Kristin Lovejoy General Manager, IBM Canada Ltd. Cheri F. McGuire Vice-President, Global Government Affairs and Cybersecurity Policy, Symantec Corporation Dr. James L. Norrie Dean, Business and Justice Studies, Utica College
CONFERENCE AGENDA
EFFECTIVE STRATEGIES FOR DEFENDING YOUR
DATA AND ORGANIZATION
Cyber Security
and Insider
Threat
.
Gain insights from the experts on
insider threat—from the technical
and social perspective.
Take advantage of expert presentation and networking to
develop a greater appreciation of today’s threat environment
and the role of insider threats. Topics for discussion will
include how to:
• understand the range of threats in today’s environment
• identify those employees who might pose a risk of
becoming a threat
• avoid accidental release of information
• match your defence strategy to the importance of the
information you are protecting
• expand your defences to include contractors as well as
direct employees
• conduct an effective investigation if a breach occurs
• create a culture that discourages insider threats—including
an effective whistleblowing process
• communicate effectively with the public and stakeholders
after a breach occurs
Don’t make the
mistake of investing
all your resources
and focus into
defending against
yesterday’s attack.
This event is Canada’s only
forum devoted to one of the most
important emerging threats to your
organization—insider threat.
Those inside your organization
enjoy easier access than those
outside and their activities are often
harder to detect and defend against.
As such they can wreak havock by
stealing or destroying your data—
or stealing your intellectual property
and passing it on to competitors.
The Snowden case is only the tip of
the iceberg. All our organizations
are vulnerable either to the lone wolf
inside who might act from personal
grievance or gain, or maybe worse
an insider acting on behalf of a
larger group motivated either
through money or ideology.
Learn about the Conference Board’s
new Centre on Cyber Security
This event will mark the launch of a new Centre at the Board dedicated to cyber
security. You will be the first to hear about it’s proposed activities and research
agenda and have an opportunity to share your own priorities and areas of concern.
7:45 a.m. Registration and Continental Breakfast 8:15 a.m. Opening Remarks from the Chair
And Overview of Board Research to Date on Cyber Security and Insider Threat
Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada
8:45 a.m. Plenary Session 1
Insider Threat—Proven Strategies for Identifying and Responding to Potential Threats
Dr. Eric Shaw, Consultant, Stroz Friedberg
Scott Weber, Managing Director and Leader of the SCOUT Business Unit, Stroz Friedberg
Eric Shaw and Scott Weber are two of the top experts in North America on the psychology of insider threats. In this session they will look at the growth vector of insider threats—how they get into your organization, how they might become motivated or radicalized before or after joining, the most critical organizational issues that can precipitate dissatisfaction to the point of action. To prevent damage to your organization you need to learn how to be a benign big brother.
Their wide-ranging discussion will touch on the most critical issues for HR, IT and leadership in your organization. Among these will be: • developing a profile of the archetypal insider threat—and using
it appropriately
• understanding behaviours that indicate a possible threat
• monitoring email, texts, etc. and mining this for potential risks— but always acting only on behaviour
• taking an all hazards approach • focusing resources
• understanding whistleblowing policies and the importance of recognizing genuine grievances before they escalate
Agenda
AT A GLANCE
7:45 a.m. Registration and Continental Breakfast 8:15 a.m. Opening Remarks from the Chair 8:45 a.m. Plenary Session 1
10:00 a.m. Networking Break 10:30 a.m. Plenary Session 2 11:30 a.m. Plenary Session 3 12:15 p.m. Networking Luncheon 1:15 p.m. Plenary Session 4 2:00 p.m. Plenary Session 5 2:45 p.m. Refreshment Break 3:00 p.m. Plenary Session 6 3:45 p.m. Plenary Session 7
4:45 p.m. Closing Remarks from the Chair 5:00 p.m. Day 1 Adjourns
• using psycholinguistics to determine the credibility of threats • how to deal with false positives
This extended session offers an outstanding examination of the key challenges posed by insider threats and the latest thinking of those who specialize in helping organizations secure their data from this emerging threat.
10:00 a.m. Networking Break 10:30 a.m. Plenary Session 2
The Insider Threat—Malice Not Required
Cheri F. McGuire, Vice-President, Global Government Affairs and Cybersecurity Policy, Symantec Corporation
In this day and age you need more than a higher and higher wall to defend your organization against cyber threats. In this session, Cheri McGuire of Symantec will challenge your assumptions about what really constitutes an insider threat by exploring some recent, high-profile attacks. Whether caused by a malicious insider or an unwitting
employee, the damage from these events is significant and lasting. Cheri will also share her thoughts on how such threats may be recognized and mitigated, and suggest some basic questions every enterprise should be asking about its security.
