Speakers

Keynote

Joseph Carson

Joseph Carson

Chief Security Scientist and Advisory CISO at Delinea

Joseph is Chief Security Scientist and Advisory CISO at Delinea. A Cyber Security Professional with 25+ years’ experience in Enterprise Security & Infrastructure, Joseph is a Certified Information Systems Security Professional (CISSP). An active member of the Cyber Security community and a frequent speaker at Cyber Security events globally Joseph is also an adviser to several governments and cyber security conferences. (ISC)² Information Security Leadership Award (ISLA®) Americas Winner 2018 and multiple award winner for Top Cybersecurity Information Security Leaders. Joseph is also host of the award-winning podcast 401 Access Denied.

Keynote: From Zero to Full Domain Admin: The Real-World Story of a Ransomware Attack

Cindi Carter

Cindi Carter

Chief Information Security Officer at Check Point

Cindi Carter is a global, multi-industry Cybersecurity and Information Technology Executive with more than 15 years of experience as a transformational leader for both startups and enterprises. Cindi’s expertise includes building Cybersecurity practices in highly regulated industries, turning strategic goals into actionable outcomes, influencing a “secure from the start” culture, developing secure architecture & engineering platforms, and highly collaborative engagement (C-Suite, Board, Clients and Industry) for managing risk.

At Check Point Software Technologies, Cindi is a Chief Information Security Officer in the Office of the CISO, committed to helping other CISOs achieve success in both strategic and tactical initiatives and contributing to Check Point’s own security practices. Cindi possesses a firm grasp of the challenges surrounding the security, privacy, and risk management landscape, and is a trusted advisor within Check Point as well as for our customers. More recently, Cindi was the CISO for IntSights Cyber Threat Intelligence, where she was responsible for driving the company’s internal security initiatives, as well as serving as an external-facing advisor and subject matter expert in the areas of threat intelligence, cybersecurity resilience and risk management.

Cindi also served as VP and Chief Security Officer at MedeAnalytics, a healthcare analytics software-as-a-service (SaaS) leader; prior to that Cindi was the Deputy Chief Information Security Officer at Blue Cross and Blue Shield of Kansas City.

Taylor Lehmann

Taylor Lehmann

Director, Office of the CISO, Google Cloud

Taylor Lehmann joined Google’s Office of the Chief Information Security Officer (CISO) to advise Google Cloud customers and help them achieve their business goals while adopting a high security bar – one that protects data, operations, and people without compromise or unnecessary friction.

Taylor is an experienced CISO whose past work focused on securing global healthcare organizations, removing obstacles, and driving innovative programs that help them achieve their core missions.

Taylor has held CISO roles for hospitals, health insurance, health IT organizations, and global banks. He was a named advisor and member of the global security advisory boards for both IBM and AWS. Early in his career, he spent 8 years establishing and leading PwC’s healthcare security and risk advisory function, leaving as a Director.

Taylor holds an MBA from Boston College and a BS in Finance and Information Systems from the State University of New York at Buffalo.

Session: How Eating Your Own Dog Food Helps Secure the Planet

Speakers

Eric Amar

Eric Amar

Systems Engineer at Veeam

Mr. Eric Amar has more than eighteen (18) years of professional experience in pre-sales and architecture of telecommunication solutions, IP telephony, networking, servers, data protection, storage, and virtualization.

Over the years, Mr. Amar has acquired the experience of building a complete solution for his clients by considering all technical aspects and impacts on the company. Also, Mr. Amar has acquired the business and sales strategies necessary to manage the sales and project cycles for small, medium, national and international businesses.

Session: Ransomware Recovery in 2022

Eric Bednash

Eric Bednash

Co-founder and CEO of RackTop Systems

Eric Bednash is a founder and Chief Executive Officer of RackTop Systems, an innovative data security company who pioneered the fusion of active threat defense and detection into a unified file storage platform, an emerging market known today as Cyberstorage.

A passion-driven entrepreneur and innovator, Bednash brings to his position more than 20 years of experience in the cybersecurity sector, where he designed specialized data security products for the U.S. Intelligence Community, Department of Defense, and commercial enterprises.

