CISO Forum Canada 2027

Enjoy our seamless checkin process and grab your information for the day. We have a fresh selection of breakfast selections available to you right after.

Rising tensions in the Arctic are increasingly playing out in cyberspace. This session examines how disputes over sovereignty and critical infrastructure are driving cyber activity with global implications and what senior leaders need to understand to anticipate and manage these emerging geopolitical risks.

Clarity on when AI should act and when humans must take over during high‑impact incidents.

Recharge with a tasty snack break!

Almond Butter Protein Bar
Ontario Apple Oat Bar
Indulgent Energy Bar
Dark Chocolate, Raspberry & Crispy Rice
Acai Bowl
Mixed Berry Smoothie, Vanilla Yogurt, Mango
Hemp Seeds & Chia | NF, GF, V
Fruit Skewers
Mango Passion Fruit Cold Pressed Juice
Freshly brewed regular & decaffeinated Coffee & Teas.

Emphasizes shifting from technical metrics to business-aligned risk indicators for the C-suite and Board, including MTTR and the economic impact of top threat scenarios.

The rapid adoption of AI agents creates new security risks. Operating as unmanaged "shadow workers," these digital teammates can bypass traditional controls by accumulating excessive permissions. A unified identity strategy is critical.

This session explores how to govern human and AI agent identities together using SailPoint. We will cover how to discover and onboard all agents, assign human owners for accountability, and apply consistent governance. This approach allows you to safely embrace AI-driven automation by securing every identity in your enterprise—whether human or machine.

Despite a wide adoption of security awareness programs, 68% of employees still knowingly engage in risky behavior. This session moves beyond compliance checkbox exercises to explore how behavioral science is transforming security culture. We'll examine why traditional click-through training fails, how attackers exploit predictable psychological vulnerabilities, and what interventions actually change behavior.

Key takeaways include how to apply behavioral science principles to security programs, metrics that predict risk reduction, and how to frame cultural investments for board-level conversations.

This presentation explores the challenges and solutions for data protection in the era of Generative AI, focusing on Microsoft 365 Copilot and the partnership between Varonis Systems and Microsoft. It highlights real-world risks, best practices, and automated approaches to securing sensitive enterprise data as organizations adopt AI copilots and agents.

This roundtable examines D&O insurance, individual indemnification, and contractual safeguards, highlighting common gaps and key questions CISOs should raise with Boards, legal teams, and insurers to protect themselves in today’s risk environment.

Stretch your legs and take a deep breath!

Has the shift to a simulation-based defence model made traditional annual pen-tests effectively obsolete?

Simple guardrails that let organizations innovate with AI without losing control of risk.

Based on the 2026 Cloudflare App Innovation Report, which surveyed over 2,350 global leaders (including Canadian executives), this session explores the widening gap between "Leaders" and "Laggards." We will dissect why 13% of organizations are outpacing their peers by aligning security with innovation, rather than treating it as a silo.
Attendees will discover:
The AI Catalyst: Why modernized infrastructure is the only path to "Builder" status in the AI race.
The Velocity Trap: Data proving that strict security alignment actually accelerates speed-to-market and reduces remediation time.
A Framework for CISOs: Four actionable steps to streamline decision-making, automate security, and empower developers to build for what’s next.

As space and IoT become part of critical infrastructure, the security perimeter extends beyond the firewall. This session highlights the geopolitical and cyber risks shaping this new landscape

This roundtable explores how senior security leaders can manage these parallel communications, maintain trust, and align leadership decision-making under pressure.

Refuel and re-energize with a warm lunch

Caesar Salad
Coast to Coast Seafood Corn Chowder, PEI Potatoes, Mussels,
Pan Seared Salmon
Roasted Chicken
Montreal Spiced Rub Brisket
Warm Red Skin Potato Salad
Seasonal Roasted Vegetable Medley
Chocolate Mousse
Warm Ontario Apple Crumble Tart
Citrus Puff Tart

The narrative of the AI era has been dominated by fear. We believe it's time to change that.
6 Predictions for the AI Economy: 2026’s New Rules of Cybersecurity is the ultimate guide to the new rules of cybersecurity. We break down the latest technologies and threats you need to understand now:The new workspace threat, Securing the AI agent and the quantum countdown. These predictions provide the blueprint for an autonomous, platform-centric defense.

A strategic comparison of in-house SOCs versus MSSPs, exploring cost, control, scalability, and speed-to-value to help leaders determine the right build, buy, or hybrid approach for cyber resilience.

