Cyber Security and Insider Threat.

Kristin Lovejoy General Manager, IBM Canada Ltd. Cheri F. McGuire Vice-President, Global Government Affairs and Cybersecurity Policy, Symantec Corporation Dr. James L. Norrie Dean, Business and Justice Studies, Utica College

CONFERENCE AGENDA

EFFECTIVE STRATEGIES FOR DEFENDING YOUR

DATA AND ORGANIZATION

Cyber Security

and Insider

Threat

.

Gain insights from the experts on

insider threat—from the technical

and social perspective.

Take advantage of expert presentation and networking to

develop a greater appreciation of today’s threat environment

and the role of insider threats. Topics for discussion will

include how to:

• understand the range of threats in today’s environment

• identify those employees who might pose a risk of

becoming a threat

• avoid accidental release of information

• match your defence strategy to the importance of the

information you are protecting

• expand your defences to include contractors as well as

direct employees

• conduct an effective investigation if a breach occurs

• create a culture that discourages insider threats—including

an effective whistleblowing process

• communicate effectively with the public and stakeholders

after a breach occurs

Don’t make the

mistake of investing

all your resources

and focus into

defending against

yesterday’s attack.

This event is Canada’s only

forum devoted to one of the most

important emerging threats to your

organization—insider threat.

Those inside your organization

enjoy easier access than those

outside and their activities are often

harder to detect and defend against.

As such they can wreak havock by

stealing or destroying your data—

or stealing your intellectual property

and passing it on to competitors.

The Snowden case is only the tip of

the iceberg. All our organizations

are vulnerable either to the lone wolf

inside who might act from personal

grievance or gain, or maybe worse

an insider acting on behalf of a

larger group motivated either

through money or ideology.

Learn about the Conference Board’s

new Centre on Cyber Security

This event will mark the launch of a new Centre at the Board dedicated to cyber

security. You will be the first to hear about it’s proposed activities and research

agenda and have an opportunity to share your own priorities and areas of concern.

7:45 a.m. Registration and Continental Breakfast 8:15 a.m. Opening Remarks from the Chair

And Overview of Board Research to Date on Cyber Security and Insider Threat

Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada

8:45 a.m. Plenary Session 1

Insider Threat—Proven Strategies for Identifying and Responding to Potential Threats

Dr. Eric Shaw, Consultant, Stroz Friedberg

Scott Weber, Managing Director and Leader of the SCOUT Business Unit, Stroz Friedberg

Eric Shaw and Scott Weber are two of the top experts in North America on the psychology of insider threats. In this session they will look at the growth vector of insider threats—how they get into your organization, how they might become motivated or radicalized before or after joining, the most critical organizational issues that can precipitate dissatisfaction to the point of action. To prevent damage to your organization you need to learn how to be a benign big brother.

Their wide-ranging discussion will touch on the most critical issues for HR, IT and leadership in your organization. Among these will be: • developing a profile of the archetypal insider threat—and using

it appropriately

• understanding behaviours that indicate a possible threat

• monitoring email, texts, etc. and mining this for potential risks— but always acting only on behaviour

• taking an all hazards approach • focusing resources

• understanding whistleblowing policies and the importance of recognizing genuine grievances before they escalate

Agenda

AT A GLANCE

7:45 a.m. Registration and Continental Breakfast 8:15 a.m. Opening Remarks from the Chair 8:45 a.m. Plenary Session 1

10:00 a.m. Networking Break 10:30 a.m. Plenary Session 2 11:30 a.m. Plenary Session 3 12:15 p.m. Networking Luncheon 1:15 p.m. Plenary Session 4 2:00 p.m. Plenary Session 5 2:45 p.m. Refreshment Break 3:00 p.m. Plenary Session 6 3:45 p.m. Plenary Session 7

4:45 p.m. Closing Remarks from the Chair 5:00 p.m. Day 1 Adjourns

• using psycholinguistics to determine the credibility of threats • how to deal with false positives

This extended session offers an outstanding examination of the key challenges posed by insider threats and the latest thinking of those who specialize in helping organizations secure their data from this emerging threat.

10:00 a.m. Networking Break 10:30 a.m. Plenary Session 2

The Insider Threat—Malice Not Required

Cheri F. McGuire, Vice-President, Global Government Affairs and Cybersecurity Policy, Symantec Corporation

In this day and age you need more than a higher and higher wall to defend your organization against cyber threats. In this session, Cheri McGuire of Symantec will challenge your assumptions about what really constitutes an insider threat by exploring some recent, high-profile attacks. Whether caused by a malicious insider or an unwitting

employee, the damage from these events is significant and lasting. Cheri will also share her thoughts on how such threats may be recognized and mitigated, and suggest some basic questions every enterprise should be asking about its security.