Bednash co-founded RackTop in 2010 with a simple vision – to enable any organization to protect their data as if it were a national secret. Through his leadership and inventions, he has led the creation of a platform to arm companies with a simplified solution to the most complex Enterprise data protection challenges. RackTop’s technology has been leveraged by numerous organizations spanning a wide variety of global industries – notably in government, energy, financial services, healthcare, higher education, media/advertising, and entertainment.

Prior to 2010, Bednash served as co-founder and Chief Technology Officer of Ross Technologies, a mid-sized consulting firm in the Government IT services space focused on developing mission data systems for the U.S. government and held numerous technical leadership roles as a contractor within the National Security industry. He started his professional career specializing in data center systems for Time-Warner Corporation and spent the better part of the dot-com boom in Washington, D.C., where he consulted businesses on the new and expanding internet era.

Bednash is a Forbes Technology Council member and a contributing writer for VentureBeat, among other publications, and an Advisory Board Member of Mission Link Next, an exclusive organization focused on accelerating innovation and advancing solutions to solve national security threats. He attended Rochester Institute of Technology, Penn State University and Stevenson University, completing both undergraduate and graduate coursework in Business and Technology Management. He resides in Fulton, Maryland with his family, and is an avid musician and wine collector.

Session: Stopping Ransomware with Cyberstorage

Andréanne Bergeron

Andréanne Bergeron

Cybersecurity Researcher at GoSecure

Andréanne Bergeron is a cybersecurity researcher at GoSecure. She is also a Ph.D. candidate at the School of Criminology of the Université de Montréal and recipient of the prestigious Vanier scholarship. She previously worked as the coordinator of the Darkweb and Anonymity Research Center.

Session: Hackers get your data through weak passwords practices: Understanding why and how to improve password protection

Olivier Bilodeau

Olivier Bilodeau

Cybersecurity Research Director at GoSecure

Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 12 years of infosec experience, Olivier runs honeypots, reverse-engineers binaries, and programs malware analysis tools. He authored several important AV industry reports like Dissecting Linux/Moose, Operation Windigo (about the Ebury malware) and Ego-Market: When Greed for Fame Benefits Large-Scale Botnets. Passionate communicator, Olivier has spoken at several conferences like RSAC USA, BlackHat USA/Europe, DefCon, 44CON, NorthSec, Botconf, SecTor, Derbycon, AtlSecCon and more. Invested in his community, he co-organizes MontréHack — a monthly workshop focused on applied information security — and he is NorthSec’s Vice-President and runs its Hacker Jeopardy.

Session: What has [not]changed with Social Media Manipulation Driven by Malware?

Workshop: Attacking the Remote Desktop Protocol: a hands-on workshop

Workshop: Malicious Network Data Analysis Using Open-Source Tools

Jeffrey Carpenter

Jeffrey Carpenter

Director of Product Solutions at ForgeRock

Jeff is passionate about securing identities of all types – human and machine. He is a seasoned professional with broad experience in access control, cryptography, biometrics, virtualization, cloud, mobile and network security. Having spent much of his career in cyber security and identity, he has worked for leading companies in this space including RSA and HID Global. He finds his true calling bringing new and innovative solutions to market that ultimately enable us to interact and do more online. Jeff holds both CISSP and CCSP certifications.

Session: What to Look for in Your Identity Cloud Provider

Raymond Chan

Raymond Chan

Cloud Sales Engineer at Tufin

Raymond Chan est un spécialiste de la sécurité du cloud et un ingénieur basé à Toronto, au Canada. Pendant plus de vingt ans, Raymond a travaillé avec des organisations du Global 2000 pour concevoir et déployer des programmes de cybersécurité efficaces. Spécialisé dans la sécurité des applications cloud-native et de sécurité Kubernetes, Ray est actuellement architecte de solutions chez Tufin Technologies.

Session: Visibility, Control, and Change Tracking for Public Cloud Policies

Chiheb Chebbi

Chiheb Chebbi

Cybersecurity Consultant at Intellisec Solutions

Chiheb Chebbi is a Cybersecurity Consultant at Intellisec Solutions with proficient and thorough experience and a good understanding of information technology. He is specialized in proactive incident response using Microsoft Sentinel. He authored, contributed, and reviewed many information security books. He holds many professional certifications from Microsoft and MITRE (Certified MITRE Defender in 3 areas: Threat intelligence, ATT&CK SOC assessments, and Adversary Emulation). He is a versatile, bilingual professional and a community contributor. In 2021, he was awarded the Microsoft Most Valuable Professional (MVP) Award.

