• Archives

    No archives to show.

  • Categories

    • No categories

Schedule

The organizing committee would like to thank all of our volunteer speakers!
Expand All +

  • Day 1 - Thursday


  • Internet, DNS, supply chain, crypto, cloud, ... these sound like things we need to keep up and running (while everything else gets hacked into oblivion). Leaving up to just government or just industry is a bad idea. Here's how our digital economy is actually being helped, by an acronym called CFDIR.
    Cyber Resilience
    Cybersecurity
    Embedded Security
    IoT Security

  • This talk highlights how core computer science algorithms can guide life decisions and enhance cybersecurity operations. Through real-world examples, we'll examine three key algorithms, illustrating their value in counterintuitive yet effective cybersecurity practices.
    AI
    Algorithms
    Computer Science
    Cybersecurity
    Data

  • Unfortunately, organizations have become 'nose blind' to cyber and IT project schedules. It's almost like everyone expects a project to be late or to fail entirely. BUT, this shoudn't be the case! We will explore common pitfalls and what can be done to avoid them, setting you up for success!

  • This talk will review the Bill-C26 and its implications for critical service providers, as well as Canadian businesses, broadly, and explore how security operations enables compliance (and reduces friction to providing services to in-scope organisations).
    Bill C26
    Cyber Threat Intelligence
    Governance
    Security Operations

  • The sobering truth is that your mobile applications security fa√ßade is an illusion. Join me as we dive into the reality of mobile security using real world examples. Whether you're a penetration tester seeking valuable insights or a developer looking for actionable fixes, this talk is for you.
    Mobile Security

  • This presentation will discuss three novel R&D projects focused on leveraging LLMs for cyber incident response. Most notably, we will be discussing a cyber-security focused LlaMa 2 model, that was fine-tuned on over 10,000 human investigated cyber incidents and its implementation within the SOC.

  • Software developers like to write the best code they can. However, they do not like to jump through hoops. Static Application Security Testing can provide valuable advice, but it needs to be well integrated into the pipeline and support scaling. Luckily, today's technologies make this very easy.
    DevSecOps
    Embedded Security
    IoT Security
    SAST

  • Day 2 - Friday


  • Offensive security is critical for detecting vulnerabilities in systems, applications, people, and buildings. Some assessment types are only crucial at certain times or stages of an organization’s security maturity. Offensive security takes a threat approach to assess in-scope targets for vulnerabilities and, even more importantly, exploitable ones. Although offensive security is no secret, companies are required to perform pentests for compliance reasons. It is one of the most misunderstood areas of cybersecurity. This is due to the lack of experience by most cybersecurity professionals in this discipline. In this presentation, we will demystify this tradecraft, and attendees will learn the details of each specialization of offensive security, including pentesting, red teaming, social engineering, and physical security assessments. Vulnerability management will be discussed, and where offensive security falls into the overall strategy. Discussed along with the different assessment types, we will share the tools and techniques used in each phase of these assessment types. Attendees will come away with a better understanding of offensive security, the difference in assessment types, and the tools, methodologies, and standards necessary for performing thorough security assessments.

  • Uncover the vulnerabilities of traditional MFA methods and their real-world implications. Explore emerging solutions that strengthen defenses. Empower your audience with actionable insights to enhance security practices. Elevate your understanding of cybersecurity. Defend against evolving threats.
    Access-Control
    Cyber Resilience
    Network Security
    Phishing-Resistant MFA
    Ransomware
    Real-Life Breach Examples
    Zero Trust

  • Did you know your smart bulb could lead seniors out of their houses? My research uncovers hidden security risks in everyday IoT devices repurposed for elderly care. We developed a framework to help build secure, elderly-friendly smart homes. Our surprising findings redefine secure elderly care.
    IoT Security

  • This presentation walks through the patterns of successfully starting of a DevSecOps program from scratch. It focuses on the strategies to be successful and the lessons learned along the way. Lastly, this talk concludes how the recent EO of SBOM shapes the next steps of DevSecOps maturity.
    Cyber Resilience
    DevSecOps

  • The one thing that has made email livable has been filters, which trim 99% of SPAM at the provider level before it hits the inbox. AI will be able to defeat every known filter we have, making it impossible to trim the spam. We could harness the power of AI to filter also, but is it worth it?
    GenAI

  • How security mature is your organization? The Cybersecurity Maturity Model Certification (CMMC) is a major Department of Defense (DoD) program built to protect the defense industrial base (DIB) from increasingly frequent and complex cyber attacks and it is coming to Canada. Learn more about it here!
    Canadian Center For Cybersecurity
    CMMC
    CSE
    Cybersecurity Framework
    DND
    DOD

  • In the modern era, businesses diverge over digital platforms and sell their services and products online. SaaS is hotcakes and commonly targeted at large, while hackers are no longer looking for SQL, XSS, CSRF, and RCE.
    Application Security
    Fortune500
    Payment Security
    SaaS
    Vulnerabilities