Privacy and Information Security Congress 2011
The Future of the Internet: Opportunities & Challenges of Web 3.0
November 28 - 29th, 2011
The Westin Ottawa Hotel
Ottawa, Ontario, Canada
Notional Agenda
* = invited
|
Monday, November 28th, 2011
|
7:30 – 8:40
Confederation Foyer
|
Registration
|
8:30 – 8:55
Confederation I
|
Call to Conference Welcome Presentation/Opening Remarks
MC: Dr. Michael Geist, Canada Research Chair of Internet and E-commerce Law, University of Ottawa
|
8:55 – 9:35
Confederation I
|
Session 1 – Keynote Speaker
Daniel J. Solove, John Marshall Harlan Research Professor of Law George Washington University of Law School
"If you've got nothing to hide you shouldn't worry about government surveillance”. Based on his new book, Nothing to Hide: The False Tradeoff Between Privacy and Security”, Daniel will argue that the debate between privacy and security has been framed incorrectly as a zero-sum game in which we are forced to choose between one value and the other. Protecting privacy isn't fatal to security measures; it merely involves adequate oversight and regulation.
|
9:35 - 9:55
Confederation II
|
Refreshment Break
|
9:55 – 11:10
|
Session 3 – Plenary Panel
Internet Traffic Management
(Confederation I)
The issue of how carriers manage their networks has emerged as a hot-button policy issue with ongoing public debate on issues such as net neutrality and usage based billing. This panel will canvass recent CRTC activity and explore where Canada stands on the rules governing Internet providers.
Moderator: Dr. Michael Geist, Canada Research Chair of Internet and E-commerce Law, University of Ottawa
Speakers:
- Bill Sandiford, President, Canadian Network Operators Consortium
- Steve Anderson, National Coordinator, Open Media.ca
- Len Katz, Vice Chair Telecommunications, CRTC
- Craig McTaggart, Director, Broadband Policy, TELUS
|
|
11:15 – 11:45
|
Session 4 - Business Breakout Sessions
- Omkhar Arasaratnam, Lead Security Architect, SmartCloud Enterprise+, IBM
(Provinces I)
Cloud Security: The real story
Just the name "Cloud" often get information security departments whipped into a frenzy, worried about data leakage and exposure of sensitive assets. In reality, Cloud computing is just another delivery model for IT. The presentation will provide a methodical view of how to approach security for Cloud computing, and what security professionals should on the watch for. This presentation will also cover some of the upcoming work in international standards organizations related to cloud security standards.
- Ethan Kelleher, Security and Compliance, Symantec
(Provinces II)
Global Intelligence and Security Monitoring Services
The increased volume and complexity of threats present significant challenges to organizations posed by cyber crime. It is increasingly difficult to provide effective security due to increased risk, increased regulatory pressures, lack of budget, and the challenge of finding and retaining qualified candidates.
|
11:45 – 12:30
Confederation II
|
Lunch
|
12:30 – 1:15
Confederation I
|
Luncheon Keynote Address
Ann Cavoukian, Ph.D, Information and Privacy Commissioner for Ontario, Author of "The Privacy Payoff"
Presentation of the Kristian Beckman Award to Dr. Cavoukian. Presented by Stephen Marsh, Ph.D, Communications Research Centre Canada
Information and Privacy Commissioner of Ontario, Canada, Dr. Ann Cavoukian, has taken her concept of Privacy by Design (PbD) to the global stage, where it is now recognized as an International Privacy Standard. Abandoning zero-sum in favour of positive-sum paradigms, Privacy by Design (PbD) proactively embeds privacy into emerging technologies, accountable business practices and networked infrastructures, dramatically decreasing privacy breaches by preventing the harm from arising at the source – in the code. Commissioner Cavoukian’s concept of Privacy by Design was not developed as a theoretical construct. It was developed to introduce real change into everyday lives, always with the goal of advancing privacy, which requires creativity and innovation from computer scientists, code writers and engineers in all parts of the world. PbD is already delivering real-world results in areas ranging from biometric encryption to mobile communications. Come hear Dr. Cavoukian explain how her concept of Privacy by Design can transform today's privacy problems into tomorrow's privacy solutions.
|
1:15 – 2:00
Confederation I
|
Session 5 – Keynote Speaker
Tiffany Jones, Director, Public Sector Strategy, Symantec Corporation
Threat Landscape, Challenges, and Best Practices
Sensitive information under attack from a wide variety of sources, including well-meaning insiders, organized crime rings, nation states and advanced persistent threats (APT’s). Private and Public Sector are facing a changing information technology landscape that sees more information stored on smart phones, tablets and cloud services. Tiffany Jones will discuss the current global threat landscape, identify key security challenges apply critical best practices and solutions to protect your environment.
