Conference Moderator - Winn Schwartau, President, Interpact, Inc. Author of "Information Warfare", "CyberShock", and "Time Based Security"

Bud Mercer, RCMP Assistant Commissioner, Vancouver 2010 Integrated Security Unit, and
Wes Shoemaker, Deputy Minister, Public Safety, Province of British Columbia

Security, Public Safety and Games Operations form the base of the 2010 Games operations infrastructure for a safe and secure 2010 Winter Games. Two of these pillars, security and public safety, will be discussed, including the preparation leading up to Games time: what has gone well, what has been a challenge and where we are today.

1. Executive/Management Track - Brian Phillips, Director of Public Safety, Bell Canada

   "The Wave of the Future" - Security Sanity and the IP Craze

   With the ability to positively bolster all aspects of a communications plan - from marketing to human resources to operations - IP is making a big push to revolutionize the way public and private organizations utilize their communications infrastructure to respond to emergencies.

   During this session, Brian Phillips, Director Public Safety & Security with Bell, will discuss emergency management, critical infrastructure protection, and cyber security. Using Vancouver 2010 Olympic Games - "dubbed everything over IP" as an example, he will highlight some of the vulnerabilities and threats to communications and IT infrastructures. He'll also discuss the lessons and innovations that continually emerge from the planning process and their potential value for executives in your organizations.

2. Technical Track - Konstantin Beznosov, Ph.D, Director, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia

   Security Research Advances in 2009: What You Need to Know About Latest Discoveries by Security Scientists

   This presentation reviews latest scientific conference reports on the cutting edge research in computer security. It presents and explains 2009 highlights from such top world annual research conferences as IEEE Symposium in Security and Privacy, ACM Conference in Computer and Communications Security (CCS), Symposium on Network and Distributed Systems Security (NDSS), Symposium on Usable Privacy and Security (SOUPS), ACM Symposium on Access Control Models and Technologies (SACMAT), New Security Paradigms Workshop (NSPW). For those who missed any of these venues in 2009, it provides an opportunity to catch up with the most important developments in the computer security technologies. The attendees will gain an understanding in the intuition behind latest technological advancements.

Chantal Bernier, Assistant Privacy Commissioner of Canada, former ADM, Public Safety Canada

Public safety transformation is intrinsically linked to privacy. Because they exist in a dynamic relationship between collective rights and individual rights, one defines the other. Therefore, to address the issue of privacy in the context of transforming public safety, this presentation will address the new context for national security, the new context for public safety, the fundamental principles of privacy and their application in this new context through specific examples of issues before the Office of the Privacy Commissioner.

Jamie Graham, Chief of Police, Victoria, former Chief of Police, Vancouver

Best Practices in Shared Jurisdictional Environments Where Multiple Police, Fire, and Ambulance Services Work in Concert to Promote Public Safety

An interactive session that will look at:

• When working together goes well, magic happens. Exploring good examples and why it is a necessity in the current fiscal climate.
• Moral courage at the leadership table when multiple partners are involved.
• Ethics and integrity in a world when information is instantaneous
• The computers and literacy

1. Executive/Management Track - Jonathan Ratel, BA, LLB, LL.M, former Legal Advisor, Office of the Prosecutor, United Nations ICTY, The Hague, Netherlands and UK Justice Advisor, British Embassy, Baghdad, Iraq

   The Evolving Insurgency in Iraq and Afghanistan - Does an Intractable Insurgency in Iraq and Afghanistan Constitute a Novel Threat to Security and Justice in Canada and the United States?

   Are there reasonable grounds to believe that the evolving insurgency in Iraq and Afghanistan constitute an obdurate threat to peace and security in North America?

   Are novel terrorist activities in conflict regions a clear warning from overseas - or mere ghosts of past threats? What are the implications for security and justice in Canada and the United States? Does the Anti-Terror Act (ATA) provide a legislative scheme responsive to threats of terrorism in Canada? This discussion shall provide a survey review of evolving insurgencies in conflict regions as a catalyst for advancing this critical debate on security and justice.

2. Technical Track - Kalvin Falconar, Senior Solution Strategist, CA Canada Co. & Denny Prvu, Principal Consultant, CA Canada Co.

   Enabling Collaboration - Emergency services personnel, medical staff, fire fighters, and law enforcement have a need to communicate and share information more effectively. Improved response is achieved with better communications and information access. In this session CA presents a solution for jurisdictional and inter-jurisdictional access with specific focus on four key emergency management functional areas:

   1. Prevention and Mitigation - improve information access
   2. Preparedness - increase knowledge sharing and learning
   3. Response - integrated real-time access for voice, data, image, video, and multimedia
   4. Recovery - stakeholder collaboration for improved outcomes

   Earn CPE Credits - join CA and earn CPE credits from ISC2/CISSP as well as ISACA CPE hours (CISA, CISM, and CGEIT).