11:30 a.m. Plenary Session 3

Case Study: One Organization’s Response to The Emerging Cyber and Insider Threat

Vincent Jarvie, Vice-President, Corporate Security, L-3 Communications Corporation

In this session, you will get to hear how one prominent organization is adapting to meet emerging and changing threats. Against a background of growth, increased outsourcing and far greater mobility of employees, L-3 has to stay ever vigilant to prevent data loss or damage to the organization through inside agents.

You will hear how L-3 is managing risk in an era of cloud computing, extensive use of contractors, changing technology and growth in attack vectors.

12:15 p.m. Networking Luncheon

DAY 1 / Wednesday, February 18, 2015

1:15 p.m. Plenary Session 4

The Accidental Insider: Understanding and Preventing Inadvertent Leaks that Could Damage Your Organization

Kevin Ripa, Owner, Computer Evidence Recovery

Most of the discussion of insider threat focusses on the malicious employee or contractor who deliberately sets out to do damage to the organization. Whether driven by ideology or disaffection the intent is clear.

However insider threats can also be “accidental”—employees who unintentionally release sensitive data to outsiders. This could be a simple as losing a laptop or data stick or posting something on a social media site.

In this session, data security expert Kevin Ripa will examine the ways data can be released, the potential consequences based on real life examples, and the steps organizations need to take to prevent incidents. Kevin will cover two critical categories of accidental insider threat:

1. where individuals independently and unintentionally release information

2. where outsiders use insiders and unknowing vectors for attacks This important perspective will ensure that when you develop your strategy to counter insider threat you don’t only focus on the malicious but also take into account the capricious.

2:00 p.m. Plenary Session 5

After the Breach I: Conducting Effective and Legal Investigations in Your Workplace

Sarah Graves, Partner, Fasken Martineau

No matter how well you plan and develop systems to identify and prevent insider threats, you also need to plan what you will do if something goes wrong.

DAY 1 / Wednesday, February 18, 2015

In this first of two sessions on how best to respond we will look at how to conduct an internal investigation. You need to identify the threat, find out what information he or she has accessed, and what they have done with it. You also need to find out if they were a lone wolf or if there are accomplices or enablers still in your employ. And you need to learn what went wrong and make sure you cover any gaps in your security.

But you need to be aware of what you can and can’t do—the restrictions the law places on you and the kinds of skills you’ll need to guide an investigation forward. Questions addressed will include:

• the roles of HR, in-house counsel, IT and outside experts • privacy issues

• writing an effective report

• the importance of recent case law

• common mistakes people make that could derail your investigation

2:45 p.m. Refreshment Break 3:00 p.m. Plenary Session 6

After the Breach II: Protecting Your Organization and It’s

Reputation Through Effective and Timely Crisis Communications Jason Maloni, Senior Vice-President and Chair, Litigation Practice, LEVICK

The threat may be internal but your audience—your shareholders, customers, regulators, and the public—are external. In the event of a breach you need to move fast to contain damage and protect your brand. This applies whether you are the CIA or the CBC, whether you’ve had sensitive information stolen and made public or a rogue employee has acted in ways that damage your reputation.

And in the era of social media you can’t afford to put a foot wrong— otherwise a crisis will quickly become a drama—and a drama where your organization and its brand is the villain.

Jason Maloni has extensive experience managing crisis communications related to cyber security and insider threat having worked for govern-ments, retailers, banks and in health care. Jason will share this extensive experience with you and help you understand that you need to start now to prepare your crisis communications response—you need a team in place ready to respond at a moment’s notice—because as soon as there is a problem, traditional media will pounce and the public and activist organizations will take to Twitter and other social media platforms and pretty soon they will own the conversation.

3:45 p.m. Plenary Session 7

World War III? Inside and Outside Cyber Threats—Defining the New World of Threat and Opportunity

Dr. James L. Norrie, Dean, Business and Justice Studies, Utica College

In this session, James Norrie will discuss some of the existing and emerging cyber threats to organizations in an increasingly global economy. James argues persuasively that not only have companies and

governments underestimated the threats they face but they have fundamentally misunderstood the nature of those threats. For too long, organizations have looked at “traditional” actors with straightforward motivations as the most significant threat—often looking only at narrow economic drivers. They also too often presume a level playing field in the global economy putting too much faith in the rule of law.

