demanding seamless security solutions at the lowest cost. Those tasked with managing security may wonder how to address the many directions they are pulled in. Joost Houwen, CISSP, CISA | Western Practice Leader, IT Security, Grant Thornton LLP |
Thursday, February 16, 2012 | |
7:30 – 8:30
Lobby |
Registration |
8:30 – 8:40
Salon AB |
Call to Conference
MC: Keith Baldrey, Chief Political Reporter, Global BC |
8:40 – 8:50
Salon AB |
Welcome Presentation/Opening Remarks
Honourable Dr. Margaret MacDiarmid, Minister of
Labour, Citizens’ Services and Open Government |
8:50 – 9:35
Salon AB |
Session 1 – Keynote Speaker
Cory Doctorow, Science fiction novelist, blogger and technology activist. Co-editor of weblog Boing Boing (boingboing.net), and contributor to The Guardian, the New York Times, Publishers Weekly, and Wired Internet giants will tell you that they're participating in a "privacy bargain" where consumers trade privacy for services. But it's a funny sort of bargain that involves Internet users giving up everything, with no ability to dicker --- not even the ability to see what they're giving up and to whom. What if we gave Internet users the power to decline an offer? What if we changed the analytics shooting war so that the users were armed, too? |
9:40 – 10:15 |
Session 2 – Concurrent Keynote Speakers
Ian Kerr, Canada Research Chair in Ethics, Law & Technology at the University of Ottawa The Repo Men Reductio Body EULAs, Privacy and Security of the Person
Valerie Steeves, Associate Professor, Department of Criminology, Faculty of Social Sciences, University of Ottawa Young Canadians in a Wired World: Kids’ and Parents’ Perspectives on Privacy and Technology
|
10:15 – 10:35
Upper & Lower Foyers |
Morning Break
|
10:35 – 11:50 |
Session 3 – Concurrent Panel Sessions
Panel A: Identity Management – Better Service for the Digital Citizen Identity management is becoming more important in electronic transaction and also regarded as a solution to reduce security concerns in the cyberspace. There are high profile identity management projects underway and they are more of business transformation than of technology. The Federal, Provincial and Territorial governments of Canada have developed the pan-Canadian identity management strategy that addresses privacy, security and trust issues on cyberspace. The goal of the pan-Canadian identity management strategy is to deliver better services to citizens. An example of showcasing the benefits of the right implementation of identity management is payment transactions on cyberspace. The Payment Systems Review Roundtable has been building a prototype of a next generation eCommerce model with a new governance model and payment ecosystem. The model also demonstrates a simplistic notion of fraud detection and reduction. This model is a good example for a better and more secure service delivery for citizens. Moderator: Dave Nikolejsin, CIO, Province of British Columbia Speakers:
Panel B: Sensitive Data: The Electronic Health Record Moderator: David Flaherty, former Privacy Commissioner of British Columbia Speakers:
Panel C: Clouds on the Horizon – the Road Ahead Moderator: Ian Kerr, Canada Research Chair in Ethics, Law & Technology at the University of Ottawa Speakers:
|
11:55 – 1:15 |
Keynote Luncheon Address
Ken Haertling, Chief Security Officer, TELUS The Impact of Disruptive Technologies on Data Protection In 2011, the industry witnessed an unprecedented year of security incidents and privacy breaches. In 2012, organizations are faced with the further proliferation of mobile devices/tablets and initiation of bring your own device (BYOD) policies. This will lead to the further co-mingling of personal and private data on joint-use devices. Meanwhile, with the addition of these devices and the erosion of the traditional network security perimeter, the enterprise network is no longer as trusted as it once was. Organizations cannot ignore other disruptors such as off-shoring, cloud computing, and virtualization that may further expose sensitive data. Ken will explore popular coping strategies and discuss which, if any, are likely to succeed.