1. Executive/Management Track - Kelly Sundberg, Assistant Professor, Department of Justice Studies, Mount Royal University

   Transitions in Canada's Border Security Strategy

   Since 9/11, the Canada-US border has become a highly monitored, secured, and sophisticated boundary. In 2003 customs, immigration, and agricultural inspection services were amalgamated into single organizations - the US Department of Customs and Border Protection (CBP) and the Canada Border Services Agency (CBSA). Not since the War of 1812 has this border been as militarized and secured as it is today. Since the establishment of the CBP and CBSA, crossing the border now requires the presentation of passport, in-depth questioning by officers, and in some cases, being fingerprinted and photographed. Considering these changes, are the United States and Canada actually more secure against the threat of global terrorism? What impact have these border reforms had on commerce, tourism, and security? This presentation will address these issues and provide insight as to how the "longest un-defended border in the world" is evolving into the aftermath of 9/11.

2. Technical Track - Charles W. Wordsworth, I.S.P., ITCP., CMC, Principal Consultant & Founder, Wordsworth & Associates, Vancouver, British Columbia

   RFID technology and its relationship to National Security, Fraud and Identity Theft

Gregory Garcia, former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security. President, Garcia Strategies LLC, Advisory Board, Wurldtech Security Technologies

With the 2010 Olympics just two months away, security preparations are white hot. While most think of security as protecting people and property, the need for security and availability of communications in steady state or times of crisis is a critical element of any emergency preparedness plan. As Assistant Secretary of Cyber Security and Communications with the U.S. Department of Homeland Security for two years, Garcia began cross-border planning for the Olympics with two of his divisions, the Office of Emergency Communications and the National Communications System. Throw in the possibility of a major cyber attack on government networks in the region, and his National Cyber Security Division becomes a part of the action. Garcia will discuss how these planning efforts were managed as a model for cross-border public safety collaboration.

Conference Moderator - Winn Schwartau, President, Interpact, Inc. Author of "Information Warfare", "CyberShock", and "Time Based Security"

Constantine Karbaliotis, Information Privacy Lead, Symantec Canada

Privacy - Key Drivers and Concerns for CyberInfrastructure Specialists

"Cyberinfrastucture" is all about safeguarding and ensuring the reliability and availability of key information assets. What professionals in this area are often unaware is how privacy requirements both support and impact their efforts. Privacy is not only about the confidentiality of personal information, but also about its availability, access and integrity...and has serious reputational and legal consequences when organizations fail to meet their obligations. This is a privacy professional's angle what cyberinfrastructure professionals should know about privacy, and how to make friends with the privacy department to support organizational goals of compliance and reliability.

1. Technical Track - Derek Manky, Project manager, Cyber Security & Threat Research, Fortinet

   Watching Out for the Bad Guys In & Outside Your Network

   As databases are fast becoming the next big target for cybercriminals due to the sensitive and valuable information they hold, there is an increasing need for powerful tools that can detect and help guard against data breaches. In addition, database vulnerabilities can be exploited from within government agencies. In 2008 a disgruntled city of San Francisco database administrator changed the passwords for the city's multi-million dollar WAN network, which carries about 60 percent of the municipal government's network traffic. How can an IT manager make sure that corporate data is kept securely in databases and not walking out the door with disgruntled employees?

   A primary security objective for all governments is to guard mission critical data against external and internal breaches and thus prevent serious financial losses, damage to the reputation of the city and legal or regulatory problems. This talk discusses the 7 steps for fully protecting your databases from both external and internal attacks.

1. Executive/Management Track - Kevin Roberts, Director of Professional Services, Seccuris

   Designing a Business-Driven Security Program

   Security practitioners often struggle to raise the profile of their security program and make it relevant to their organization and senior leadership. The key to achieving executive support is to directly link the security program to the organization's goals and business drivers, demonstrating how the program can help to mitigate risk and enable opportunities. This presentation will outline a proven approach, successfully used across a number of organizations and industries, to establish a business-driven enterprise security program and architecture (including a description of common pitfalls to avoid).

2. Technical Track - Stephen Skoronski, SE, Western Canada, Check Point Software Technologies Inc.

   Secure Remote Access for the Distributed Business: Challenges, trends, and considerations

   Businesses today are defined by a wide variety of distributed work locations, and a diversity of worker types with differing information requirements. At the same time, a number of new information security and privacy regulations-such as PCI, Sarbanes-Oxley, Gramm Leach Bliley and HIPAA-are being phased in and toughened. These new realities present organizations with a unique set of challenges that have begun to pose a serious dilemma. To stay competitive, an organization must provide workers and partners with remote access to sensitive information and applications around the clock. However, many of these new access locations and devices are unsecure and unmanaged. How can an organization satisfy worker and partner needs while keeping sensitive and proprietary information safe? This talk will explore ways of addressing these needs from a process and technology perspective.