This session will discuss how dangerous these assumptions are. New threats are emerging all the time with many actors now motivated by ideology, not money or simply the desire for “anonymous celebrity”. In addition, state sponsored entities have become more active with certain states devoting significant resources for apparent third parties to steal data or simply create chaos.

Is this a new world war? Maybe, maybe not—but the stakes are high, the threats are increasing and they are gathering inside and outside your organization motivated to do you harm. Are you ready?

4:45 p.m. Closing Remarks from the Chair

Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada

5:00 p.m. Day 1 Adjourns

7:45 a.m. Continental Breakfast

8:15 a.m. Opening Remarks from the Chair

Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada

8:30 a.m. Plenary Session 8

Cyber Security Principles for Leaders Fundamentals of a Risk-Aware Organization

Kristin Lovejoy, Global General Manager, IBM Security Services, IBM Canada Ltd.

Cyber threats have become a key boardroom agenda item and signifi-cant technical concern for many organizations today, with the potential to bring down an organization’s network, create compliance issues, dam-age bottom lines, and impact brand reputation. Over 95% of (IT Security) incidents investigated recognize human error as a contributing factor to the threats. And although many organizations invest a significant portion of their operational budget in defending their organization against IT threats, they still find they have cyber security challenges.

IBM’s Kris Lovejoy has extensive, first-hand experience in this area. Prior to heading IBM’s Security Services business, Kris served as IBM’s Global Chief Information Security Officer (CISO). In this session, she will provide insights into the major IT threats that organizations face in addressing the growth of cyber incidents and sophisticated attacks, and how organizations can better prepare and defend their critical data and their enterprise.

Agenda

AT A GLANCE

7:45 a.m. Continental Breakfast

8:15 a.m. Opening Remarks from the Chair 8:30 a.m. Plenary Session 8

9:30 a.m. Plenary Session 9 10:15 a.m. Refreshment Break

10:30 a.m. Plenary Session 10 11:00 a.m. Plenary Session 11 11:30 a.m. Plenary Session 12 12:15 p.m. Conference Adjourns

DAY 2 / Thursday, February 19, 2015

9:30 a.m. Plenary Session 9

Responding to Complex New Reality—The Emerging Insider Cyber Threat

Francis Bradley, Vice-President, Policy Department, Canadian Electricity Association

Francis Bradley is responsible for the Canadian Electricity Association’s overall policy development and its critical infrastructure protection programs. In this session, Francis will discuss how electricity generators, transmitters and distributors are responding to an increasingly

threatening environment. His talk will cover issues such as: • how risks have increased in the last decade

• increasing threat vectors

• how increasing interconnectedness translates into increased risk • the need for greater collaboration between organizations

• understanding the complexity created by increased use of contractors • broadening your horizons to include critical suppliers and

service providers

10:15 a.m. Refreshment Break 10:30 a.m. Plenary Session 10

Insider Threat and Cybersecurity: The RCMP Perspective

Michel Aubin, Director General, CISC, Royal Canadian Mounted Police

The RCMP is responsible for large amounts of confidential and sensitive information—both its own and as custodian for other police forces across the country. To protect this information from theft or malicious damage the RCMP has increased its focus on insider threats - both in regards to accidental release and where outside organizations recruit insiders to steal data. In short there are many people and organizations who want to know what the RCMP knows about them and their activities. And in many cases protection of this information is a matter of life and death. In this session, Michel Aubin will discuss the extent of the problem and its recent growth and how the threat is changing. He will discuss the rela-tive importance of the threat and how this determines the resources available to address it. He will also discuss how the RCMP is collaborat-ing with other forces to ensure greater security of data across the coun-try.

DAY 2 / Thursday, February 19, 2015

11:00 a.m. Plenary Session 11

Industry, Government, and Academia—Collaborating to Create a Secure Canada

Dr. Tony J. Bailetti, Director, Technology Innovation Management, Carleton University and Executive Director (Acting), VENUS

Cybersecurity Corporation, Carleton University

In an environment of escalating cyber threats it is clear that there needs to be greater cooperation between sectors in order to ensure Canada could become a leader in cybersecurity. As a result, VENUS

Cybersecurity Corporation was established. VENUS is an independent not-for-profit that provides the people, space, and infrastructure to work on complex, leading-edge cybersecurity problems affecting individuals, businesses, and governments throughout the world.

