Speakers
BSides Calgary's Call for Papers closed February 28th, 2025.
Keynote Speakers
Kyle Howson
With over 20 years of expertise in IT Security, Kyle specializes in Threat Detection and Response, Security Assessments, and hands-on experience with a broad range of security products. He has built a reputation as a trusted advisor to both customers and colleagues, leveraging technical expertise, industry knowledge, and genuine passion for the field to drive success through collaboration and teamwork.
Roger Grimes
Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is a 36-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 15 books and over 1,500 articles on computer security. He has spoken at many of the world’s biggest computer security conferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR’s All Things Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee, and Microsoft. He has consulted for hundreds of companies, from the largest to the smallest, around the world. He specializes in host and network security, quantum security, identity management, anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, and technical writing. His certifications have included CPA, CISSP, CISA, CISM, CEH, MSCE: Security, Security+, and yada-yada others, and he has been an instructor for many of them. His writings and presentations are often known for their real-world, contrarian views. He was the weekly security columnist for InfoWorld and CSO magazines between 2005 - 2019.
Speakers
A.J. Leece
A.J. Leece is the founder and Managing Director of Brekade, an innovative company built around harnessing the power of curiosity and fun to help make the tedious and difficult parts of business resilience, something your whole team is excited to do. Developing video games that help businesses better confront the unknown means everyone has a chance to contribute to keeping the business running, regardless of their technology background. With more than 15 years in the infosec space as a front-line worker, teacher, mentor, consultant, and counter of 1s & 0s, A.J. has become an authority on building and gamifying effective competence training in an industry beset by threats from all sides.
Allan Lyons
Allan Lyons is a Ph.D. student at the University of Calgary in Canada. His research interests are centered around privacy and security with a particular focus on mobile devices.
Andrew Amaro
Andrew Amaro’s approach to security is holistic and purposeful. With over two decades of experience in the intelligence community, private industry, and startups, he recognized a gap in the security industry: a lack of comprehensive solutions tailored to specific threats, risks, and business practices. His goal is to enhance security without adding unnecessary complexity or technological debt.
Andrew serves as the Chief Security Officer at Klavan Security, a company he co-founded to provide comprehensive physical and cyber security solutions. He is also a board member of the Canadian CyberSecurity Network and host of the podcast "Shadow Tactics – Insights into Security," where he shares actionable insights on evolving security threats.
A sought-after speaker and mentor, Andrew has delivered keynote addresses at the Security Canada Conference, spoken at Bsides Ottawa and HackerHalted Atlanta, and mentored startups in global incubators, helping them navigate complex security challenges.
Andrew’s approach is shaped by his extensive background, including his tenure at the Canadian Security Intelligence Service (CSIS) as a Technical Operations Agent and Senior Manager of the Counter Terrorism - Proliferation Tech Ops Group. In these roles, he led teams specializing in data exploitation, online anonymity, and digital surveillance, supporting national security investigations.
Since transitioning to the private sector in 2019, Andrew has focused on dark web navigation, risk management, and cyberattack incident response. He has also guided startups in achieving SOC2 Type I & II and ISO27001 certifications, ensuring their compliance with rigorous security standards.
Through Klavan Security, his leadership in the cybersecurity community, and his podcast, Andrew is dedicated to helping organizations address critical risks while building scalable, robust security foundations that evolve with their growth.
https://www.linkedin.com/in/andrew-amaro-klavansecurity/
Bogdan Trufanda
Bogdan Trufanda is a Threat Hunter in CrowdStrike's Cloud Runtime Security Team.
Bogdan is responsible for gathering actionable application and security intelligence for CrowdStrike products, specialising in gathering Threat Intelligence and researching exploitation techniques involving containers and the cloud space.