|
2:05 – 2:35
|
Session 6 - Business Breakouts
- Adrian Cerchia, Technology Director, Sierra Systems
(Provinces I)
Security Considerations in the Design of Mobile Apps
The explosion of both corporately-owned and personally-owned mobile devices in the enterprise brings an opportunity to expand the employee toolset for connecting business processes with mobile apps. The applications deployed on these mobile devices must comply with enterprise security standards while not compromising end-user privacy and usability. Designing secure mobile apps to achieve these objectives is the focal point of this presentation. We’ll examine the security consequences of choosing a web, native, or hybrid application architecture; key differences between major platforms’ security models; and the impact of users’ acceptance of app permissions in an enterprise context driven by consumer behavior.
- Derick Cassidy, SCISSP-ISSAP, Security Lead, Office of the CTO, Oracle Public Sector
(Provinces II)
Elevating IT Security to the Cloud and Consolidation
The trend toward Cloud consolidation is ever present, further increasing the pressure of understanding related transition challenges on IT departments, CIOs and CTOs. Please join Spiros Angelopoulos from Oracle to learn how you can mitigate some of the associated risks by using security controls available with a solid foundation of Identity and Access Management (IAM) and Data Security strategies.
|
2:35 – 2:55
Confederation II
|
Afternoon Break
|
2:55 – 4:10
|
Session 7 – Concurrent Sessions
Panel A: Borderless Cloud Computing – "Hey You, Get Off My Cloud!"
(Provinces I)
Moving to the Cloud is a major security and privacy issue that is confounding every organization. This esteemed panel will briefly address a few issues that weigh heavily on their minds, then it’s over to the audience for your questions, comments and exchange,
- Cloud Computing: The Good, the Bad and the Downright Ugly
- Managing Privacy Across Borders
- What are the best practices for avoiding Cloudbursts?
Moderator: Winn Schwartau, President, Interpact, Inc. Author of Information Warfare, Cyber Shock, Time Based Security and Internet & Computer Ethics for Kids
Speakers:
- David Fraser, Partner, McInnes Cooper
- Omkhar Arasaratnam, Lead Security Architect, SmartCloud Enterprise+, IBM
Panel B: Cyber Marketing and Behavioural Advertising
(Provinces II)
Behavioural advertising represents of the most challenging online marketing issues, forcing marketers, advocates and regulators to consider how best to strike the balance between commercial opportunities and personal information protection. Panelists from across North America will provide their perspectives on where behavioural advertising is heading and whether new regulations or restrictions may be on the way.
Moderator: Dr. Michael Geist, Canada Research Chair of Internet and E-commerce Law, University of Ottawa
Speakers:
- Joanne Furtsch, Policy & Product Architect, TrustE
- David Elder, Stikeman Elliott LLP & Special Digital Privacy Counsel to the Canadian Marketing Association
|
4:15 – 4:45
Confederation I
|
Session 8 – Keynote Address
Steve Ferrigni, Manager of the CSAO, Corporate Security Branch, Government of Ontario.
Introduced by Marshall Sangster, Oracle Canada ULC, Regional Manager, Public Sector – Ontario
Convenient Secure Online Authentication
Providing online access to citizens wishing to perform a myriad of transactions and accessing personal information poses a significant number of challenges from privacy to identity assurance. Internally, simplifying access to applications while improving security and user lifecycle management increases in difficulty when integrating hundreds of applications and over 70,000 users.
Steve Ferrigni will discuss how the Province of Ontario has developed its external facing IAA (Identification, Authentication, and Authorization) service using a "Privacy by Design" approach and its strategy and challenges around implementing an internal IAM (Identity and Access Management) solution.
|
4:45
Confederation II
|
Reception
|
|
Tuesday, November 29th, 2011
|
8:45 – 8:55
Confederation I
|
Administrative Announcements
MC: Winn Schwartau, President, Interpact, Inc. Author of Information Warfare, Cyber Shock, Time Based Security and Internet & Computer Ethics for Kids
|
8:55 – 9:35
Confederation I
|
Session 9 – Keynote Address
Chantal Bernier, Assistant Privacy Commissioner of Canada
New Frontiers in Privacy Protection
New advances in technologies such as facial recognition, combined with the ubiquity of wireless phones and tablets, are opening the door to a new wave of opportunities for law enforcement authorities and technology-based commercial enterprises. Assistant Privacy Commissioner of Canada Chantal Bernier explores this emerging trend and its privacy implications.
|
|
9:40 – 10:10
|
Session 10 - Concurrent Keynote Speakers
- Brian Blackshaw, Senior Strategist - IBM Security Systems
(Confederation I)
Driving Effective Application Security: An End to End Approach to Addressing One of Today's Biggest Threats
Web applications are getting more complex; and therefore, so are the vulnerabilities. According to the latest statistics from the latest IBM X-Force Trend & Risk Report, 37 percent of all issues reported were Web application related. Compromising the business logic of a web application is now the leading method of exploit. Failure to properly secure Web applications exposes them to malicious attacks, making it an essential priority when managing risks in today's increasingly dynamic threat landscape.
