CISO Forum Canada 2025

Enjoy our seamless checkin process and grab your information for the day. We have a fresh selection of breakfast selections available to you right after.

Begin your morning with a healthy and inspired breakfast.

Chef’s Selection of Seasonal Juice & Smoothies
Cereals | Whole & Skim Milk
Quinoa, Nut & Dried Fruit Granola
Natural & Fruit Flavoured Yogurts
Fruit & Berry Salad
Danish Pastries , Assorted Muffins, Croissants, Mini Bagels,
Sourdough, White & Multigrain Breads
Sweet Butter, Fruit Marmalade , Preserves & Honey
Plain & Fine Herbs & Garlic Cream Cheese
Steel Cut Oatmeal Bar
Brown Sugar, Raisins, Cinnamon , Pecans & Pure Maple Syrup
Classic Scrambled Egg
Cheddar Cheese & Chives | NF, GF, Veg

CISO Forum Canada 2025 is entering its 7 year. Join us as we begin with our land acknowledgements and opening comments from dignitaries and special guests. Our MC for the day, Bil Harmer will be eager to welcome you all.

Exploring how cybersecurity strategies need to adapt in the context of global political and economic conflicts.

In a world of rapid technological advancements and rising global tensions, Canadian CISOs must navigate uncharted waters. This panel delves into how leaders can prepare for the transformative impacts of quantum computing, harness AI responsibly, and address geopolitical risks, all while advancing Canada’s cybersecurity strategy. With a focus on resilience, innovation, and strategic collaboration, this discussion offers actionable insights for driving security transformation and shaping a more secure, adaptive future.

Recharge with a tasty snack break!

Almond Butter Protein Bar
Ontario Apple Oat Bar
Indulgent Energy Bar
Dark Chocolate, Raspberry & Crispy Rice
Acai Bowl
Mixed Berry Smoothie, Vanilla Yogurt, Mango
Hemp Seeds & Chia | NF, GF, V
Fruit Skewers
Mango Passion Fruit Cold Pressed Juice
Freshly brewed regular & decaffeinated Coffee & Teas.

How adversarial attacks on generative AI systems reveal vulnerabilities and inspire safeguards for more robust AI security

Generative AI is no longer just a futuristic concept—it’s already in use by your employees. The real question is: how will your organization adapt to this rapidly changing landscape? With emerging risks like shadow AI, prompt injection, and data loss, businesses must evolve to stay protected. In this session, we will provide an overview of the challenges in the modern AI world, how to “fight AI with AI,” and best practices to implement AI-driven security in your organization to stop AI-powered threats, remediate risks, and meet the demands of compliance.

As enterprise networks evolve, the shift to cloud-first architectures and the adoption of Secure Access Service Edge (SASE) frameworks have introduced unprecedented complexity. This session will examine how these trends have reshaped the security paradigm, moving from traditional perimeter-based defenses to dynamic, distributed strategies. We’ll explore how network security operations are adapting to these changes through automation, orchestration, and AI, enabling organizations to manage complexity, secure hybrid environments, and stay ahead of emerging threats.

Dive into the real meaning behind zero trust—shifting the narrative from "zero" to building dynamic, reliable trust. This session reframes the concept, addressing implementation struggles and providing actionable insights to turn vision into operational reality.

How jailbreak exploits and ethical red-teaming uncover risks in LLMs like ChatGPT.

Stretch your legs and take a deep breath!

A walk through of a number of use cases on how GenAI and AI generally are used in the SOC to streamline security engineering, security investigations and threat hunting.

This session emphasizes the critical need for a proactive approach to system hardening, particularly in legacy, medical, and operational technology (OT) environments. It underscores the importance of maintaining up-to-date compliance with regulations and building resilience through robust backup and disaster recovery systems, which should be regularly tested. The session also highlights the necessity of leveraging global threat intelligence to detect and respond to evolving cyber threats more effectively. Additionally, it advocates for simulating real-world attacks—beyond basic phishing scenarios—and adopting an "assume compromise" mindset to better prepare for potential breaches. Real-world examples will be shared to illustrate these strategies in action.

Lessons from high-profile deepfake incidents to develop countermeasures for social engineering attacks.

