Conference Overview:

Sponsorship:

Speaking:

Sponsored By:

Supported By:

day one: Tuesday, April 11th, 2006

8:15 AM

REGISTRATION & SPONSOR EXHIBITS OPEN – CONTINENTAL BREAKFAST

8:45 AM

OPENING ADDRESS FROM THE CHAIRPERSON

Mary Kirwan, CEO, HEADFRY INC.

Keynote Address

9:00 AM

TAKING STEPS TOWARD RESOLVING OVERARCHING IT SECURITY ISSUES TO BUILD A COMPREHENSIVE PROGRAM

Take an in-depth look at how Microsoft mitigates their risks with a constantly evolving strategy.

• Developing an IT security compliance management strategy that works for you
• Shaping a proactive and flexible IT security strategy
• Moving from a reactive to a proactive approach of mitigating vulnerabilities
• Enforcing compliance to the strategy policy on your network

Take away a comprehensive look at security issues and the impact they will have on your business.

David Stolovitch, Assistant Vice-President, IT & Security Governance, Corporate Information Security, Corporate Services, SUN LIFE FINANCIAL

Case Study: Microsoft Corporation

9:45 AM

SECURING THE IT ENVIRONMENT AT MICROSOFT: ENTERPRISE SECURITY COMPLIANCE MANAGEMENT

Insights on how new quantitative security risk metrics can benefit your IT department:

• Determining the value of IT security: SecMet’s work to create real-world standardized metrics
• Applying risk metrics to policy compliance issues
• Reporting on organizational health from a security perspective
• Safeguarding your IT security budget and digital assets

Leave with valuable insights to manage your own risks.

Chris Brockbank, Senior IT Manager, MICROSOFT CORPORATION

10:45 AM

SPONSOR EXHIBIT AREA – NETWORKING BREAK

Take a moment to visit our sponsors and learn how their organizations are contributing to the IT Security industry.

Case Study: WestJet

11:15 AM

LEARN STRATEGIES TO DEVELOP A CONTINUOUS SECURITY ASSESSMENT PLAN TO PROTECT YOUR INFORMATION

Hear how WestJet managed their security and regulatory compliance issues after implementation of a new log management system.

• Employing successful strategies for building your own security assessment plan to maintain privacy concerns
• Building an overarching framework that encompasses developing technical and business processes to protect brand image
• Avoiding social engineering traps when dealing with sensitive information

Find out how you can improve your own security assessment plans.

Bruce Elliott, Senior Manager IT Security, WESTJET

12:00 PM

EXHIBITION AREA – NETWORKING LUNCHEON

Join the conference speakers and your peers for a relaxing luncheon. This is your opportunity to make new business contacts and discuss the ideas presented in the morning session.

Case Study: AEGON Canada

1:30 PM

MANAGING INFORMATION SECURITY AND REGULATORY COMPLIANCE

One of the largest security pitfalls that companies like AEGON Canada encounters is maintaining compliance with legislation while managing technology risks. This session looks at ways that you can manage risks.

• Understanding what risks are associated with technology changes
• Addressing security and privacy concerns and managing disaster recovery planning
• Acquiring insight into how you can improve your own regulatory compliance adherence strategies

You will take away ideas for handling your regulatory compliance dilemmas.

Brian McPhedran, Assistant VP, IT Risk Management, AEGON CANADA

Industry Expert

2:30 PM

EXPLORING THE CHANGING ROLE OF IT SECURITY AND THE IMPACT IT WILL HAVE ON YOUR BUSINESS

This session will equip you with information on key trends.

• Enabling new business processes with IT security
• Creating tangible ROI with improved IT Security measures
• Building processes that will help you map out your plan of action for comprehensive IT Security measures

Acquire the strategies you need to develop a sound and successful IT Security plan.

Khalid Kark, Senior Analyst, FORRESTER RESEARCH, INC.

