All posts by Craig Barretto

We are happy to announce the partnership of the (ISC)² Toronto Chapter with the upcoming Women in Cybersecurity conference by siberX on March 10!

Take a look here for more information about the conference: https://siberx.org/event/canadian-women-in-cybersecurity/

Except from the conference site: 
Bringing diversity in the cybersecurity workforce by educating and inspiring women from all walks of life and all generations. Come and learn from the leaders who broke the glass and paved the way for the rest of us to be able to lead and excel in cybersecurity. From career development to inspiring keynotes, from IoT to best practices in cybersecurity and even hacking demos. We look forward to seeing you there!

February 18, 2020 – Chapter Meeting: Application Security

• Generously sponsored by Grant Thornton LLP (Canada) 
• Insightful presentations on Application Security
• Please register at:  https://www.eventbrite.com/e/isc2-toronto-chapter-february-meeting-application-security-tickets-91478752411

Thank you to all who attended our September 17th, 2019 Chapter meeting! As with our other events the venue was packed with on-site attendees and we had a number of others join us remotely for an evening of great presentations & discussions.

A special thanks to our volunteers, and to our sponsor for this event, Grant Thornton LLP Canada for their continued support and generosity.

Susan Welstead delivered a dynamic and personal message of the importance, impact and effectiveness of Cybersecurity Awareness training. She spoke to the different approaches of training generational groups and what each of us can do both at work and at home.

Michael De Luca delivered a very engaging presentation on Blockchain, speaking to its workings, challenges and risks. The use of examples and scenarios of how conflicts were resolved was excellent for those who wanted to learn more about this technology.

Giles Dixon continued on Michael’s presentation and spoke of Blockchain investigations and forensics. His live demo of a forensics tool examining QuadrigaCX transactions was excellent.

The Chapter Team has been working hard to put these events together and we hope to see you again at our upcoming events!

For the targeted audience of students, recent grads and professionals who want to pursue careers in Cybersecurity, our (ISC)² Toronto Chapter Team organized yet another successful event: Careers in Cybersecurity – Carving Your Path to Success. This success was made possible in partnership with Grant Thornton LLP Canada who graciously provided us with the venue as well as refreshments for the event.

This event was kicked-off with a presentation from the Chapter Team and the professionals from Grant Thornton while covering the topics like how to get in and different domains/flavors of Cybersecurity; how to develop the core and soft skills targeting for the leadership positions over time; mentoring and networking; and internship and other opportunities in this field. The presentation was followed by a highly-interactive and fruitful panel discussion with Jeff Clark (Director, Cyber Security Incident Response, Forensics & Governance at CIBC), Ferris Adi (Senior Security & Compliance Manager at Rogers), Ayesha Khan (Business Communication Expert), and Victoria Granova (Chapter Team Member and Senior Information Security Consultant at CIBC) who provided some valuable insights for the hard-skills, soft-skills, and the attitude required for the success in this field.

The presentation was followed by a highly-interactive and fruitful panel discussion with Jeff Clark (Director, Cyber Security Incident Response, Forensics & Governance at CIBC), Ferris Adi (Senior Security & Compliance Manager at Rogers), Ayesha Khan (Business Communication Expert), and Victoria Granova (Chapter Team Member and Senior Information Security Consultant at CIBC) who provided some valuable insights for the hard-skills, soft-skills, and the attitude required for the success in this field.

The Toronto (ISC)² Chapter Team would like to thank Grant Thornton LLP Canada, who had graciously sponsored the venue as well as refreshments. This was a sold-out event and our first ever event that we made available to our membership to attend online via Skype.

Mohamed Elghazouly and Sandy Boucher from Grant Thornton Canada presented an insightful session on how to improve an organization’s cybersecurity posture. They shared real-life high-profile Canadian cases that helped outlined the real impacts of common mistakes that organizations are making but more importantly advice on immediate changes that we can all use to make a significant improvement in our organization’s security strategies. This lessons-learned from the field approach was refreshing and it was obvious that the audience was very engaged from the very interactive and thoughtful Q&A after the presentation.

John Berti, founder at Destination Certification, provided an overview of industry trends in security certifications and best practices to successful certification. He provided some insight into the value of security certifications, specifically the CISSP and CSSP and shared some sound advice on how to successfully navigate the certification process through self-study but also reminding everyone that the most successful approach is the focus provided via a boot-camp style training class.

Grant Thornton has graciously provided us with the venue as well as refreshments for our next exciting event, scheduled for June 18th, 6:00 – 8:00 PM EST.

We will be offering this event both on location at Grant Thornton 200 King St W as well as virtually via Skype.

If you are planning to attend virtually, please RSVP as soon as possible as virtual space is limited, and registration is mandatory for the collection of CPE credits.