Refuel and re-energize with a warm lunch

Caesar Salad
Coast to Coast Seafood Corn Chowder, PEI Potatoes, Mussels,
Pan Seared Salmon
Roasted Chicken
Montreal Spiced Rub Brisket
Warm Red Skin Potato Salad
Seasonal Roasted Vegetable Medley
Chocolate Mousse
Warm Ontario Apple Crumble Tart
Citrus Puff Tart

Join upcoming security leaders as they prepare to deal with a live incident and present their response plans!

As generative AI reshapes the digital landscape, it also transforms the tactics of cyber adversaries. From creating malicious code at scale to generating hyper-realistic phishing campaigns, the AI-powered threat landscape grows more complex and insidious. At the same time, organizations are leveraging generative AI, cloud computing, and modernized infrastructures to enhance their capabilities and accelerate missions.
However, this dual-edged sword raises critical questions:
How can organizations harness generative AI to strengthen cyber defenses without introducing new vulnerabilities?
What does the emergence of AI-powered cyberattacks mean for organizations managing sprawling, interconnected networks?
In a world of limited resources, how can organizations design agile and robust defenses to withstand evolving threats?
This session dives into the rapidly evolving nexus of generative AI and cybersecurity, offering actionable insights to help organizations stay resilient in the face of increasingly sophisticated cyber adversaries.

How companies are combatting insider threats and social engineering with stronger policies and advanced security tools.

Infrastructure in the cloud is now defined as code, tested in CI/CD pipelines, and continuously deployed—yet many organizations still rely on siloed security practices. This session introduces a continuous, horizontal security model that unifies security across the development lifecycle, providing deeper, context-rich alerts that lead to quicker resolutions. We’ll also share how responsibilities can be distributed among CISOs, CIOs, and business units to reduce friction. Attendees will walk away with a blueprint for aligning security with modern infrastructure practices and maintaining robust security in the cloud.

Recharge with a tasty snack break!

Vanilla & Chocolate Marbled Mini Cake
Lemon Mini Cake
Spicy Honey Mini Cake
Classic Opera Chocolate And Coffee Cake
Fruit Skewers
Raspberry Lemonade With Mint
Freshly brewed regular & decaffeinated Coffee & Teas.

How organizations can navigate Ontario’s Bill 194 with practical advice from compliance-focused CISOs.

Modern businesses run in the cloud. Bad actors know this and are escalating their attacks on cloud applications, with increasingly sophisticated attacks.
To effectively secure cloud environments, businesses must be able to detect and stop cloud attacks before they materialize.

In today's dynamic cybersecurity landscape, one of the biggest challenges for organizations is understanding what they don't know but should about SaaS security. Unknown risks, shadow IT, and hidden vulnerabilities can leave organizations exposed, and without the right insights, security leaders are often left navigating blind spots.
In this engaging fireside chat, Renee Guttmann, a renowned Fortune 50 CISO, and Alfredo Hickman, CISO of Obsidian Security, will discuss the critical importance of identifying and mitigating these unknown risks. They will explore how solutions like Obsidian Security empower CISOs and security teams to uncover the blind spots in their SaaS environments, ensuring visibility, proactive risk management, and robust protection.

Stretch your legs and take a deep breath!

In a world where AI singularity is within reach, the line between human and machine is increasingly blurred. More Human than Human explores the profound impact of artificial intelligence and automation on our understanding of the future of identity and cybersecurity. This session takes you on a compelling journey through the evolving landscape of identity management and identity security, where the interactions with human and non-human identities create unprecedented challenges, and opportunities for organizations.

Cloud complexity continues to grow in organizations as cloud and AI development accelerate. In response, many organizations have transformed their cloud security operating model, with over 30% of Wiz customers achieving zero critical issues across their cloud environment. This session will cover the best practices and insights from those journeys, including how to democratize security, prioritize risks, and consolidate siloed tooling while bringing along developers, DevOps, SOC, and now AI teams on the cloud security journey.​

How multinational companies tackle complex privacy regulations, including GDPR and CCPA, to stay compliant.

Join us as we celebrate the achievements of 4 cybersecurity leaders!

Step into an exclusive evening of elegance, where Canada’s top cybersecurity leaders gather in a sophisticated, relaxed setting.

This event is all about unwinding and enjoying the company of peers in a comfortable, upscale atmosphere. With an open bar and gourmet hors d’oeuvres served throughout the night, this gathering offers the perfect opportunity to connect and relax.

It’s the ideal way to cap off your day—an evening of effortless networking and enjoyable conversation, making it a must-attend event for those looking to unwind.