3:15 PM

SPONSOR EXHIBIT AREA – NETWORKING BREAK

Enjoy a light snack as we head into the final two sessions for the day. Take a minute to pick up useful literature on display from our sponsors and supporters.

Case Study: Freescale Semiconductor, Inc.

3:30 PM

DEVELOPING PATCH MANAGEMENT METHODOLOGY USING THE SIX SIGMA PROCESS TO IMPROVE NETWORK PERFORMANCE

Time intervals are progressively being reduced from when vendor patches are released until exploits become active. Learn how Motorola and Freescale applied the six sigma methodology to their Patch Management process.

• Getting senior management buy in on security projects is essential to building a sound patch management strategy
• Zeroing in on solutions Freescale employs to manage their internal threats
• Learning about other initiatives Freescale is employing to build up their IT Security initiatives

Generate ideas from Freescale’s experiences.

Robert Grant, Information Protection Specialist, FREESCALE SEMICONDUCTOR, INC.

Case Study: Merck & Co., Inc.

4:15 PM

INTEGRATING PRIVACY AND SECURITY ISSUES AT A GLOBAL LEVEL TO IMPROVE ORGANIZATIONAL PERFORMANCE

Keeping up with compliance regulations over privacy issues is necessary. Protecting data while meeting compliance regulations can create conflicts. This session features ways Merck has managed to maintain a balance of protecting privacy and their IT network.

• Exploring data protection concerns and the increased liability attached
• Managing information management breaches before they compromise the integrity of data
• Understanding consumer protection laws on both sides of the border and how changes in the US will impact Canada

Learn how compliance regulations are changing and what you need to do within your organization to stay on top.

Hilary Wandall, Director, Corporate Legal/Merck Privacy Office, MERCK & CO., INC.
Anne Mayrand, Chief Privacy and Compliance Officer, MERCK FROSST CANADA

5:15 PM

CONFERENCE ADJOURNS FOR DAY ONE

DAY TWO: Wednesday, April 12th, 2005

8:15 AM

REGISTRATION & SPONSOR EXHIBITS OPEN – CONTINENTAL BREAKFAST

Opening Address

9:00 AM

BUILDING A SYSTEM THAT ADAPTS TO CHANGE WITHIN YOUR ORGANIZATION

This session overviews IT Security issues and how emerging security risks are being identified and addressed.

• Creating strategic direction for your IT Security needs
• Aligning your IT and business goals to ensure your long term success
• Learning how to communicate your IT Security objectives to the rest of your organization

This session will leave you with knowledge to create a proactive approach in your organization.

Darin Stahl, Research Lead, INFO-TECH RESEARCH GROUP

Case Study: Sobeys Inc.

9:45 AM

COMBINING INCIDENT MANAGEMENT WITH PROACTIVE THREAT MANAGEMENT TO REDUCE YOUR IT SECURITY RISK

When implementing a new program, ensuring that quality processes are a priority from the beginning can reduce security implications for your network.

• Making the investment to go beyond routine bug patches and virus checks to build a defensive posture instead of a reactive approach
• Finding the right balance between software and quality
• Creating quality solutions while working within your budgetary constraints

Return to your organization with a proactive and comprehensive approach that you can apply to any new IT Security project.

Bob Steadman, Director, National Security, SOBEYS INC.

10:30 AM

SPONSOR EXHIBIT AREA – NETWORKING BREAK

Continue the debate and discussion with your peers while enjoying a refreshing break.

Industry Expert

11:00 AM

APPLYING BIOMETRICS TO ENHANCE PHYSICAL, LOGICAL AND MOBILE SECURITY

Since the September 11 terrorist attacks, biometrics has gained more and more attention and has become an important consideration for security-related applications. This case study will address how biometrics can be applied, as well as the advantages and limitations of various biometric technologies.

• Exploring current biometric projects underway in the Canadian Government
• Discussing the justification for costs associated with implementing biometrics
• Reviewing the challenges and benefits associated with biometrics

This session will leave you with a better understanding of how biometrics can secure your systems.