Bogdan Tiron
Bogdan Tiron is a seasoned security consultant with over 10 years of experience specializing in application security. He has a proven track record of enhancing security measures for leading organizations, including bet365, JPMorgan Bank, GFK, HSBC, Lloyds Bank, and WorldRemit. Throughout his career, Bogdan has held various roles, including application security consultant, pentester, security architect, and DevSecOps specialist. Four years ago, recognizing a gap in quality within the pentesting industry, he co-founded FORTBRIDGE, a cybersecurity consulting company that offers pentesting, phishing, and red-teaming services to clients seeking to enhance their security posture. Passionate about staying ahead of emerging threats, Bogdan is dedicated to fostering a culture of security within organizations and empowering teams to integrate security practices seamlessly into their workflows.
Chance Pearson
Chance went to school at the University of Alberta where he received his Bachelor of Science in Computing Science and now works as a team lead at Packetlabs performing various penetration tests for clients. They enjoy working in the cloud with a focus on Azure and Hybrid environments.
Haris Qazi
Haris Qazi is a Cybersecurity Engineer with a passion for researching and exploring topics in Operations Security and Cybersecurity. He has received the Most Valuable OSINT Award from the Trace Labs organization for his work in assisting in locating a missing person.
Dr. Cherry Mangla
Dr. Cherry Mangla is an Assistant professor at Concordia University of Edmonton, AB,
Canada. She also serves as ISC2 Alberta chapter membership director since May 2024. Prior to Concordia she was a Visiting scholar in IQST, University of Calgary, Calgary, Canada. Her primary research focuses on securing next-generation networks using state-of-the-art techniques. She has made significant contributions through her publications in prestigious academic journals such as IEEE Network Magazine, Multimedia Tools and Applications, and ISA Transactions.
Chris Timmons
Canadian-Irish. Chef. Barista. Sharpshooter. Lockpicker. Oxford comma enthusiast. Has been known to perform other unsavoury acts (like cheering for the Leafs when they were the only Canadian team left in the NHL playoffs). I take things apart and try not to have screws left over when reassembling (unless it is on purpose!). I have worked in various security fields in consulting and leadership positions for over 27 years. According to my wife, I am addicted to technology to fuel my constant need for knowledge and to make it right. At least I think that is what the text-to-speech on my coffee machine said.
https://www.linkedin.com/in/chris-timmons
@brokendata.com (bsky)
@broken_data (Twitter/X)
@brokendata@infosec.exchange
Dianna Pieper
Dianna Pieper is a senior IT leader and the CEO and Founder of Innovus Techne, a consulting and services organization focused on building scalable strategies in technology, leadership and business outcomes. She excels in implementing transformative strategies and fostering high-performing teams. Known for her collaborative and forward-thinking approach, she integrates advanced technology solutions to enhance organizational efficiency and resilience. Dianna has tactical and strategic experience in cybersecurity, emphasizing proactive measures to address emerging threats and safeguard critical systems, a key focus given her experience managing diverse IT environments across many industries.
Dina Board
Dina is a passionate self-starter with a unique blend of skills and experiences across cybersecurity, teaching, and leadership. After five years of teaching English, leadership development, and business skills to a wide range of people—including senior engineers and even nine-year-olds—Dina gained experience working in Sweden, Germany, and Canada, which helped her develop a deep sense of adaptability. In 2022, Dina made her own pivot into the tech world, earning an IT Technician certification and eventually stepping into her current role as an Information Security Compliance Analyst. She focuses on PCI DSS security assessments, policy gap analyses, and physical red team penetration tests, and while she’s still relatively new in the infosec field, her journey so far has been one of growth and resilience. Fluent in English, German, and Russian, and with a solid understanding of Ukrainian, Dina brings a global perspective to cybersecurity, underscoring the importance of the human side of tech. She believes that it's the ability to connect and communicate that makes all the difference in this rapidly changing, tech-driven world.