Session: Enhancing Blue Teaming with Threat Emulation and Purple Teaming

Laurent Desaulniers

Laurent Desaulniers

Vice President Breach Detect Response Services at GoSecure

Laurent Desaulniers is the Director of Penetration testing Services at GoSecure. He has over 15 years of experience in offensive security and attack simulation. In addition to his experience in pentest, Mr. Desaulniers has had the opportunity to teach at ÉTS, HEC and the Polytechnic School of Montreal. Laurent has been a speaker around the world, presenting at many conferences such as RSA, Red Team Summit, NorthSec, NCFTA, CQSI, Hackfest and many others. In his hobbies, Mr. Desaulniers is interested in lock-picking techniques, magic and pickpocketing.

Session: Breach Coach et préparation aux incidents, un guide pour s’y retrouver

Vanessa Deschênes

Vanessa Deschênes

Practice Leader, Counsel and Privacy Officer at ROBIC

Vanessa Deschênes is a Data Protection, Privacy and Cybersecurity Leader and part of the emerging Technologies Group at ROBIC. She has extensive expertise in privacy, data governance, compliance and information technology law. She provides strategic advice on the best practices to adopt, whether it is during the implementation of a new technology, the marketing of a new product or during a crisis.

In addition to holding an MBA, Vanessa Deschênes holds several certifications in the field of privacy and information security (including CIPP/C, CIPM and CPDSE) and holds the title of Fellow of Information Privacy (FIP), which recognizes her leadership and expertise in this area.

Prior to joining ROBIC, Vanessa was the first-ever Chief Privacy Officer of a major Canadian financial institution, for which she was awarded the Legal Counsel of the Future award at the 2018 ZSA Quebec Legal Counsel Awards. She has also been a lecturer at the Polytechnique de Montréal and the Faculty of Law at Laval University.

Benoît H. Dicaire

Benoît H. Dicaire

CTO Canada at Forcepoint

Benoît H. Dicaire leads the Canadian Sales Engineering at Forcepoint. Being just as much at ease in the boardroom, then a war room or even the server room, he collaborates with senior managers and specialists to bring clarity to your information protection program. Benoît is a former independent consultant with 30 years of experience. He believes that cybersecurity builds trust and sets businesses apart.

Session: Implementing an Effective Data Protection Program (DPP)

Todd Dow

Todd Dow

Technical Security Solutions Specialist at Cisco

Todd Dow is a Technical Security Solutions Specialist at Cisco. He is also a writer, speaker, geek, CF fundraiser and founder of InfoSec Hamilton. Todd’s family, baseball, infosec & devops are a few of his favorite things. Todd has spoken at numerous industry events including Sector and the International Association of Privacy Professionals (IAPP). Todd has over 20 years of experience in the cybersecurity field performing penetration tests, providing security architecture and compliance consulting and creating, developing and leading high performing security teams – this included working as the CISO at two organizations: First Ontario Credit Union and ArcelorMittal Dofasco. Todd maintains CISSP, CISA and PMP credentials and he has also earned an Hon BA in Philosophy and Religious Studies from the University of Toronto.

Session: Do We Need to Remediate Them All?

John Engates

John Engates

Field Chief Technology Officer at Cloudflare, Inc.

John Engates joined Cloudflare in September of 2021 as Field Chief Technology Officer and is responsible for leading the Field CTO organization globally. Prior to Cloudflare, John was Client CTO at NTT Global Networks and Global CTO at Rackspace Technology, Inc. Earlier in his career, John helped launch one of the first Internet service providers in his hometown of San Antonio, Texas.

John is a graduate of the University of Texas at San Antonio and lives in Texas with his wife and two daughters. He is passionate about technology and enjoys mountain biking, snowboarding, and spending time traveling with his family.

Session: Secure Your Future: Internet-native Zero Trust Architecture Helps you Transform your Business Faster

Kateri-Anne Grenier

Kateri-Anne Grenier

Avocate

She has been a litigator for nearly 20 years, during which time she has developed cutting-edge expertise on issues related to access to information, the right to privacy, the protection of privacy and cybersecurity.

