Home

Home

THEME FOR 2018

Driving Resilience

AN ESSENTIAL FORUM
FOR CYBER SECURITY

Today’s technology landscape is evolving at an exponential pace, forcing businesses of all sizes to adapt to stay competitive. At the same time, the risk to businesses from malicious cyber attacks is growing just as fast, if not faster.

The International Cyber Risk Management Conference (ICRMC) provides delegates with an essential forum to learn from experts, network and share experiences with peers and colleagues, and get the answers they need to help them mitigate and respond to today’s rapidly evolving cyber threat landscape.

WHO SHOULD ATTEND

2017 videos

ICRMC is a content-rich event where the primary goal is to inform and educate attendees about the issues.

The programming is driven by a world-class Advisory Committee made up of cyber risk subject matter experts from the areas of information technology, insurance and risk management, law, audit and compliance, governance, academia and public policy.

This video series features interviews with members of the Advisory Committee about the issues and theme of the third annual conference: Closing the Gaps.

A new series of videos for the fourth annual conference around the theme of Driving Resilience will be launched soon.

AGENDA

2018 MASTER OF CEREMONIES

Adam Segal

Director of Cyberspace and Digital Policy Program at Council on Foreign Relations, author of The Hacked World Order

WHO SHOULD ATTEND?

ICRMC is designed to appeal to a wide audience of professionals — “because cyber risk is everyone’s business.” The conference is programmed to provide actionable information for all professionals that play a role in managing cyber risk in their organization—not just IT professionals.

NETWORK AND DATA SECURITY

If protecting your organization’s network and its data from cyber risks are part of your core responsibilities, ICRMC is the place to be.

Hear from expert speakers and network with your peers to learn about the latest technology tools, best practices and solutions for managing cyber risk.

ENTERPRISE RISK AND GOVERNANCE

Today, the responsibility for managing cyber risk has moved beyond the IT department to include every member of an organization.

For leaders whose roles encompass aspects of overall enterprise risk management, ICRMC offers open discussions on today’s most pressing risks and opportunities for idea sharing with other risk management professionals.

PUBLIC PRIVATE DIALOGUE

Protecting businesses and citizens from the latest cyber threats has become a key public policy initiative for all levels of government and public institutions.

The ICRMC provides the unique opportunity for policy makers and public sector employees to engage in dialogue with members of the private sector about how best to work together to combat cyber risk.

schedule of events

  • Wednesday
    April 11, 2018

07:30 AM

07:45 AM

Registration Opens and Breakfast

Sponsored by Lloyd’s

09:00 AM

09:15 AM

Welcome and Acknowledgements and Intro Address

Joel Baker

President & CEO
MSA Research Inc.

Adam Segal

Director of Cyberspace and
Digital Policy Program at Council on Foreign Relations

09:15 AM

10:15 AM

The Year in Review: Lessons Learned

Session description and participants coming soon.

10:15 AM

10:40 AM

Networking Break

Sponsored by Zurich

10:40 AM

12:00 PM

Regulatory Framework and Policy Update - Interview With A Policymaker

A public servant from Department of Innovation, Science and Economic Development Canada will participate.

12:00 PM

1:30 PM

Lunch and Keynote Presentation

Sponsored by AIG

BGen R.G. Mazzolin Ph.D., P.Eng., OMM, CD

USCYBERCOM Vice J5 (Policy & Plans) – Coalition Integration
Canadian Forces

1:30 PM

3:00 PM

Evolving Cyber Risk Management Practices: Views From the C-Suite

In this session, two senior vice presidents with oversight for information security at two major Canadian banks will discuss how C-suite roles and responsibilities in information security and technology are evolving as part of new approaches to mitigating cyber risk. Both panelists were promoted to their current role after serving as Chief Information Security Officers (CISOs) and they will talk about how they work with their teams to stay on top of a dynamic and fast moving threat landscape, and how they view cyber risk in the context of broader technology risk. The panelists will talk about where they act as a first line or second line of defence against different kinds of cyber risks within the technology and operations area of the bank, and challenges associated with maintaining those lines of defence. Additional topics to be discussed include the relationship between cyber security and more traditional physical security for banks (the “3Gs” of guns, guards, and gates), as well as areas of opportunity for cross-industry collaboration on mitigating cyber risk such as in payment modernization.