11:30 a.m. Plenary Session 3
Case Study: One Organization’s Response to The Emerging Cyber and Insider Threat
Vincent Jarvie, Vice-President, Corporate Security, L-3 Communications Corporation
In this session, you will get to hear how one prominent organization is adapting to meet emerging and changing threats. Against a background of growth, increased outsourcing and far greater mobility of employees, L-3 has to stay ever vigilant to prevent data loss or damage to the organization through inside agents.
You will hear how L-3 is managing risk in an era of cloud computing, extensive use of contractors, changing technology and growth in attack vectors.
12:15 p.m. Networking Luncheon
DAY 1 / Wednesday, February 18, 2015
1:15 p.m. Plenary Session 4
The Accidental Insider: Understanding and Preventing Inadvertent Leaks that Could Damage Your Organization
Kevin Ripa, Owner, Computer Evidence Recovery
Most of the discussion of insider threat focusses on the malicious employee or contractor who deliberately sets out to do damage to the organization. Whether driven by ideology or disaffection the intent is clear.
However insider threats can also be “accidental”—employees who unintentionally release sensitive data to outsiders. This could be a simple as losing a laptop or data stick or posting something on a social media site.
In this session, data security expert Kevin Ripa will examine the ways data can be released, the potential consequences based on real life examples, and the steps organizations need to take to prevent incidents. Kevin will cover two critical categories of accidental insider threat:
1. where individuals independently and unintentionally release information
2. where outsiders use insiders and unknowing vectors for attacks This important perspective will ensure that when you develop your strategy to counter insider threat you don’t only focus on the malicious but also take into account the capricious.
2:00 p.m. Plenary Session 5
After the Breach I: Conducting Effective and Legal Investigations in Your Workplace
Sarah Graves, Partner, Fasken Martineau
No matter how well you plan and develop systems to identify and prevent insider threats, you also need to plan what you will do if something goes wrong.
DAY 1 / Wednesday, February 18, 2015
In this first of two sessions on how best to respond we will look at how to conduct an internal investigation. You need to identify the threat, find out what information he or she has accessed, and what they have done with it. You also need to find out if they were a lone wolf or if there are accomplices or enablers still in your employ. And you need to learn what went wrong and make sure you cover any gaps in your security.
But you need to be aware of what you can and can’t do—the restrictions the law places on you and the kinds of skills you’ll need to guide an investigation forward. Questions addressed will include:
• the roles of HR, in-house counsel, IT and outside experts • privacy issues
• writing an effective report
• the importance of recent case law
• common mistakes people make that could derail your investigation
2:45 p.m. Refreshment Break 3:00 p.m. Plenary Session 6
After the Breach II: Protecting Your Organization and It’s
Reputation Through Effective and Timely Crisis Communications Jason Maloni, Senior Vice-President and Chair, Litigation Practice, LEVICK
The threat may be internal but your audience—your shareholders, customers, regulators, and the public—are external. In the event of a breach you need to move fast to contain damage and protect your brand. This applies whether you are the CIA or the CBC, whether you’ve had sensitive information stolen and made public or a rogue employee has acted in ways that damage your reputation.
And in the era of social media you can’t afford to put a foot wrong— otherwise a crisis will quickly become a drama—and a drama where your organization and its brand is the villain.
Jason Maloni has extensive experience managing crisis communications related to cyber security and insider threat having worked for govern-ments, retailers, banks and in health care. Jason will share this extensive experience with you and help you understand that you need to start now to prepare your crisis communications response—you need a team in place ready to respond at a moment’s notice—because as soon as there is a problem, traditional media will pounce and the public and activist organizations will take to Twitter and other social media platforms and pretty soon they will own the conversation.
3:45 p.m. Plenary Session 7
World War III? Inside and Outside Cyber Threats—Defining the New World of Threat and Opportunity
Dr. James L. Norrie, Dean, Business and Justice Studies, Utica College
In this session, James Norrie will discuss some of the existing and emerging cyber threats to organizations in an increasingly global economy. James argues persuasively that not only have companies and
governments underestimated the threats they face but they have fundamentally misunderstood the nature of those threats. For too long, organizations have looked at “traditional” actors with straightforward motivations as the most significant threat—often looking only at narrow economic drivers. They also too often presume a level playing field in the global economy putting too much faith in the rule of law.