Dr. Qinghan Xiao, Defence Scientist, Network Information Operations, DEFENCE RESEARCH AND DEVELOPMENT CANADA

12:00 PM

EXHIBITION AREA – NETWORKING LUNCHEON

Take advantage of this opportunity to connect with someone you might have missed yesterday.

Panel Discussion

1:00 PM

REVIEWING EMERGING TECHNOLOGIES AND THE ROLE THEY PLAY IN PROTECTING YOUR CRITICAL INFRASTRUCTURE

IT Security software and hardware protection extends well beyond firewalls and anti spam technologies. This session is geared towards addressing emerging technologies including intrusion detection programs.

• Discussing current anti virus solutions to stay ahead of the curve
• Reviewing vulnerabilities in security products so that you can make more informed decisions when protecting your IT infrastructure
• Recognizing which cutting edge technology can improve your bottom line and secure your IT strategies

Learn which IT technologies you need to know about to protect your systems from any vulnerabilities.

Industry Expert

1:45 PM

AN IN-DEPTH LOOK AT PRIVACY AND SECURITY ISSUES AFFECTING CROSS BORDER BUSINESS

New privacy laws in the US and Canada are changing the management of security problems. Find out how they will affect your business.

• What are your privacy and security obligations in cross border outsourcing?
• How does mandatory reporting of unauthorized disclosures work?
• How can you manage obligations for increased transparency?

You will take away valuable insight into cohesively addressing your privacy and security issues.

Jason Young, LL.B., LL.M, DEETH WILLIAMS WALL LLP

Case Study: BMO Financial Group

2:30 PM

EXPLORING CORPORATE TRAINING AND AWARENESS PROGRAMS TO OVERCOME POLICY BREACHES WITHIN AN ORGANIZATION

Corporate users aren’t always aware of security threats and may unwillingly expose your organization to vulnerabilities. Learn about strategies that that you can use to bridge the gap and reduce your costs.

• Analyzing BMO’s framework for delivering on a comprehensive information security awareness program
• Integrating your IT security department and policies into an organizational awareness program
• Protecting both your internal and external links for maximum effectiveness

Discover how corporate awareness programs can save you money in the end.

Catalin Bobe, Advisor – Information Security, BMO FINANCIAL GROUP

3:15 PM

SPONSOR EXHIBIT AREA – NETWORKING BREAK

Take a moment to visit our supporters and learn how their organizations are contributing to the IT Security Industry.

3:45 PM

DEMONSTRATION & PANEL DISCUSSION
ADDRESSING THE PROS AND CONS OF CONVERGENCE BETWEEN TRADITIONAL TELEPHONE AND IP NETWORKS TO REDUCE YOUR COSTS

In today’s market, there is a drive towards increasing productivity and lowering cost. Hear more about the steps that clients are taking towards integrating their IP networks.

• Understanding the risks involved when contemplating convergence
• Managing risks involved when using VoIP improved communications in your corporate environment
• Learning more about technology, security and licensing issues
• Discovering how VoIP is contributing to other business opportunities while saving revenue

Come away with the latest technological insights in IP convergence

Chris Cummins, BROCK PLACEMENT GROUP INC.
Bjorn Asmul, CEO, ATLAS VOICE

Industry Expert

4:30 PM

INTEGRATING REGULATORY COMPLIANCE INTO YOUR BUSINESS TO REDUCE RISK

The largest security pitfall that companies are encountering is maintaining compliance.

• Making the connection between security and privacy concerns
• Improving your regulatory compliance adherence strategies
• Managing issues that affect your regulatory compliance

You will take away ideas to fulfill your obligations.

Darren Jones, Associate Director, Technology Risk, PROTIVITI

5:00 PM

CLOSING REMARKS FROM CHAIRPERSON AND CONFERENCE ADJOURNS