Keynote Luncheon Address
David Elder, Stikeman Elliott LLP & Special Digital Privacy Counsel to the Canadian Marketing Association Interest Based Advertising: Privacy, Priorities and Proportionality New online applications and technologies continue to raise privacy concerns for many, most recently in such areas as interest-based advertising, social networking and mobile applications. While increased concern about privacy is understandable in an environment characterized by constant innovation and growth, research shows that much of this concern is based on uncertainty and misinformation. Industry is increasingly responding to these concerns through greater choice and transparency; however, there continue to be calls globally for increased regulation of online advertising. Moving forward, it is imperative that any Canadian regulatory responses be based on fact, and pursue a targeted, principle-based approach that will both protect privacy and nurture the digital economy, without sacrificing one for the other. |
1:15 – 1:55
Salon AB |
Session 5 - Keynote Speaker Richard Thieme, Author, Media Commentator and Speaker "Living in a Glass House when Everyone Has Stones" Identity-shift is well under way. When the context of our lives changes, all of the contents are jumbled, including who we think we are and meta-national structures. We can’t help thinking inside paradigms that emerged from prior technologies but we also can’t help acting as new paradigms demand. The end of secrecy and the end of privacy are two sides of the same coin. Hackers appoint themselves as a Fifth Estate, while security and intelligence professionals tell themselves a story that filters out as much reality as it allows in. But reality won’t go away, and protocols, policies, and legalities lag behind. Add “biohacking” to the mix and the weird turn pro, pros feel weird, and ... what can we do to stay in the game? |
2:00 – 2:30 |
Session 6 - Business Breakouts
Greg Belanger, Security Specialist, Symantec; Jacob Yoo, Security Specialist, Symantec
Encryption -- The Critical First Step to Data Loss Prevention
With the prevalence of data breaches and loss, it is has become critical for organizations to add additional layers of protection for sensitive data. Encryption is a good tactical approach towards securing data, but forethought is needed so as not to create a hindrance to an overall data loss prevention strategy. In this session, we will be discussing the importance of encryption and DLP working synergistically to provide comprehensive data protection.
Denny Prvu, Sr. Principal Security Consultant – CA Technologies
Virtualization: Using Technology Innovation to do More with Less.
Infrastructure management, deployment and processes have been hugely impacted by virtualization in 2011 and will continue to be affected in the future. This innovation allows organizations to be ready for ‘virtually’ the unknown by always having a machine ready. With innovation comes the security concerns for priviledged users, system security and management and CA would like to share some of industry and customer experiences around virtualization and its adoption.
Yim Y. Chan, Global Privacy and Data Protection Executive, IBM Corporation, Chief Privacy Officer, IBM Canada & A privacy pro-active blueprint for the enterprise.
A Case study is shared for how an enterprise can become a pro-active organization as it relates to handling and safeguarding PI. It describes IBM's journey from policy to practice and the transformative story of how IBM embedded privacy into the organization. Strategy considerations and a roadmap for fostering a privacy smart enterprise will be covered.
Steven Gottwals, Group Product Manager, Adobe Systems Inc.
Hundreds of millions of people around the world rely on Adobe Reader to view, interact and share PDF documents. Unfortunately, this ubiquity makes our software a persistent target of attacks by those with malicious intent. In this speech, you’ll learn about some of the challenges involved with securing a massively distributed install base, the prevalent attack vectors, the mitigation tactics and the lessons learned.
Raimund Genes, Chief Technology Officer, Trend Micro
Trend Micro and VMware allow you to fully capitalize on the game-changing benefits of virtualization and cloud computing. Our innovative, complementary solutions include the first and only agentless antivirus solution for virtualized desktops and datacenters, and a breakthrough key management and encryption solution for both public and private clouds.
Norm Chan, Sales Systems Engineer, McAfee, Inc.
Database Security
For many organizations, data is their lifeblood. Any loss, interruption, or security breach means disaster. Join McAfee to hear about the many ways we can help you protect your business-critical data from both internal and external threats, without impacting performance or availability. Learn how to your safeguard your data center and your databases and how to protect your corporate intellectual property from improper exposure to the public, competitors, or on social media sites.
Michael Argast, Director, Western Canada, TELUS Security Solutions
The impact of mobility, social networking, data breaches and intelligent analysis on privacy and organizational security
In a whirlwind 30-minute session, Michael will cover a wide ranging set of topics and talk about their impact on privacy, security and risk management. He will provide practical, straight forward advice on how to orient your organization’s policies and security investments to ensure privacy needs are met, while balancing open access, security and fiscal considerations. Topics covered will include bring your own device strategies, flexible workstyles, social networking, data breaches, change in threat profiles and more. This session targets those interested in privacy and security from a business or operational perspective.