Adam Doherty
Building on a 30-year journey in IT, I've spent the last 14 years diving deep into cybersecurity, with a passion for making industrial systems more secure. As a subject matter expert in OT and critical infrastructure security, I work with organizations across Canada and the United States to strengthen their security posture through assessments, workshops, and tabletop exercises. My work spans manufacturing, transportation, water, energy, healthcare, and finance sectors, where I focus on secure network architecture, embedded device security, and application development security. I'm a strong advocate for bringing zero-trust principles into OT environments, drawing from my experience as a process control specialist in oil and gas to bridge the gap between operations and security. CISSP and GICSP certified, I enjoy sharing insights at security conferences like CanSecWest, Atlantic Security Conference, and BSides Calgary
Doug Leece
Pre-y2k cyber security was just part of the "other duties as required" clause for any system administrator, the starting place for Doug Leece's cyber security adventure. These days cyber physical, cloud and application security pay the bills but Mr. Leece's desire to teach and support others already in or new to the industry remains a passion.
Eder Marques
Eder is a seasoned cybersecurity executive with a solid track record of success helping some of the world’s largest and most complex financial institutions to improve their cybersecurity posture.
He is currently the Director of Payments Security and High Value Assets of the Financial Crimes Unit, Cybersecurity at BMO Financial Group.
With over two decades of experience in three different continents, he served the United Nations and worked at leading consulting companies (e.g. PwC, EY) as a subject matter expert in cybersecurity, emerging tech risk and IT regulatory compliance with solid experience with several regulators across the globe.
Eder has an extensive technical background, currently holding over 20 certifications and also serving at industry organizations.
https://www.linkedin.com/in/eder-marques/
Elysee Franchuk
Elysee Franchuk is a cybersecurity consultant with a passion for understanding and breaking apart complex systems. With a background in programming, penetration testing, and IT security, he specializes in identifying vulnerabilities and developing innovative attack techniques. His expertise spans between offensive and defensive security, with hands-on experience in web and network penetration testing, vulnerability assessments, and corporate threat defence.
Faizah Kolapo
I am an IT Risk and Compliance Analyst at Bow Valley College with a background in Governance, Risk, and Compliance (GRC). I specialize in third-party risk management, regulatory compliance, and business continuity planning. My experience includes assessing vendor risks, implementing structured risk-based approaches for third-party risk management, and streamlining security processes. Currently, I am enhancing the college’s TPRM program by developing a more efficient approach to vendor assessments, ensuring a more targeted and effective evaluation process. Committed to refining risk governance practices and fostering a proactive security culture.
George Nazarey
George is a 2000 graduate from Youngstown State University with a Bachelor of Science in computer science. He started in the information technology field in 1995 while working at a local Internet service provider and has been specializing in computer security for the past 20+ years.
After graduating, he has supported a customer base covering the US Government, US Department of Defense, Intel Community, Enterprise, and small to medium size business in the security sector. This has given him a very diverse view of security and the ability to customize a solution that fits the organization. He has worked for various companies ranging from small startups to fortune 100 including IronPort, Cisco Systems, FireEye and is currently a regional sales engineer for CrowdStrike covering Western Canada.
In his free time, George likes to give back to the open-source community with projects like NTP Pool, weather underground, varies coding projects, cooking, beer making, mentoring FIRST Alberta robotic FTC - CAI team, mentoring up and coming security experts and co-hosting on Insight Into Security podcast.
Geoff Green
As a passionate advocate for digital privacy, I have dedicated my career to advancing mobile privacy and security. A self-taught full-stack developer, systems architect, and encryption expert, I co-founded Myntex, a company focused on creating innovative encrypted mobile solutions. My belief that technology should empower individuals, not control them, drives everything I do. Throughout my journey, I've faced both triumphs and setbacks, always approaching challenges with integrity, innovation, and a commitment to privacy.
Hank the Hacker Fordham
A celebrity hacker, mentor, and technology innovator, Hank Fordham is one of Canada’s foremost red team cybersecurity professionals. Having appeared on Dr. Phil, as well as in stories on VICE, NPR, and Inside Edition, Hank is an advocate for public cybersecurity education, as well as technologically progressive policies and businesses. In addition to cybersecurity, Hank is also interested in Artificial Intelligence, Neurorobotics, Biohacking, Open-Source Fabrication, and more.