Has accompanied several clients in major security incidents, involving frequent interactions with senior management and the board of directors, and requiring a rapid response to manage urgent situations, business risks and reputational risks. As a breach coach, Kateri-Anne is known for her human, dynamic approach and her ability to quickly gain the trust of her clients to implement appropriate solutions.

Her training as a litigator leads her to get to the heart of the matter and to target the risks and pitfalls of liability and reputation risks.

She has already published several articles and participated in conferences to raise awareness of the impacts of recent legislative changes on their practices.

Co-author of a book on the Act respecting the protection of personal information in the private sector (2nd annotated edition) published by Yvon Blais.

Recognized by the Best Lawyers in Canada (2020-2021) legal directory in administrative and public law, and by the Benchmark Litigation (2019-2020).

Julien Hamel

Julien Hamel

Senior Sales Engineer at Tenable

For Julien, everything started with this big brown box which was father’s Apple II. For a reason that he never totally understood, computers always fascinated him, even as a young child. This fascination with combining challenges has shaped the path of his career.

Julien has been in the IT Security field for over 15 years, he works extensively with many companies in different fields: Finance and Insurance, Communication, Energy, Education, Retail, Wood and paper, Food industry, Police department, Transportation, and more. His technical security background is very broad: Network Security, Web applications security, Malware, Wireless security, Open-source intelligence, Pentesting and Incident response.

Session: Comment Prévenir des Attaques de Type Ransomware Avec Une Bonne Gestion de Vulnérabilités
* Presented in French Only

Vanessa Henri

Vanessa Henri

Lawyer in cybersecurity and data governance

Vanessa is co-founder of Henri & Wolf. In 2020, she was recognized as one of the most influential women in cybersecurity by IT World Canada, in 2021 in “Ones to Watch” by Best Lawyers, and in 2022, she received the Women in Leadership Award from SiberX. Vanessa is certified ISOIEC 27701: Senior Lead Implementor and Certified Data Protection Officer.

Prior to joining private practice, Vanessa led the legal department of a multinational cybersecurity firm. She currently teaches at the University of St. Thomas in Florida.

Anusha Iyer

Anusha Iyer

CTO and Co-Founder of Corsha

Anusha Iyer is the CTO and Co-Founder of Corsha. She is a technology leader with over 15 years of experience in security-minded software, analytics, and managed services. A Carnegie Mellon alum, she started in the Washington, DC area at the Naval Research Lab. At NRL, her focus was on reverse engineering and tactical edge networking. Most recently, she was the Director of Software Programs at Galois, Inc., managing DARPA contracts in the areas of privacy, cyber-mission planning, and software diversity. At Corsha, Anusha is passionate about making security accessible, easy to adopt, even self-assuring.

Session: API Secrets are weak proxies for Machine Identity

Luke Kmiotek

Luke Kmiotek

Sales Engineer at Immersive Labs

Luke Kmiotek is a budding leader in cyber security, with a passion for delivering relevant solutions to organizations. With both consultative and practical hands on technical experience, Luke is making an impact as a Security Engineer at Immersive Labs.

Workshop: Optimizing the Workforce for Cyber Crisis Resilience — An Interactive Simulation

Alexandre-Xavier Labonté-Lamoureux

Alexandre-Xavier Labonté-Lamoureux

Student in Software Engineering at the École de Technologie Supérieure

Alexandre-Xavier Labonté-Lamoureux is a senior student in Software Engineering at the École de Technologie Supérieure (ÉTS). He is an open-source software advocate, and he is volunteering in likely-minded students scientific and technology clubs at his university. He has been involved in the cybersecurity community for more than four years, notably in the Delegation of IT Competitions at ÉTS where he has given many workshops on the subject of reverse engineering. While he and his team have been busy winning 1st place at Northsec CTF 2020 and 2nd place at Northsec CTF 2021, Alexandre-Xavier also likes to design challenges, mostly with the goal of teaching and sharing his knowledge. Some of his recent accomplishments include organizing UnitedCTF 2021 where 230 students were introduced to cybersecurity, presenting workshops at Montréhack, mentoring a Canadian team students who participated to the European Cyber Security Challenge (ECSC) and the International Cybersecurity Challenge (ICC), building the cybersecurity foundations for a DevOps team at Ubisoft Montreal and winning the Cybertalent Trophy from École Cybersécurité for his accomplishments.

