Marco Lattavo is a senior cybersecurity and technology risk executive with over 20 years of experience leading enterprise-scale security, identity, and risk programs across Canada’s largest financial services and insurance organizations. He currently serves as AVP, Identity and Security Operations at Definity, where he is responsible for enterprise cybersecurity strategy and execution spanning identity and access management, security operations, vulnerability management, application security, and cloud security.
At Definity, Marco leads large, multi-disciplinary teams and oversees complex, regulated environments supporting business transformation and growth. His work has focused on modernizing cyber defense capabilities, strengthening governance and resilience, and embedding security into digital and cloud transformation initiatives. He is recognized for advancing AI-enabled security use cases to improve detection, prioritization, and remediation outcomes, while ensuring alignment with regulatory expectations and business objectives.
Prior to Definity, Marco held progressively senior leadership roles at Scotiabank, BMO Financial Group, and CIBC, including serving as Information Security Officer for Scotiabank’s Global Banking & Markets and Enterprise Head of Identity and Access Management at BMO. Across these roles, he led global security operations, identity governance, incident response, and risk management programs supporting tens of thousands of users across multiple continents. He has deep experience operating in highly regulated environments and aligning security programs with frameworks such as NIST, COBIT, and financial services regulatory standards.
Marco is a trusted advisor to executive leadership and Boards, regularly presenting cyber risk posture, systemic vulnerabilities, and investment priorities in clear, business-focused terms. Known as a transformation leader, he has built and scaled high-performing global teams, established centralized security operating models, and driven cultural change that positions cybersecurity as a business enabler rather than a barrier.
Beyond his corporate leadership, Marco is an active contributor to the broader cybersecurity community. He has participated in industry forums and working groups, spoken at security conferences, and collaborated across the financial services sector on topics including identity governance, cyber resilience, and operational risk. His perspective bridges deep technical expertise with strategic governance, making him a strong advocate for practical, outcome-driven security leadership.
Marco maintains multiple industry certifications, including CISSP, CISM, CISA, GSEC, and GSNA. He is passionate about advancing the maturity of the cybersecurity profession, mentoring future leaders, and contributing to industry collaboration and knowledge sharing.