Mark Troester, Global Product Consultant, IT/CIO Solutions, SAS
Big Data: Challenge or Opportunity?
Governments are moving to drive citizen participation and engage directly with their constituents through additional government services and improved access to government data. Governments are looking for technology innovations to foster a better relationship with their citizens and to provide online service offerings. At the same time, the onslaught of big data provides both a challenge and an opportunity. Government agencies struggle to manage the ever growing volume, variety and velocity of data. But if they overcome this challenge, and couple the management of big data along with leveraging effective analytics, governments can realize significant benefits. Big data can be used to discover economic and operational advantages. Big data can be used to better understand how citizens are responding to government programs and services. Big data can be used to improve public safety. In this session, we will define what big data is, what impact big data has on business and government, and we’ll look at big data opportunities and challenges. The discussion will include an introduction to the security ramifications of big data.
Derek Manky, Sr. Security Strategist, Fortinet
|
2:30 – 2:55
Upper & Lower Foyers |
Afternoon Break
|
2:55 – 4:10 |
Session 7 – Concurrent Sessions
Panel A: Mobile Privacy and Security – The Perfect Storm Moderator: Jill Clayton, Information & Privacy Commissioner, Province of Alberta Speakers:
Panel B: Behavioural Geo Targeting and On-Line Advertising “Every Move You Make…” Moderator: Suzanne Morin, Assistant General Counsel, Privacy, RIM Speakers:
Panel C: International Privacy Frameworks – Meeting New Challenges The OECD Guidelines have been remarkably influential in shaping privacy frameworks around the world. However, the three decades since their release have brought significant changes to the environment in which privacy principles must operate, both in terms of the benefits of responsible uses of personal data and the challenges of protecting privacy effectively. There still remains a lack of uniformity in privacy legislation across the world, with different approaches in different countries. This presentation will offer an overview of the key issues being examined by the OECD such as the role of the individual in privacy protection, the implications of cloud computing and the key role of technical and security safeguards. As well, this presentation will look at how data protection authorities from across the globe are coordinating efforts, whether through multilateral discussions or agreements relating to the sharing of information. Learn from the experts; the Chair of the OECD Working Party responsible for the review of the guidelines, and a lawyer from the Office of the Privacy Commissioner of Canada, as to how policy-makers and privacy experts are working together to ensure the continued relevance of the OECD Guidelines and to help ensure a more uniform approach to protecting privacy at the international level.” Moderator: Drew McArthur, Privacy and Compliance Consultant Speakers:
|
4:15 – 5:00 |
Session 8 – Concurrent Keynote Speakers
Trevor Hughes, President and CEO, International Association of Privacy Professionals
20 in 2012: The Top Privacy Issues to Watch
Michael B. Jackson, Director, Public Sector Solutions and Strategy, Adobe Systems, Incorporated
Securing Citizen Experiences through a Digital Government Administrators are expected to manage these digital user experiences, proactively addressing process bottlenecks and security breaches while measuring effectiveness. Program managers, seeking to build personalized relationships with citizens, will automate enrollment workflows and accurately process atypical applications with minimal disruption - all with a focus on results. Through the interconnected experiences of key stakeholders, and by examining relevant public sector case studies, this session will explore the opportunities and challenges of building cost-effective solutions that satisfy the needs of citizens, exceed their expectations, and ensure consistent, secure interactions for all. |
Friday, February 17, 2012 | |
8:15 – 8:20
Salon AB |
Administrative Announcements
MC: Keith Baldrey, Chief Political Reporter, Global BC |
8:20 – 9:10
Salon AB |
Session 9 – Keynote Speaker