Mahmud Hasan
Mahmud Hasan is a seasoned IT professional with over a decade of experience in the industry, including more than six years specializing in cybersecurity. As a Senior Cyber Security Analyst at Cenovus Energy, he plays a critical role in safeguarding enterprise data, ensuring compliance, and mitigating cyber threats in an ever-evolving digital landscape.
Mahmud holds a Master of Science(MSc) degree in Electrical and Computer Engineering from the University of Calgary and has earned over 10 industry-recognized certifications, including CISSP (Certified Information Systems Security Professional), PCNSE (Palo Alto Networks Certified Network Security Engineer), CCNA ( Cisco Certified Network Associate) and AWS Certified Solutions Architect Associate. His expertise spans network security, cloud security, threat intelligence, threat hunting, vulnerability management, automation and incident response, making him a valuable contributor to the cybersecurity community.
Passionate about sharing knowledge, learning from peers and staying ahead of emerging threats, Mahmud actively engages in security research, mentorship, and industry events.
Chi Phong Huynh
Phong currently works as Managed Detection & Reponse at EY's Cyber Threat Management
team, In his current role, he primarily works on threat hunting, detection research for cloud
environment, Microsoft Sentinel, AWS and develop Jupyter notebooks to do support his daily
task including threat hunting, incident response and investigation in cloud and on-prem
environment.
Hyma Pandyaram
Hyma is a passionate cybersecurity leader dedicated to advancing Identity and Access Management (IAM) and building a strong, security-aware community. As the President of the ISC2 Alberta Chapter, she spearheads initiatives that drive security awareness, education, and professional development across Alberta. She has also served on the board of the WiCyS Western Canada Affiliate, supporting efforts to empower and advance women in cybersecurity. With over a decade of experience serving on nonprofit cybersecurity boards, she provides strategic guidance while actively mentoring and supporting professionals in the field.
A recipient of the prestigious (ISC)² Global Achievement Award in 2020, Hyma frequently speaks at cybersecurity conferences and panels, sharing insights on IAM, risk management, and the evolving security landscape. She stays at the forefront of emerging IAM technologies and explores AI-driven solutions to enhance security and streamline identity management.
Committed to giving back, Hyma continuously creates opportunities for learning, collaboration, and innovation within the cybersecurity community.
Ian Lin
Ian is an experienced penetration tester and red teamer with over 8 years of experience in the information security space, he brings a novel approach to organization's security challenges. As the Director of Research and Development, he oversees the development of Packetlabs' service offerings, innovation, and extending capabilities to match sophisticated threat groups that organizations struggle with. With years of proven experience as a high impact consultant, he has successfully led and executed advanced adversary emulation, vulnerability research, and red team operations, helping organizations enhance their defensive posture against real-world threats.
Joey Melo
Joey is a highly skilled penetration tester and security researcher, with expertise in web application security, vulnerability management, and reverse engineering. His experience is backed by industry-recognized certifications, including the OSCP and BSCP, along with extensive hands-on penetration testing engagements. An active competitor in Capture-the-Flag (CTF) competitions, Joey consistently hones his skills in offensive security and exploit development. Currently ranked among the top 500 worldwide on Hack The Box, he excels in solving real-world cybersecurity challenges in high-pressure environments. At Packetlabs, he holds the record for the fastest OSCE3 completion (just under 5 months), demonstrating his deep technical acumen and problem-solving abilities. As a high-impact consultant, Joey applies his advanced security expertise to help organizations strengthen their defenses against sophisticated threats.
Ionatan Waisgluss
Ionatan Waisgluss is a cybersecurity and OSINT specialist licensed as a Private Investigator in British Columbia, with credentials including CompTIA Security+, Certified Information Privacy Professional (CIPP/C), and Certified Cryptocurrency Investigator. He brings extensive hands-on experience across diverse cases such as insurance files, skip traces, class action lawsuits, fraud investigations, due diligence, cyber incident response, cyberstalking, and missing persons investigations. Ionatan is skilled in digital footprinting, business intelligence, risk assessment, and high-stakes investigations of many flavours. His subject experience is complemented by his expertise in seeking out, developing, and using a wide range of investigative tools and techniques.