A brief look at emerging identity threats created by synthetic media and fake personas.

IDEaS & Procurement Workshop

Recharge with a tasty snack break!

Vanilla & Chocolate Marbled Mini Cake
Lemon Mini Cake
Spicy Honey Mini Cake
Classic Opera Chocolate And Coffee Cake
Fruit Skewers
Raspberry Lemonade With Mint
Freshly brewed regular & decaffeinated Coffee & Teas.

How smishing attacks against executives bypass traditional security controls, create disproportionate business risk, and demand a more focused, role-based defense strategy.

Why alert overload creates blind spots and operational risk, and how security leaders can redesign detection, triage, and response to stop attacks before business impact occurs.

The rush to embed AI into AppSec pipelines is outpacing enterprises’ ability to govern it. What happens when regulators and auditors start asking hard questions?

As cyber risk becomes business risk, CISOs must shift from tool management to outcome-driven security. This session focuses on building resilience through visibility, response readiness, and the right balance of internal and external capabilities.

As geopolitical tensions move from the battlefield to the server room, the traditional background check has become an obsolete defense against sophisticated insider threats. This session explores how to transform hiring into a proactive security pillar, ensuring that the people granted access to your network are your greatest assets rather than your most dangerous vulnerabilities.

Stretch your legs and take a deep breath!

This session examines cascading risks from simultaneous third-party breaches, focusing on board oversight, supply chain resilience, contractual liability, and contingency planning.

A snapshot of how autonomous attacker AI is evolving and what CISOs can do to counter it.

Unlock full visibility into your data estate with AI-driven data discovery and classification. Identify where sensitive data resides, apply the right protections, reduce risk exposure, and lower storage costs while enabling trusted, sovereign AI.

Ransomware once defined the modern threat landscape—until attackers found a more scalable, stealthy, and psychologically potent weapon: Generative AI. As organizations rapidly embed Gen AI into business processes adversaries are learning how to hijack these systems to manipulate outcomes, exfiltrate sensitive data, and erode trust at machine speed.
This presentation explores how Gen AI hijacking is emerging as the next evolutionary step in cybercrime. We will examine real-world attack patterns including prompt injection, model poisoning, data leakage via inference, and AI-driven social engineering—demonstrating how these techniques can cause operational paralysis and financial impact comparable to, or greater than, traditional ransomware campaigns.
Attendees will gain a clear understanding of why Gen AI systems are becoming high-value targets, how these attacks differ from classic malware, and what security leaders must do now to detect, contain, and prevent AI-centric threats. The session concludes with practical guidance on securing AI pipelines, monitoring model behavior, and building resilience before Gen AI hijacking becomes as ubiquitous—and devastating—as ransomware once was.

Seasoned CISOs are increasingly asking a pivotal question: what comes next after having the top security job? This interactive roundtable explores how security leaders can prepare, and translate hard-earned operational experience into meaningful, high-impact “second chapters” across industry, government, startups, academia, and community leadership without losing relevance or purpose.

Participants will examine the career paths CISOs are pursuing today: board and advisory roles, venture and private equity operating partnerships, public-sector and critical infrastructure leadership, founder journeys, interim executive models, consulting platforms, and portfolio careers that blend several of the above. We will discuss what makes the CISO skillset uniquely valuable beyond a single full-time role enterprise risk fluency, crisis leadership, trust-building, and the ability to align technology, business outcomes, and human behaviour under pressure.

Attendees will leave with a clear set of actions to begin planning and preparing early so the next step is deliberate, resilient, societally impactful, stimulating, satisfying and fun.

Join us in celebrating exceptional cybersecurity leaders whose vision, leadership, and contributions continue to shape the industry.
⦁ Emerging Cybersecurity Leader Award
⦁ Community Champion Award
⦁ Visionary Award
⦁ CISO of the Year Award
⦁ Lifetime Achievement Award

Step into an exclusive evening of elegance, where Canada’s top cybersecurity leaders gather in a sophisticated, relaxed setting.

This event is all about unwinding and enjoying the company of peers in a comfortable, upscale atmosphere. With an open bar and gourmet hors d’oeuvres served throughout the night, this gathering offers the perfect opportunity to connect and relax.

It’s the ideal way to cap off your day—an evening of effortless networking and enjoyable conversation, making it a must-attend event for those looking to unwind.