Daniel J. Solove, Professor of Law, George Washington University Law School Personally identifiable information (PII) is one of the most central concepts in information privacy regulation. The scope of privacy laws typically turns on whether PII is involved. The basic assumption behind the applicable laws is that if PII is not involved, then there can be no privacy harm. At the same time, there is no uniform definition of PII in information privacy law. Moreover, computer science has shown that the very concept of PII can be highly malleable. Because PII defines the scope of so much privacy regulation, the concept of PII must be rethought. Professors Paul Schwartz (Berkeley Law School) and Daniel Solove (George Washington University Law School) will argue that PII cannot be abandoned; the concept is essential as a way to define regulatory boundaries. Instead, they will propose a new conception of PII, one that will be far more effective than current approaches. |
9:10 – 9:50
Salon AB |
Session 10 – Keynote Speaker Cheri F. McGuire, Vice President, Global Government Affairs & Cybersecurity Policy, Symantec Corporation Know Your Enemy: Understanding the Threat Landscape, Challenges, and Best Practices Sensitive information under attack from a wide variety of sources, including well-meaning insiders, organized crime rings, nation states and advanced persistent threats (APT’s). Private and Public Sector are facing a changing information technology landscape that sees more information stored on smart phones, tablets and cloud services. Tiffany Jones will discuss the current global threat landscape, identify key security challenges apply critical best practices and solutions to protect your environment. |
9:50 – 10:10
Upper Foyer |
Morning Break
Book Signing: |
10:10 – 10:40 |
Session 11 – Concurrent Keynote Speakers
Eddie Schwartz, Chief Security Officer, RSA A State of Dynamic Risk: Containment and Victory in a World of APTs Session Objectives: Provide education on this topic for security professionals; frame the issues and the players through the introduction and opening remarks; frame a “modernized” defense doctrine and principles; make recommendations; seek actionable solutions that can be implemented today.
Joe Alhadeff, Vice President for Global Public Policy, Chief Privacy Officer, Oracle Corporation The Elements of a Data Governance Program: People, Practices, Policies and Technology |
10:45 – 12:00 |
Session 12 – Concurrent Panel Sessions
Panel A: Facial Recognition - Citizen Journalism & Privacy This panel will examine the latest developments in facial recognition technology (FRT) and its application in British Columbia. The panel will also consider the issues raised by this technology, including its implications for privacy and the growth of citizen journalism in new media. Moderator: Elizabeth Denham, Privacy and Information Commissioner of British Speakers:
Panel B: Cyber Security Privacy and security are truly symbiotic, yet because each has its own focus and proponents, there is often contention. This esteemed panel of experts will work towards ending some of that conflict. We will begin with a simple question: What are the top 3 things that security experts can offer the privacy sector that have not yet been adopted or integrated? Why are they so important and how can they benefit the goals of privacy professionals? In a PowerPoint free setting, this issues-oriented panel is designed to be highly interactive, encouraging audience questions and spirited debate so attendees come away with new insights and approaches. Moderator: Winn Schwartau, President, Interpact Inc. Author of Information Warfare, Cyber Shock, Time Based Security & Internet & Computer Ethics for Kids Speakers:
Panel C: Lawful Access; With Great Power comes Great Responsibility Moderator: Daniel J. Solove, Professor of Law, George Washington University Law School Speakers:
|
12:00 – 1:15 |
Luncheon Keynote Address
Elizabeth Denham, Privacy and Information Commissioner of British Columbia Privacy, accountability and the digital revolution Join B.C.’s Information and Privacy Commissioner Elizabeth Denham for an engaging discussion about how we fuse privacy with technology as the digital revolution unfolds, including case examples and practical tools to help organizations demonstrate their compliance with B.C.’s privacy laws.
