What the heck is ACP: Understanding cybersecurity and the use of privilege.EN
Justin Okun
11h00
French Panel - 3 industries, 3 réalités différentes en cybersécuritéFR
Jean-François Nadeau Guy Cardinal Jean-Philippe Couture
12h00
Lunch sponsor allocution
Tenable
12h30
LunchBIL
3-course menu Jeunes laitues et pousses de l'Île d'Orléans (Young lettuces and sprouts from Île d'Orléans) Filet d'épaule de bœuf cuit à 57 °C or King Eryngii et jeunes haricots, glace au porto (Beef shoulder fillet cooked at 57 °C or King Eryngii and young beans, port glaze) Religieuse au caramel salé (Salted caramel religious cake)
13h30
Cyberattaque vécue chez IndigoFR
Daniel Marcotte
14h30
English Panel - 3 industries & 3 realities in cybersecurityEN
Ian Amit Kayla Williams James Troutman Kendra Cooley (MC)
15h30
Sécurité en santéFR
Rémi Forget
16h30
Effective risk management in practiceEN
Josh Yavor
17h30
Pre-cocktailBIL
Palo Alto
18h00
POLAR NetworkingBIL
N/A
18h30
Hackfest OpeningBIL
N/A
Speakers
Daniel Marcotte
Speaker
Jean-François Nadeau
Panelist
James Troutman
Panelist
Rémi Forget
Speaker
Justin Okun
Speaker
Guy Cardinal
Speaker
Josh Yavor
Speaker
Ian Amit
Panelist
Kayla Williams
Panelist
Jean-Philippe Couture
Panelist
Kendra Cooley
Master of ceremony
Daniel Marcotte
Biography
Daniel Marcotte has over 28 years' experience in information technology, including 19 years as IT security manager in various industries. Specializing in risk management and compliance, he has worked for the United Nations in Switzerland and for well-established Canadian and American companies in the retail sector. After managing the security program at Stikeman Elliott LLP, a leading Canadian law firm, he worked at IBM as a partner in security strategy, risk management and compliance. A graduate of McGill University, Daniel now runs his own company (MetaLEAD), where he carries out CIO/CISO mandates for well-known Quebec companies. His approach is to understand the company's technological needs in order to strengthen the security posture while minimizing risks.
Jean-François Nadeau
Biography
Jean-François has been in the IT industry for over 20 years, with a 10-year focus on information security, compliance and technology legal issues. His career has been dedicated to the manufacturing industry from the outset, and Jean-François is actively involved in the evolution of the information security culture in this specific sector. Jean-François is currently CISO at Entreprises Soucy, a 1700-employee company with a global presence manufacturing quality track systems and accessories to take you off the beaten track.
James Troutman
Biography
James Troutman is a technology consultant and entrepreneur with over 30 years of experience in critical Internet infrastructure, cybersecurity, and IT leadership. He has served as a fractional CIO, CISO, or network architect for a diverse range of organizations, helping align technology strategies with business goals while trying to keep security and resilience in mind.
He was recently a co-author and architect of the State of Maine's MOOSE Net [https://www.maineconnectivity.org/middle-mile], a $52 million project with $30 million in grant funding through the NTIA Middle Mile initiative. The project will create a 530-mile open access fiber optic network, making lower-latency routes possible across Maine to interconnect Halifax, Quebec City, Montreal, and Boston.
James is also the volunteer Co-founder and Director of the Northern New England Neutral Internet Exchange (NNENIX) [https://nnenix.net/] and a lead organizer of SkyTalks [https://skytalks.info/], an off-the-record cybersecurity forum held in Las Vegas during 'hacker summer camp.'
Rémi Forget
Biography
With over 20 years' experience in the information technology field, Rémi Forget has in-depth expertise in cybersecurity and IT infrastructure management. He has ensured operational resilience and state-of-the-art security for renowned organizations such as Groupe Santé Biron, CBC/Radio-Canada, and CHU Sainte-Justine. His approach integrates rigorous governance with a strategic vision of cybersecurity and infrastructure, fostering synergy between technology and business objectives.
Justin Okun
Biography
Justin Okun is senior counsel at DoorDash responsible for providing advice related to cybersecurity, fraud, privacy, litigation, and internal investigations. Justin was previously in-house counsel at other tech companies in a similar role. Prior to going in-house, Justin worked at a law firm and before that spend nearly a decade with the U.S. Department of Justice as well as with the U.S. Department of Defense, including as a judge advocate in the U.S. Marine Corps.