Session: Cybersecurity on a budget: Securing your code and infrastructure for free

Ed Leavens

Ed Leavens

CEO at Datex

Ed Leavens is a cybersecurity innovator and evangelist with a lengthy track record of launching and developing successful software companies. As CEO at Datex | DataStealth Ed’s mission is to ensure that his team, and their customers, understand the issues and the changing state of privacy, regulatory, governance, and compliance frameworks in this complex era of data privacy, data residency, and data security needs. He helps organizations, struggling with the complex and ever-accelerating data security crisis, protect their customers, their data, their brand, their bottom-line, and their shareholders.

Session: Bill 64 is modernizing Québec privacy law – What it involves, why it matters, and what you can do to reduce the risk of non-compliance financial and administrative penalties

Martin Lemay

Martin Lemay

Chief Security Officer at Devolutions Inc.

Martin Lemay is the Chief Security Officer at Devolutions Inc., leading security initiatives from risk management to product security controls. Over the past several years, Martin has acquired a solid technical background as a security professional specialized in penetration testing. operated in most industry sectors from banking, financing and insurance to energy, healthcare, airlines and telecommunications. Martin has also contributed to some open source projects, including the most advanced password cracking software “Hashcat”, where he implemented GPU attacks on Blake2b and Chacha20. He has spoken at various local events and schools in Canada with a focus on offensive security topics.

Session: Cybersecurity as a Business Opportunity – a Success Story Through Pain and Failure

Mike Milner

Mike Milner

Head of Product Management at Trend Micro

Mike Milner is the Head of Product Management at Trend Micro. He’s experienced the breadth of opportunities technology and data intelligence have created for businesses and governments. Between fighting cybercrime for the Canadian government and working for security agencies overseas, Mike has developed a deep understanding of the global security landscape and how the underground economy dictates hacks and ultimately drives breaches. Prior his current role, Mike was CTO and Co-Founder of IMMUNIO, which was acquired by Trend Micro in 2017. He has also held technical roles with Salesforce, Canonical and the UK and Canadian governments.

Session: Ensuring Developer Intent Matches Reality

Dr. Tim Nedyalkov

Dr. Tim Nedyalkov

Technology Information Security Officer at the Commonwealth Bank of Australia and Executive Member of the CyberEdBoard Global Community

Dr. Tim Nedyalkov brings over 18 years of multi-industry experience in Information Technology and Cyber Security across Europe, the USA, Australia, and the Middle East. He is a Technology Information Security Officer at the Commonwealth Bank of Australia and Executive Member of the CyberEdBoard Global Community. Most recently, he established the cyber security practice for the $24 Billion Riyadh Metro transport network, one of the world’s largest public transport infrastructure projects.

He holds a doctorate in Cyber Security/Information Assurance from the University of Fairfax, and a master’s in Information Technology Management from the University of Sydney. His certifications include C|CISO, CISSP, CCSP, CEH, CISA, CISM, CRISC, CGEIT, CDPSE, ISO 27001 LA, and Agile PM.

Dr. Nedyalkov has been a frequent keynote speaker and panelist at over 30 industry-leading conferences. In addition, he is an active contributor to cyber security industry publications, white papers and community initiatives. He was featured in Top Cyber Magazine, Industrial Cyber, RSA Conference, BankInfoSecurity, InfoRiskToday, and CyberEdBoard Profiles in Leadership. Dr. Nedyalkov has been globally recognized as Cybersecurity Influential Voice and 40 under 40 in Cybersecurity. In addition, he was nominated for the Cyber Security Professional of the Year 2019 in Australia.

Session: Prepare and Secure Critical Infrastructure for the Future of Digitalization

Brynna Nery

Brynna Nery

Cloud Security Architect at Abnormal Security

Brynna Nery is a Friendly Cloud Security Architect @ Abnormal Security. She has spent the last decade happily nerding out in security and pushing for democratizing it to everyone as it is everyone’s responsibility. Prior to working at Abnormal Security Brynna worked in highly regulated industries including, banking, fintech and security software. She is an active contributor at the Cloud Security Alliance research groups and always on the lookout for opportunities to security’s newest BFF. (i.e. using the newest tech stack for the benefit of security).