Luncheon Keynote Address
Willie Wong, Enterprise Services, Security, BCRS and Networking, IBM Canada CyberRisk: An Executive Business Perspective Please join IBM for a eye opening Non-Technical informative business presentation on understanding the true risks and how to build a strategic framework for managing business risk that helps you reach business goals with confidence and efficiency. |
1:15 – 1:45
Salon AB |
Session 13 - Keynote Speaker Dale McFee, President, Canadian Association of Chiefs of Police |
1:50 – 2:20 |
Session 14 – Business Breakouts
Andrew Hughes, CISM CISSP, Consulting Director, Sierra Systems
The safe keeping of one’s identity is key to the merger of our online and real world daily interactions. Shopping, banking, credit, voting, social networks, the cloud, government services, and new services that await invention depend largely on the fact that you are really you. If a seller or service provider never encounters the physical you they must be willing to accept, and trust, the electronic tokens that claim to be you. There are many institutions competing to become the predominant internet identity provider: telecommunications companies, banks, Facebook, PayPal, and of course, Government. The race is on to build internet-scale, trusted identity services. Sierra Systems has delivered identity management solutions, strategic direction and policy to Canadian Public Sector organizations. We see common patterns of success in many initiatives and emerging trends as more organizations make the shift to participate in the online identity ecosystem. Come and hear our perspective on patterns, trends, and what works in identity solutions for the Public Sector.
Spiros Angelopoulos, Oracle Enterprise Architect, Oracle Public Sector
Elevating IT Security to the Cloud and Consolidation
The trend toward consolidation, be it through private or public cloud, further increases the need to understand transitional challenges on IT departments, CIOs and CTOs. Please join Spiros Angelopoulos from Oracle to learn how you can mitigate some of the associated risks by using security controls with a solid foundation of Identity and Access Management (IAM) and Data Security strategies. SaskTel’s IAM Cloud service, available in western Canada, will also be highlighted. Brian Baird, CTO, Sasktel IAM Centre of Excellence, will join Spiros for this session.
Tarlok Birdi, Senior Manager, Enterprise Risk, Deloitte
Privacy and Data Security Monitoring: Tales from the Global Front
Recent high profile targeted attacks resulting in millions of records being exposed have organization re-evaluating their current approach to privacy compliance and security monitoring. This session will present lessons learned from the global stage on key trends and effective solutions implemented.
Brian Reed, Global Identity Management guru, Hewlett-Packard
Who’s Afraid of the Big Bad Wolf? Designing and Implementing Secure ID Management Systems: Country Experiences
Dave Iverson, M.Sc,EnCE,CFE,CISSP | Senior Manager, Grant Thornton LLP
eDiscovery: What you Need to Know SafeNet
Kevin Harris, Account Technology Strategist for Government, Western Canada, Microsoft
Security and Identity Bell
Brian Murata, Account Manager – BC, RSA, The Security Division of EMC
Anatomy of an Attack - which documents the attack on RSA - the techniques used, what to watch for, what systems to harden and test, what visibility is required and how to prepare for a response and recovery plan. |
2:20 – 2:40
Upper & Lower Foyers |
Break
|
2:40 – 3:55 |
Session 15 – Concurrent Sessions
Panel A: Clouding of the Issues – What challenges and obstacles are we overcoming today? Moderator: Joost Houwen, CISSP, CISA | Western Practice Leader, IT Security, Grant Thornton LLP Speakers:
Panel B: Your License Plate as a Tracking Device (Theatre) Moderator: Jill Clayton, Information & Privacy Commissioner, Province of Alberta Speakers:
Panel C: Navigating Internet Privacy (Salon C) Shifts in the modern Internet landscape are creating new challenges and business imperatives for security, IT and legal professionals. Join our panel of experts as they examine the legal, regulatory and public policy initiatives that are impacting online businesses, Internet usage and Internet security today, and tackle the most pressing questions in today's marketplace, including: prospects for new privacy legislation; the potential impact on how companies operate and design products; conflicts that may arise with the development of cloud computing; legal jurisdiction over international data flows in "the cloud?"; the progress of online tracking and advertising; the impact of increasing calls for Privacy by Design from policymakers and organizations; and the rise of rise of class action lawsuits in the privacy sphere.
Justin Weiss, Senior Director, International Privacy and Policy, Yahoo and |
4:00 – 4:40
Salon AB |
Session 16 – Closing Keynote Speaker Steve Simske, HP Fellow, Global leaders, Hewlett-Packard Labs, Secure Document Lifecycle; Member, World Economic Forum Global Agenda Council on Illicit Trade, Chief Inventor, NASA Who am I and where have I been? |
4:40
Salon AB |
Closing Remarks Kim Henderson, Deputy Minister, Citizens’ Services and Open Government |