Guy Cardinal
Biography
Guy Cardinal is currently Director of Architecture and Cybersecurity and holds the role of Delegate Ciso at Héma-Québec. For over a decade, he worked for a major financial institution in various architecture, cybersecurity and cybercrime functions as a senior consultant, team leader and domain manager. He has also worked internationally as an expatriate in countries such as France, India and the United Kingdom, and for several companies in the IT services sector. In addition to several private certifications, he holds graduate and bachelor's degrees from the Université du Québec à Montréal, as well as a DEC and an AEC in Network Management. Throughout his career, he has developed an approach focused on anticipating the needs of his employers. His skills in communication, pedagogy and public relations lead him to take an innovative look at problems and their solutions.
Josh Yavor
Biography
Josh is an experienced cybersecurity leader who's spent almost a decade working in the B2B security product space. Most recently CISO at Tessian (acquired by Proofpoint), he served in previous roles at Cisco Secure (CISO), Duo Security (Director, Corporate/Cloud Security), Facebook/Oculus, and iSEC Partners. Josh is a recovering middle school teacher and on most days would rather be coaching swimming.
Ian Amit
Biography
Ian is the Co-Founder and CEO of Gomboc.ai who are providing cloud infrastructure security solutions. Before Gomboc.ai, Ian served as a CSO/CISO for 5 years, held senior leadership positions with Rapid7, Cimpress, Amazon, ZeroFOX, IOActive and has over 25 years of experience in the security industry as a practitioner. Ian is also the co-founder of DC9723 - the Tel Aviv DEFCON group-and serves as a BSides Las Vegas board member. He is also the creator and co-CEO of The CISO Track - a series of CISO centric curated events, as well as an IANS faculty member.
Kayla Williams
Biography
Kayla Williams bring over 15 years of experience as a cybersecurity and risk management professional. Her career has been dedicated to leading security and risk management teams across high-tech industries, where she implemented transformational strategies that boost productivity, operational performance, and financial controls.
Jean-Philippe Couture
Biography
Jean-Philippe has over 25 years' experience in software development. In recent years, he has dedicated himself to cybersecurity, bringing a unique developer's perspective to security challenges. His diverse career spans a wide range of technologies, from web applications to mobile platforms such as Android and iOS. His expertise encompasses threat modeling, secure code reviews and vulnerability management, reinforced by hands-on experience in offensive security, including penetration testing and ethical hacking. This combination of skills enables him to approach security from all angles, working in collaboration with development teams to aim for comprehensive protection of modern application environments. Always keen to learn and contribute to the cybersecurity community, Jean-Philippe is preparing for prestigious certifications such as the OSCP. Driven by the constant evolution of the field, he is committed to developing innovative and practical security solutions to meet current and future challenges.
Kendra Cooley
Biography
Kendra Cooley is a seasoned Information Security Leader with a track record of creating secure infrastructures for top organizations like Webflow, and Flock Safety. Her strategic vision and hands-on expertise has driven enhanced security practices across diverse enterprises. With advisory roles at companies like Havoc Shield and a history of sharing insights at conferences like Hackfest and BSides, Kendra is dedicated to advancing the field of cybersecurity by integrating tailored strategies to optimize security and cost-efficiency.
8h00 - Registration opens
Description
8h50 - Opening words
Description
9h00 - Failure tolérance
Description
So why do you accept a fire and not a security breach?
10h00 - What the heck is ACP: Understanding cybersecurity and the use of privilege.
Description
Because cybersecurity, particularly incident response, is often intertwined with legal obligations, determining and protecting privileged communications is a key concern for companies. Recent cases in the U.S., Canada, and Australia have thrown into doubt the ability to maintain privilege, particularly when it comes to security incidents. In this talk, Justin will describe the recent cases, their impact on how companies respond to incidents, and proposals to address concerns as a result of these recent cases.
11h00 - French Panel - 3 industries, 3 réalités différentes en cybersécurité
Description
12h00 - Lunch sponsor allocution
Description
12h30 - Lunch
Description
13h30 - Cyberattaque vécue chez Indigo
Description
At this event, you'll have the opportunity to hear Daniel, former CTIO and CISO at Indigo Books & Music, share his experiences regarding the exploitation of a security breach that occurred just over a year ago. His insights and experience of this widely-publicized ransomware attack are well worth the detour.
14h30 - English Panel - 3 industries & 3 realities in cybersecurity
