Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risk. Vulnerabilities in components are a hidden cost of free software. And their widespread use creates opportunities for attackers looking to exploit the most possible victims by...
The University of Toronto has been impersonated over a dozen times in the past two and a half years in a somewhat sophisticated scam designed to steal goods to order. This presentation will detail how the scam works (with examples!), talk about some of the mitigating actions that have been performed, as well as some...
Recent apparent hack attacks against Canadian banks, the sentencing of a Canadian for helping enable the Yahoo breach, and the Equifax breach's impact in Canada all point to the need to be more aggressive in ramping up cybersecurity efforts in light of emerging threats.
Protecting data has become more challenging as...
In the wake of recent ransomware attacks, such as WannaCry, which have plagued organizations for the last year, what lessons do we have yet to learn? The widespread WannaCry attacks were not particularly sophisticated or stealth. So why did they have such an impact?
In this session, panelists discuss why the "wartime...
Too many organizations continue to address breach response from a reactive mode - having a crude disaster-recovery plan in place in case something "does" happen, rather than accepting that something "will" happen and proactively preparing for it. In this session, a panel of legal, technical and law enforcement experts...
The European Union's General Data Protection Regulation has been the buzz of 2017, and security leaders globally understand the regulation's basics, including the 72-hour breach reporting mandate, the May 2018 enforcement date and the noncompliance penalty of up to 4 percent of annual global revenue or 20 million...
Will the Equifax breach be a game changer, or just another big-name security mishap that slowly fades away out of collective memory? Does this massive breach have the potential to be the incident that leads to sweeping regulatory changes, when it comes to credit bureaus and data collectors like Equifax? If so, what...
Implementing clouds in heavily regulated environments is either unscalable and slow, because of legacy audit requirements and processes, or simply implemented without audit controls. While these may seem like acceptable risks, the 20 million euro minimum penalty under GDPR, and the threat of blanket ransomware...
Organizations of all sizes today face serious and consequential risk management challenges. Technology is often presented as the ultimate solution. But in many cases, organizations are experiencing not just a technical challenge, but a "language" challenge, especially when it comes to risk management communication...
Ransomware presents some unique challenges to organizations, regardless of their size, industry or geography. It has very distinct behavior relative to other kinds of malware. For example, it actually tells you that an attack has taken place. From a defender's point of view, being alerted to an attack is far better...
Organizations are increasingly moving workloads to hosted Infrastructure-as-a-Service (IaaS) environments. In many cases, they are extending their data centers across one or more IaaS providers, creating hybrid cloud environments. This session will explore best practices for extending data centers to hosted...
How have major Canadian data breaches helped to shape incident response plans and data security at the organizational level? In this session, Imran Ahmad, an attorney who leads the cybersecurity practice at Miller Thomson and wrote the book, "Cybersecurity in Canada: A Guide to Best Practices, Planning and...
The financial risks to organizations from data breaches include share price hits, class action lawsuits, fines from regulators and reputational damage. As a result, the cyber insurance market is heating up. Larger insurers are already helping companies spot and mitigate weaknesses as part of their coverage and helping...
The biggest companies often take matters into their own hands when it comes to breach prevention, eschewing long-term relationships with vendors and charting their own courses with a dizzying array of technologies. Meanwhile, smaller companies fall further behind, struggling to find talent and budget, while security...
Many organizations are undergoing a transformation to support digital platforms and stay competitive. But to maintain security, they have to ensure that access to these platforms is limited. New vulnerabilities to cybercrime are being introduced through hybrid environments that often include remote access to systems...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