This session will discuss how dangerous these assumptions are. New threats are emerging all the time with many actors now motivated by ideology, not money or simply the desire for “anonymous celebrity”. In addition, state sponsored entities have become more active with certain states devoting significant resources for apparent third parties to steal data or simply create chaos.
Is this a new world war? Maybe, maybe not—but the stakes are high, the threats are increasing and they are gathering inside and outside your organization motivated to do you harm. Are you ready?
4:45 p.m. Closing Remarks from the Chair
Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada
5:00 p.m. Day 1 Adjourns
7:45 a.m. Continental Breakfast
8:15 a.m. Opening Remarks from the Chair
Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada
8:30 a.m. Plenary Session 8
Cyber Security Principles for Leaders Fundamentals of a Risk-Aware Organization
Kristin Lovejoy, Global General Manager, IBM Security Services, IBM Canada Ltd.
Cyber threats have become a key boardroom agenda item and signifi-cant technical concern for many organizations today, with the potential to bring down an organization’s network, create compliance issues, dam-age bottom lines, and impact brand reputation. Over 95% of (IT Security) incidents investigated recognize human error as a contributing factor to the threats. And although many organizations invest a significant portion of their operational budget in defending their organization against IT threats, they still find they have cyber security challenges.
IBM’s Kris Lovejoy has extensive, first-hand experience in this area. Prior to heading IBM’s Security Services business, Kris served as IBM’s Global Chief Information Security Officer (CISO). In this session, she will provide insights into the major IT threats that organizations face in addressing the growth of cyber incidents and sophisticated attacks, and how organizations can better prepare and defend their critical data and their enterprise.
Agenda
AT A GLANCE
7:45 a.m. Continental Breakfast
8:15 a.m. Opening Remarks from the Chair 8:30 a.m. Plenary Session 8
9:30 a.m. Plenary Session 9 10:15 a.m. Refreshment Break
10:30 a.m. Plenary Session 10 11:00 a.m. Plenary Session 11 11:30 a.m. Plenary Session 12 12:15 p.m. Conference Adjourns
DAY 2 / Thursday, February 19, 2015
9:30 a.m. Plenary Session 9
Responding to Complex New Reality—The Emerging Insider Cyber Threat
Francis Bradley, Vice-President, Policy Department, Canadian Electricity Association
Francis Bradley is responsible for the Canadian Electricity Association’s overall policy development and its critical infrastructure protection programs. In this session, Francis will discuss how electricity generators, transmitters and distributors are responding to an increasingly
threatening environment. His talk will cover issues such as: • how risks have increased in the last decade
• increasing threat vectors
• how increasing interconnectedness translates into increased risk • the need for greater collaboration between organizations
• understanding the complexity created by increased use of contractors • broadening your horizons to include critical suppliers and
service providers
10:15 a.m. Refreshment Break 10:30 a.m. Plenary Session 10
Insider Threat and Cybersecurity: The RCMP Perspective
Michel Aubin, Director General, CISC, Royal Canadian Mounted Police
The RCMP is responsible for large amounts of confidential and sensitive information—both its own and as custodian for other police forces across the country. To protect this information from theft or malicious damage the RCMP has increased its focus on insider threats - both in regards to accidental release and where outside organizations recruit insiders to steal data. In short there are many people and organizations who want to know what the RCMP knows about them and their activities. And in many cases protection of this information is a matter of life and death. In this session, Michel Aubin will discuss the extent of the problem and its recent growth and how the threat is changing. He will discuss the rela-tive importance of the threat and how this determines the resources available to address it. He will also discuss how the RCMP is collaborat-ing with other forces to ensure greater security of data across the coun-try.
DAY 2 / Thursday, February 19, 2015
11:00 a.m. Plenary Session 11
Industry, Government, and Academia—Collaborating to Create a Secure Canada
Dr. Tony J. Bailetti, Director, Technology Innovation Management, Carleton University and Executive Director (Acting), VENUS
Cybersecurity Corporation, Carleton University
In an environment of escalating cyber threats it is clear that there needs to be greater cooperation between sectors in order to ensure Canada could become a leader in cybersecurity. As a result, VENUS
Cybersecurity Corporation was established. VENUS is an independent not-for-profit that provides the people, space, and infrastructure to work on complex, leading-edge cybersecurity problems affecting individuals, businesses, and governments throughout the world.