Moderator

Adel Melek

Global Vice Chairman, Risk Advisory
Deloitte LLP

Panelist

Laurie A. Pezzente

Senior Vice President,Risk & Security Services
Technology & Operations
Royal Bank of Canada

Panelist

David Bruyea

Senior Vice-President, Chief Information Security Officer
and Chief Security Officer Enterprise Security and Risk Services
Canadian Imperial Bank of Commerce

3:00 PM

3:25 PM

Networking Break

Sponsored by CyberScout

3:30 PM

4:30 PM

Sensors, Smart Networks and Risk In The Internet of Things (IoT)

Businesses in a growing number of industries today find themselves increasingly reliant on information entering their networks from sensors, smart devices and other machines that are broadly categorized as part of the Internet of Things (IoT). The IoT provides businesses with opportunities for faster, smarter and more dynamic flow of data than ever before. The IoT also introduces a host of new risk management concerns that may be beyond the capabilities of their current information security protocols. This panel discussion will explore a number of issues related to cyber risk and the IoT, including: whether today’s risk management practices are sufficient, or wether a complete reset is required; cost of compliance; and threat modelling. Two of the panel participants come from industries that have a wealth of experience using sensors and networks of connected devices: defense and utility companies.

Moderator

Abhay Raman

Partner, Cyber Security and Resilience, Canada
EY Canada

Panelist

Imran Ahmad

Partner
Miller Thompson LLP

Panelist

Tyson Macaulay

Chief Technology Officer – Cyber
BAE Systems Applied Intelligence

4:30 PM

5:30 PM

Cocktail Reception

  • Thursday
    April 12, 2018

07:30 AM

08:30 AM

Breakfast

08:30 AM

09:30 AM

Shall We Play A War Game? You’ve Been Hacked!

Corporate crisis scenario planning meets dinner theatre in this special interactive session. To help financial institution board members and senior executives better understand the risks of cyberattacks and their ability to respond to them, the Global Risk Institute (GRI) has developed a board-level cybersecurity war game called “You’ve Been Hacked!” Following an outline of the elements that make up a successful war gaming scenario, audience members will have the opportunity to participate in a real game of “You’ve Been Hacked!” GRI President and CEO Richard Nesbitt will play the role of the “CEO” of a fictitious fintech startup that has suffered a breach, while the company’s “CRO” provides periodic updates on the escalating crisis. Audience members will be invited to play “board members” of the fictitious startup and grill their CEO on how the company is responding.

Participant

Richard Nesbitt

President and CEO
Global Risk Institute

Participant

Alex LaPlante

Managing Director, Research
Global Risk Institute

Participant

Steve Tenai

Senior Partner
Norton Rose Fulbright

09:30 AM

10:30 AM

Resilience: What’s Insurance Got To Do With It?

As cyber attacks and events become more frequent, sophisticated and financially devastating, cyber insurance is playing an increasingly important role in supporting companies’ resiliency. Once a company becomes aware of a cyber event, the costs and capital requirements—for PR firms, investigations, remediations, lawyers and more—start piling up immediately and can continue for years. Insurance can provide critical contingent capital to help companies offset the materiality of the financial burden as well as support for navigating the multitude of issues resulting from a breach. This panel will look at three areas of resilience, discussing the role insurance can play in each: a) brand resilience, with an emphasis on what a good public relations plan and response looks like; b) financial and operational resilience, paying attention to business interruption and business continuity planning; and c) legal and regulatory resilience, such as how insurance can help mitigate the risk of litigation related to a breach.

Moderator

Gregory Markell

President and CEO
Ridge Canada

Panelist

Charles Muggeridge

Senior Vice President & Partner, Reputation Practice
FleishmanHillard Toronto

Panelist

Ruby Rai, CIPP/C, CRM

Cyber Underwriting Specialist
AIG Canada

Panelist

Brian Rosenbaum

SVP, National Cyber & Privacy Practice Leader,
Aon Canada Inc.