Session: Stop Playing Whack-A-Mole with Your Security Strategy: How to Prioritize Risks for Your Organization

Masarah Paquet-Clouston

Masarah Paquet-Clouston

Professor in criminology at Université de Montréal

Masarah is an assistant professor at Université de Montréal and a research collaborator at the Stratosphere Laboratory affiliated with the Czech Technical University in Prague. She holds a Ph.D. in criminology and is specialized in the study of profit-driven crime enabled by technologies. Previously, she worked five years at GoSecure as a researcher and has presented at international conferences including NorthSec, BlackHat, DEFCON and RSA.

Session: What has [not]changed with Social Media Manipulation Driven by Malware?

Olga Polishchuk

Olga Polishchuk

Senior Director, Tactical Intelligence Operations at Zerofox

Olga Polishchuk is a security and intelligence professional with over a decade of experience in executive security, open-source intelligence, threat & risk assessments, and a wide array of physical and information security investigations. Olga serves as the Senior Director in the Tactical Intelligence Operation Unit at ZeroFox, focusing on tactical investigations and threat assessments. In her current position, she acutely focuses on expanding organizations’ understanding of the potential and emerging threats and aids in real-time operational and strategic decisions.

Session: Executive Security Amidst Professionalization of Cyber Criminal Underground

Scott Register

Scott Register

Vice President, Security Solutions at Keysight Technologies

Scott Register has more than 15 years of experience leading product management and go-to-market activities for global technology companies. In his current role, he is tasked with bringing new security solutions to market across Keysight’s broad solution portfolio.

Prior his current role, Scott was vice president of product management leading the development of new Ixia products in the areas of Security, Virtualization and Cloud. Earlier, Scott spearheaded the company’s visibility product line. Prior to Ixia, he led product management at BreakingPoint Systems where he was responsible for the industry’s highest rated network performance, security, and resiliency testing equipment, before the company was acquired by Ixia.

Session: Change Your Perspective: View Your Network Like a Hacker

Danielle Riley

Danielle Riley

Senior Channel Sales Manager at Immersive Labs

Danielle Riley is a Senior Channel Manager for Immersive Labs, working with partners to help business leaders drive Cyber Workforce Optimization within their organization. Danielle has spent over 15 years in cybersecurity and has held previous roles at WhiteSource and Veracode. Danielle graduated from University of New Hampshire with a bachelor’s degree in political science.

Workshop: Optimizing the Workforce for Cyber Crisis Resilience — An Interactive Simulation

Tomer Rozentzvaig

Tomer Rozentzvaig

Director of Product Management – AppSec at Radware

Tomer is a 25-year Hi-Tech industry Expert. He has been actively involved in developing, inventing, and leading product development for distributed heterogeneous networks environments for military and paramilitary organizations. His Career has been focused on 3 main aspects: providing value to customers, excellent user experience and security. In his various roles, Tomer was leading all Security Risk Analysis tasks and was responsible to implement mitigation solutions at every layer of the network.

Session: Protecting your web applications built on Kubernetes

Nicolas Vermeys

Nicolas Vermeys

Director of the Public Law Research Center, Deputy Director of the Cyberjustice Laboratory and Professor at the Faculty of Law of the University of Montreal

Nicolas Vermeys, LL. D. (Université de Montréal), LL. M. (Université de Montréal), CISSP, is the Director of the Centre de recherche en droit public (CRDP), the Associate Director of the Cyberjustice Laboratory, and a Professor at the Université de Montréal’s Faculté de droit. He is also a visiting professor of law at both William & Mary (USA) and the University of Fortaleza (Brazil).

Mr. Vermeys is a member of the Quebec Bar, as well as a certified information system security professional (CISSP) as recognized by (ISC)2, and is the author of numerous publications relating to the impact of technology on the law, including Droit codifié et nouvelles technologies : le Code civil (Yvon Blais, 2015), and Responsabilité civile et sécurité informationnelle (Yvon Blais, 2010).

Mr. Vermeys’ research focuses on legal issues pertaining to artificial intelligence, information security, developments in the field of cyberjustice, and other questions relating to the impact of technological innovations on the law. He is often invited to speak on these topics by the media, and regularly lectures for judges, lawyers, professional orders, and government organizations, in Canada and abroad.

Session: À l’aube du Metavers: L’admissibilité de la preuve issue des médias sociaux
* Presented in French Only