This session will discuss new and emerging network and application security attacks and strategies that agencies can utilize to proactively protect against Web application and network security threats.
- Fiaaz Walji, Canadian Country Manager, Websense
(Confederation III)
The Canadian Social Web: changing expectations, changing privacy and security models
This session swill discuss the cultural shift leading to changing expectations of social access in the workplace and how businesses are using social media in new ways; demonstrate the latest social media security and privacy exploits and how the bad guys are taking advantage of this migration to exploit users at businesses; and explore ways that organizations can facilitate access to these sites, satisfying both business requirements and the expectations of the new generation, while protecting from the latest threats.
|
10:10 – 10:30
Confederation II
|
Morning Break
|
10:30 – 11:45
|
Session 11 – Concurrent Panel Sessions
Panel A: Data Breaches
(Confederation I)
Sooner or later, it’s going to happen. A data breach, affecting your company’s image, customer’s privacy or leak of confidential information. After brief introductory remarks, our panel of experts will strongly interact with the audience to explore the many issues that are of concern to you!
- How to Prepare for Cloudbursts: The Technical Side
- Non-technical Damage Control
- The Upstream and Downstream legal Liability Issues for Privacy and Breaches
Lead Speaker: Winn Schwartau, President, Interpact, Inc. Author of Information Warfare, Cyber Shock, Time Based Security and Internet & Computer Ethics for Kids
Speakers:
- Tim Upton, CEO, TITUS
- Karl Martin, President & CEO, Bionym Inc.
Panel B: The Mobile Revolution: Location Based Services
(Confederation III)
Even though location information has captured the attention of regulators and policy makers worldwide, mobile application developers are flocking to take advantage of location information to offer consumers new and exciting services that leverage their location information. The same holds true for large enterprise and government who are also trying to leverage the benefits that come with increased access to location information. But are the concerns over location information really new?
Moderator: Suzanne Morin, Assistant General Counsel, Privacy, RIM
Speakers:
- Martin Kyle, CISSP CSSLP GISP, Principal Sierra Systems
- Andrew Patrick, IT Research Analyst, Technology Analysis Branch, Office of the Privacy Commissioner of Canada
- Denny Prvu, Sr. Principal Consultant, CA
|
11:45 – 1:15
Confederation II
|
Networking Luncheon
|
1:15 – 1:45
Confederation I
|
Session 12: Keynote Address
Dean Turner, Director of the Global Intelligence Network, Symantec Corporation
A presentation on the latest threats and trends in cyber security focusing on APT's, targeted threats and the myths that shouldn't be driving our security agendas
|
1:50 – 3:05
Confederation I
|
Session 13 – Plenary Panel
Identity Management
Moderator: Brian O'Higgins, co-founder and former Chief Technology Officer, Entrust
Knowing who you are, and determining what you can see and do are the main aspects of Identity Management. While it sounds simple, this problem is far from being solved. A typical web user has 25 accounts that require passwords and each is managed in a different administrative domain, yet attempts at single sign-on and federated identity have failed to catch on. Why is that? Our panelists will discuss this and other identity challenges in today’s web, enterprise, and government environments.
Speakers:
- Pierre Boucher, Deputy Chief Information Officer for the Government of Canada
- Peter Macaulay, CISO, Government of Ontario
- Derick Cassidy, Security Lead, Office of the CTO, Oracle
- Tim Moses, Senior Director, Entrust
|
3:05 – 3:50
Confederation I
|
Session 15 - Closing Keynote
Richard Thieme, Author, Media Commentator and Speaker
"Life in a World Without Walls"
How has identity shifted from “individuals” up to meta-national structures? How do we continue to think inside paradigms framed by prior technologies while we act as emergent paradigms demand? How has the narrative inside the “security space” become self-referential and self-serving, and what does it filter out as well as filter in? How has the practice of professional intelligence redefined geopolitical reality in advance of protocols and policies? What will “biohacking” add to our conversation about computer hacking and privacy?
|
3:50 – 4:00
Confederation I
|
Closing Remarks
Winn Schwartau, President, Interpact, Inc. Author of Information Warfare, Cyber Shock, Time Based Security and Internet & Computer Ethics for Kids
|
Title Sponsor
Platinum Sponsors
Gold Sponsors
|
|