Mohammad Akif, National Security and Privacy Lead Microsoft Canada

Beyond the Firewall

The threat landscape for security is evolving at a fast pace, the threats are becoming more dynamic and increasingly sophisticated using social engineering techniques. However, IT security teams have failed to adapt to this new dynamic environment, focusing instead on firewalls - both the perimeter network defense, and the organizational firewalling of IT security departments. In order to be successful in the current environments, IT and business leaders must recognize the shift away from a closeted, isolated security team focusing on moats and towers, and into a responsive, risk based team that enables the organization to meet its goals while effectively managing risk.

In this Keynote, Mohammad Akif will share the latest data about the security landscape and discuss prevention best practices. He will also discuss how IT and business leaders need to evolve their thinking and their teams to meet the reality of the modern threat landscape.

Richard Noguera, Director, Information Security, Symantec

From Tragic to Triumphant: Acting with Clarity, Determination, and Guts

Reading the 2010 Global State of Information Security, the primary concerns of the industry revolve around Data Protection, Identity and Access Management, and Regulatory Risk. Despite taking the form of Social Networking, Cloud Computing, and Privacy Regulation - this is nothing new. Given the state of the economy, CIO, CSO, and PriceWaterhouseCoopers surprisingly reports that Information Security budgets have not been significantly impacted in 2009. As such, they note that it is critical for Information Security to demonstrate Business Value now more than ever.

Despite the renewed visibility on legacy risks, these reports only reflect the inane and persistent use of Fear, Uncertainty, and Doubt in our industry. Acting instead with Clarity, Determination, and Guts, the Business will 'get it.' And if done consistently, Information Security will sit at the Business table with the same aplomb and familiarity as Finance, Marketing, and Sales.

1. Executive/Management Track - LTC (R) Mark Pires, Partner, Signet Research & Consulting, LLC

   The Weak Link: Turning Lessons into Lessons Learned

   The term "Lessons Learned" is often used in the field of public safety and security when discussing past events or exercises. But what does that term mean? Too often lessons captured do not translate into lessons learned...leading to repeating the mistakes of the past over and over again. When and how are lessons truly learned? How can complex organizations involved in complex events or exercises maximize learning to improve results?

   This presentation will help participants understand how to build learning into public safety and security events and exercises using the Action Review Cycle (ARC). By building reflection points throughout events and exercises, organizations create first and second-order benefits: immediate, visible performance improvements and, more importantly, greater capability to work collectively to respond to the unknown in the future.

2. Technical Track - Terrance Tack, CISSP, Sr. Sales/Systems Engineer, Radware

   "The Changing and Evolving Threat Landscape."

   This presentation will focus on the latest trends and threats and will provide information on both traditional and new approaches to dealing with the ever changing nature of threats.

1. Executive/Management Track - Peter Broznitsky, IT Security Consultant, Departmental Security, RCMP

   Social Engineering & Insider Threat

   Q: Who should be concerned with Social Engineering (SE) and Insider Threat (InT)? A: Personnel from information technology and security, human resources, management, physical security, legal, and the data owners themselves. This presentation will describe the current known risks to Information Technology from SE and InT. Participants will become aware of how insidious and dangerous SE and InT can be, frequently thwarting multi-million dollar hardware and software perimeters. Alarmingly, in the aftermath of recent disasters Social Engineering attacks have been deployed against computers and network systems. Methods, motivations, and techniques used in SE and InT will be discussed. Several scenarios will be discussed and mitigating measures suggested for consideration.

2. Technical Track - Professor Darryl Plecas, Department of Criminal Justice, University of the Fraser Valley

   An Evidence-Based Solution to Information Sharing between Criminal Justice Agencies

   This presentation will review existing examples of information sharing systems utilized in North America. In addition, it will provide the results of a successful information sharing study between two criminal justice agencies in Canada. Specifically, the system reviewed in the current study responds to two key issues concerning information sharing; namely, data quality and privacy. The benefits, limitations, and policy implications of this process will also be discussed.

Supervisory Special Agent (SSA) Jason A. Henry, Program Management Oversight Unit Chief, Law Enforcement Support and Information Management Division, US Immigration and Customs Enforcement (Sponsored by IBM)

In this keynote presentation, Mr. Henry will focus on the Department of Homeland Security's Law Enforcement information sharing strategy, the technology employed, best practices they have learned, the issues that have been identified and the path forward to engaging their Law Enforcement partners at the State/Local and International levels.