First Topic:
The realities of Cybersecurity risk, beyond the myths and misconceptions
Mohamed Elghazouly, MSc, GSNA, CTPRP, CISA
Senior Manager, Cybersecurity at Grant Thornton
https://www.linkedin.com/in/mghazouly/

Mohamed is a Senior Manager, Cybersecurity with over 19 years’ experience, encompassing Cybersecurity, IT & Technical Audit and Risk Management across various industries. Projects included large number of infrastructure platforms, databases, middleware, and security architecture including Open Source, Analytics, Crypto-currency & other emerging technologies.

Sandy Boucher
Fraud & Corruption Investigator at Grant Thornton
https://www.linkedin.com/in/sandyboucher/

A seasoned investigator with 35 years of experience, Sandy joined the forensic and disputes resolution group of Grant Thornton in 2009, and currently leads the National Cybersecurity practice. This rapidly growing team provides support to organizations in assessing their cybersecurity risk, helping them to remediate their cyber programs and responding to data breaches and other cyber-attacks.

The Grant Thornton cybersecurity forensics team has been selected for a number of breach response panels by global insurance firms and has assisted organizations to tackle many varying cyber security incidents. Sandy’s experience in leading and managing these files has underlined the problems that cause them, and highlighted to him the need for a plain language approach to the issue. He has led and conducted a wide range of investigations including a number of high level corruption probes and has testified around the globe in both civil and criminal courts.

Synopsis:
Grant Thornton’s cybersecurity work with clients over the past few years has demonstrated that many organizations still do not properly understand the threats their businesses face, or the real impact a cyber-attack would have. This presentation, based on findings from real breach investigations conducted over the past two years will provide practical insights into cybersecurity risk today, and the necessary steps that many organizations are still not taking to protect themselves. Using a plain language approach is resonating with business leaders who have been left behind by over technical presentations and are wondering where and how to start.

Mohamed and Sandy will outline how to get started on the journey to improve your cybersecurity. Beyond the high-profile cases that have brought data security to the forefront, you will learn about the top cyber security risks facing Canadian businesses; steps you can take to prepare your people, protect your critical information and infrastructure, and improve your cyber security maturity, as well as common mistakes, and tips on how to make immediate changes that can significantly improve the security of your organization.

Second Topic:
A Practical Approach to Security Certification
John Berti, CISSP, CCSP, CISM, SSCP
https://www.linkedin.com/in/jberti/
Co-Founder, Destination Certification Inc.
(ISC)2 Senior Master Lead Instructor (20+ years)
Formerly Managing Director Enterprise and Cyber Risk Services, Deloitte (20 years)

John Berti is the Co-Founder of Destination Certification, an organization that he started with the pure focus on helping those interested in (ISC)2 certifications achieve their goals. Formerly, John was a Managing Director in the Canadian practice of Deloitte and Touche LLP’s Security and Privacy Services consulting practice. John has extensive experience in Information Security and Privacy including Cyber Risk, E-business and E-commerce security controls, network security reviews, intrusion and penetration testing, risk analysis, policy development, identity and access management, payment card industry experience, governance, security awareness, forensic investigations and information security assurance programs.

John has over 26 years of Information Security experience and continues to be one of the top Senior Lead Instructors for (ISC)2, the organization responsible for worldwide CISSP certification of Information Security professionals. He is a published author of the best-selling hard-cover book ‘Official ISC2 Guide to the CISSP Exam’ (Auerbach Publishers – 2004), as well as ‘Copyright Infringement and Protection in the Internet Age’ (IT Professional Magazine – 2010), and ‘Social Engineering – The Forgotten Risk’ (Information Security Management Handbook – Auerbach Publishers – 2001).

Synopsis:
John will be providing an introduction to Security Certifications and provide insight on best practices on how to successfully attain your certification goals based on over 20 years of experience as an (ISC)² Senior Master Lead Instructor. Whether you’re interested in becoming a new CISSP or adding a CCSP to your existing list of credentials, John will be offering something for folks interested in entering the security profession and security veterans alike. Those who attend this session will be offered advanced access to seats to our CCSP training event scheduled for the fall of this year.

(ISC)² Toronto Chapter and CIBC are pleased to announce an insightful evening with InfoSec industry leaders. A huge thank you to CIBC for being our venue sponsor!

Join us in discussing career opportunities and challenges in the evolving information security sector with an all-female panel!

** UPDATE – We hit our venue capacity for this event nearly immediately. Apologies to those who could not register to attend. Please check back on this event in the event that seats free up, otherwise we hope to see you at our next event! **

Register for this event using this link: https://lnkd.in/diDxNEi
The Chapter will be happy to submit your (ISC)2 CPEs for this event if you complete the survey provided on-site.

5:45-6:00 PM – Registration & Networking
6:00-6:30 PM – (ISC)² Toronto Chapter Keynote & Introduction of Speakers
6:30-8:00 PM – Panel Discussion
8:00-8:30 PM – Networking

Format: Panel with short foreword

Confirmed panelists:

1. Rachel Guinto, CISO
2. Sarah Qureshi, CISO
3. Heather Ricciuto, Academic Outreach Leader

Moderator: Victoria Granova