10:30 AM

10:55 AM

Networking Break

11:00 AM

12:00 PM

Technology As A Component Of Resiliency

Information Security professionals—from Chief Technology Officers (CTOs), Chief Information Officers (CIOs), Chief Information Security Officers (CISOs) and related roles with responsibility for the security of an organizations’ information assets—are commonly viewed as the most critical line of defence against cyber attacks. With the threat landscape mostly outpacing the technology, operational capacity and procurement budgets to defend against sophisticated attacks, these professionals are often challenged to deliver true resiliency for their organization. Most rely on a complex combination of poorly integrated technology, processes and safeguards that are simply not equal to the task. In this session, the CTO of a major Canadian financial institution will discuss approaches for taking inventory and getting the most from the technology solutions already at hand. The discussion will also include guidance on how to start moving from thinking about existing “brownfield” threats to the newer “greenfield” threats and the role that advancements in technology, including machine learning and security analytics, can play in responding to them. This includes how to remain resilient during an organization’s adoption of new operating models that redefine its perimeter such as cloud computing, mobile technology and Bring Your Own Device (BYOD).

Introduction By

Jonathan Raymond

Senior Manager, Advanced Threat Solutions
Cisco

Speaker

Daniel Thanos

Chief Technology Officer, Security
TD Bank Group

12:00 PM

1:30 PM

Lunch and Keynote Presentation

Keynote Speaker

Scott Jones

Assistant Deputy Minister, Information Technology Security (ITS)
Communications Security Establishment

1:30 PM

2:45 PM

Cyber Resilience Through Collaboration: Building a Stronger Public/Private Partnership

In 2016, Public Safety Canada began a periodic review of measures to protect critical infrastructure and Canadians from cyber threats. The review included a public consultation period in which members of the public including business leaders were invited to provide feedback. A consistent theme in the feedback Public Safety received was the need for greater collaboration. What does greater collaboration look like? What do large Canadian businesses need from the federal government today to help them be more resilient to cyber threats and vice versa? This session will look for answers to some of these questions through a dialogue between a senior department official from the Ministry of Public Safety and representatives from two major industry groups in the Canadian economy: banking and electricity.

Moderator

Robert W. (Bob) Gordon

Executive Director
Canadian Cyber Threat Exchange

Panelist

Neil Parmenter

President and Chief Executive Officer
Canadian Bankers Association

Panelist

Francis Bradley

Chief Operating Officer
Canadian Electricity Association

Panelist

Monik Beauregard

Senior Assistant Deputy Minister, National and Cyber Security Branch
Public Safety Canada

2:45 PM

3:30 PM

Closing Keynote Presentation

Keynote speaker to be announced soon.

3:30 PM

4:00 PM

Conference Wrap Up

Joel Baker

President & CEO
MSA Research Inc.

2018

SPONSORS

Signature Partner

Platinum Sponsors

Gold Sponsors

Silver Sponsors

General & Media Sponsors

Supporting Partners

Become a Sponsor

Take advantage of this opportunity to reach your target audience at the premier event for cyber risk management. ICRMC sponsorships are a unique opportunity for you to gain exposure to industry influencers and thought leaders. For more information about becoming a sponsor at this premier event please contact Daryl Angier at daryl.angier@icrmc.com or +1.647.534.8309.

ICRMC speakers have changed
the way you think about cyber risk

Featured Speakers

President and Chief Executive Officer
Canadian Bankers Association
President and CEO
Global Risk Institute
Senior Vice President, Risk & Security Services
Technology & Operations
Royal Bank of Canada

2018 ADVISORY COMMITTEE

  1. Partner, Cyber Security and Resilience, Canada
    EY Canada
  2. Global Vice Chairman, Risk Advisory
    Deloitte LLP
  3. Senior Manager, Consulting Services
    Mandiant
  4. SVP, National Cyber & Privacy Practice Leader,
    Aon Canada Inc.
  5. Counsel, Global Privacy and Cybersecurity Group
    Dentons Canada LLP
  6. Senior Vice President, Cyber Practice Leader
    Marsh Canada Ltd.
  7. President and CEO
    Ridge Canada
  8. President & CEO
    MSA Research Inc.
  9. Senior Manager, Advanced Threat Solutions
    Cisco
  10. Associate Professor
    École Polytechnique de Montréal
  11. Executive in Residence
    Global Risk Institute
  12. Executive Director
    Canadian Cyber Threat Exchange

TESTIMONIALS ABOUT ICRMC
The panel participants were all very interesting and the topics were well thought out. It ran very smoothly and the content was great.
Kristin BartonReinsurance Analyst, The Co-operators Group
The vast sessions on cyber and its issues were excellent. Speakers were very knowledgeable and provided great insight.
Al RecioAVP, Axis Pro, Axis Reinsurance Company
The topics and sessions were all excellent. I specifically enjoyed the diversity of the presenters.
Jack TchakmakVice President, Cornell Insurance Brokers