In this session, you will hear about the environment that makes VENUS necessary, the progress made to date, its activities including research and education, and its vision for a cybersecurity ecossystem that sup-ports the innovation of Canadians addressing this vital issue.

11:30 a.m. Plenary Session 12

Closing Session and Remarks from the Chair

Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada

This closing session will both summarize some of the key lessons learned during the event and cast an eye on the future. Central to this discussion will be an exploration of the gaps many organizations have when it comes to addressing insider and cyber threats, both those that exist today and those that might develop in the future. This will lead into an introduction and launch of the Board’s new Centre for Cyber Security and invitation for delegates to suggest areas of study.

Registration

www.conferenceboard.ca/conf • 1-800-267-0666 or 613-526-4249

Register now and save !

Individual Rates Before Dec. 18, 2014 Before Jan. 19, 2015 After Jan. 19, 2015 Regular Rate $1,355 $1,455 $1,555 Promotional Rate $1,155 $1,155 $1,155

Conference Board Executive Network Rate

$778 $778 $778

Your registration in this event includes the sessions, continental breakfasts, breaks, luncheon, and a link to speaker presentations.

The Conference Board’s Privacy Policy

By registering for this event, you are giving us consent to use information you provided to help us inform you about additional Conference Board

SPECIAL OFFERS

4-for-the-price-of-3 team offer!

Visit www.conferenceboard.ca/conf or call 1-800-267-0666 to find out more.

Network Members save on registration!

Members of The Conference Board of Canada executive networks save 50% off registration for all upcoming

conferences! For details, contact 613-526-3090 ext. 236 or conferencemarketing@conferenceboard.ca.

Earn Directors College Continuing Professional Development (CPD) Hours!

Conference Board of Canada conferences contribute to Continuing Professional Development (CPD) hours for Directors College, Chartered Directors. For more information on CPD requirements and criteria visit www.thedirectorscollege.com.

TO REGISTER

Online www.conferenceboard.ca/conf

Fax PDF form to 613-526-4857 • Phone 1-800-267-0666 or 613-526-4249

All registrations will be confirmed. Program subject to change. Events are HST exempt. Please see www.conferenceboard.ca/conf for our cancellation policy.

CONFERENCE VENUE

Shaw Centre (formerly the Ottawa Convention Centre)

55 Colonel By Dr, Ottawa ON K1N 9J2

HOTEL ACCOMMODATIONS

11 Colonel By Dr, Ottawa ON K1N 9H4 Tel. 613-560-7390

Conference fees don’t include accommodations. Please contact the hotel directly for reservations, and mention

The Conference Board of Canada to receive the preferred rate of $179, available until Jan. 12, 2015. Should you need to

Registration Form

Cyber Security and Insider Threat: Effective Strategies for

Defending Your Data and Organization

FEBRUARY 18–19, 2015 • OTTAWA

Group rates are available—See www.conferenceboard.ca/conf for details. ■ _{YES! Please register the following delegate for this event}

Name Title

Organization Tel.

E-mail Fax

Mailing Address

City Province Postal Code

Your registration in this event includes the sessions, continental breakfasts, breaks, luncheon, and a link to speaker presentations.

Fees Before Dec. 18, 2014 Before Jan. 19, 2015 After Jan. 19, 2015

■ Regular Rate $1,355 $1,455 $1,555

Please confirm attendance at event functions:

Day 1 Networking Luncheon: ■

Payment method: (all fees are due by the event date)

■ Credit card (we will e-mail you a link to our secure system for payment) ■ Cheque (payable to “The Conference Board of Canada”)

The Conference Board of Canada—255 Smyth Road, Ottawa ON K1H 8M7

All registrations will be confirmed. Program subject to change. Events are HST exempt. Please see www.conferenceboard.ca/conf for our cancellation policy.

Sponsors

We’d like to thank our generous sponsors for their contribution to this event.

Connect with your top prospects!

Sponsor this event, and collaborate with senior executives, practitioners, and thought leaders. Connect your brand with the solutions, and position your organization as a leader in its field. To learn more about sponsor benefits, contact

MARKETING PARTNERS

255 Smyth Road, Ottawa ON K1H 8M7 Canada Tel. 613-526-3280 Fax 613-526-4857 Inquiries 1-866-711-2262 conferenceboard.ca