In this session, you will hear about the environment that makes VENUS necessary, the progress made to date, its activities including research and education, and its vision for a cybersecurity ecossystem that sup-ports the innovation of Canadians addressing this vital issue.
11:30 a.m. Plenary Session 12
Closing Session and Remarks from the Chair
Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada
This closing session will both summarize some of the key lessons learned during the event and cast an eye on the future. Central to this discussion will be an exploration of the gaps many organizations have when it comes to addressing insider and cyber threats, both those that exist today and those that might develop in the future. This will lead into an introduction and launch of the Board’s new Centre for Cyber Security and invitation for delegates to suggest areas of study.
Registration
REGISTER NOW !www.conferenceboard.ca/conf • 1-800-267-0666 or 613-526-4249
Register now and save !
Individual Rates Before Dec. 18, 2014 Before Jan. 19, 2015 After Jan. 19, 2015 Regular Rate $1,355 $1,455 $1,555 Promotional Rate $1,155 $1,155 $1,155
Conference Board Executive Network Rate
$778 $778 $778
Your registration in this event includes the sessions, continental breakfasts, breaks, luncheon, and a link to speaker presentations.
The Conference Board’s Privacy Policy
By registering for this event, you are giving us consent to use information you provided to help us inform you about additional Conference Board
SPECIAL OFFERS
4-for-the-price-of-3 team offer!
Visit www.conferenceboard.ca/conf or call 1-800-267-0666 to find out more.
Network Members save on registration!
Members of The Conference Board of Canada executive networks save 50% off registration for all upcoming
conferences! For details, contact 613-526-3090 ext. 236 or conferencemarketing@conferenceboard.ca.
Earn Directors College Continuing Professional Development (CPD) Hours!
Conference Board of Canada conferences contribute to Continuing Professional Development (CPD) hours for Directors College, Chartered Directors. For more information on CPD requirements and criteria visit www.thedirectorscollege.com.
TO REGISTER
Online www.conferenceboard.ca/conf
Fax PDF form to 613-526-4857 • Phone 1-800-267-0666 or 613-526-4249
All registrations will be confirmed. Program subject to change. Events are HST exempt. Please see www.conferenceboard.ca/conf for our cancellation policy.
CONFERENCE VENUE
Shaw Centre (formerly the Ottawa Convention Centre)
55 Colonel By Dr, Ottawa ON K1N 9J2
HOTEL ACCOMMODATIONS
The Westin Ottawa11 Colonel By Dr, Ottawa ON K1N 9H4 Tel. 613-560-7390
Conference fees don’t include accommodations. Please contact the hotel directly for reservations, and mention
The Conference Board of Canada to receive the preferred rate of $179, available until Jan. 12, 2015. Should you need to
Registration Form
Cyber Security and Insider Threat: Effective Strategies for
Defending Your Data and Organization
FEBRUARY 18–19, 2015 • OTTAWA
Group rates are available—See www.conferenceboard.ca/conf for details. ■ YES! Please register the following delegate for this event
Name Title
Organization Tel.
E-mail Fax
Mailing Address
City Province Postal Code
Your registration in this event includes the sessions, continental breakfasts, breaks, luncheon, and a link to speaker presentations.
Fees Before Dec. 18, 2014 Before Jan. 19, 2015 After Jan. 19, 2015
■ Regular Rate $1,355 $1,455 $1,555
Please confirm attendance at event functions:
Day 1 Networking Luncheon: ■
Payment method: (all fees are due by the event date)
■ Credit card (we will e-mail you a link to our secure system for payment) ■ Cheque (payable to “The Conference Board of Canada”)
The Conference Board of Canada—255 Smyth Road, Ottawa ON K1H 8M7
All registrations will be confirmed. Program subject to change. Events are HST exempt. Please see www.conferenceboard.ca/conf for our cancellation policy.
Sponsors
We’d like to thank our generous sponsors for their contribution to this event.
Connect with your top prospects!
Sponsor this event, and collaborate with senior executives, practitioners, and thought leaders. Connect your brand with the solutions, and position your organization as a leader in its field. To learn more about sponsor benefits, contact
MARKETING PARTNERS
255 Smyth Road, Ottawa ON K1H 8M7 Canada Tel. 613-526-3280 Fax 613-526-4857 Inquiries 1-866-711-2262 conferenceboard.ca