Isaac Privett
Isaac Privett is a professional hacker, researcher, and security consultant with a passion for exploring unconventional attack vectors. With a background in cybersecurity and ethical hacking, he specializes in penetration testing, red teaming, and uncovering novel security threats. His work often pushes the boundaries of traditional security models, delving into areas like ultrasonic data exfiltration, dark web threat intelligence, and side-channel attacks.
Isaac’s journey into cybersecurity started with a career shift, fueled by his curiosity and a knack for problem-solving. He honed his skills at SAIT, where he immersed himself in the field, achieving academic excellence while actively competing in security challenges and networking events. This dedication led to an internship at Packetlabs, where he now works as a full-time security professional, tackling complex security assessments across various industries.
Beyond his professional work, Isaac enjoys developing proof-of-concept attacks, writing about security, and contributing to the community through talks and research. His past presentations have covered topics such as covert data transmission using sound waves and real-world exploitation techniques. When he’s not hacking, he’s either writing science fiction, brewing beer, or coming up with new ways to break things—just to fix them again.
Jason Maynard
Jason has been architecting, designing, and deploying security technologies that secure the most complex computing environments for almost 2 decades. His understanding of operational and informational technologies, people, and processes enable him to deliver effective, comprehensive security solutions that align to an organization's security goals and strategic imperatives. Jason is adept at addressing a range of risk profiles across multiple industry verticals; skills he has cultivated as an end-user security practitioner, partner/integrator, and now manufacturer as the FIELD CTO, focused on Cybersecurity for Cisco Systems. Jason is also active in the direct community speaking at BC Aware, Vancouver International Privacy and Security Conference, Cisco Live achieving distinguished speaker, and has delivered multiple sessions at BSides. Jason also holds over 75+ designations across a variety of products and technologies including the CCIE designation.
Noris Buriac
Noris Buriac is an AI engineer at Thinkrr.ai, a company focused on plug-and-play voice AI solutions. With a strong background in AI-driven voice experiences, team development, and cybersecurity culture, Noris specializes in bridging the gap between technology and people. Passionate about mentorship and security awareness, they help teams navigate the intersection of AI, automation, and human decision-making. In addition to their work in AI, Noris is also a meditation instructor previously partnered with UNESCO, having spread meditation worldwide, including with UNICEF in the Middle East and North Africa at refugee camps. Their unique blend of technical expertise and self-development practice allows them to approach leadership and team development from a holistic perspective, fostering resilience and growth in IT and security professionals.
Jia Hu
Jia Hu is a graduate from the University of Alberta Master of Science in Internetworking (MINT) program. She worked as a Graduate Teaching Assistant in the program's Advanced Network Security course and did her graduate research on techniques to bypass Endpoint Detection and Response (EDR) technologies.
Her interests include Network Security, Penetration Testing, Purple Teaming and Capture the Flags. She has a mindset focused on creatively overcoming limitations that has served her well in her short time in the cybersecurity field.
Jia is also a WiCyS member and a recipient of the annual SANS Security Training Scholarship. Jia holds certifications such as PNPT, PJPT and CompTIA Security+.
Josh Sokol
Josh Sokol is the founder of SimpleRisk, an open-source Governance, Risk, and Compliance (GRC) platform used by organizations worldwide to streamline their risk management processes. With over 15 years of experience in information security and risk management, Josh is a passionate advocate for empowering businesses to make informed, strategic decisions through effective risk management practices. A dynamic and engaging speaker, Josh has presented at numerous industry conferences, sharing actionable insights on building security programs, managing organizational risk, and driving compliance. His innovative approach and dedication to the field have made him a recognized leader in the GRC space.
Kyle McKay
For the past 15 years, Kyle has dedicated his career to securing enterprises from cyber security threats. During Kyle's first seven years of work, he spent time on the operational front lines—managing large-scale infrastructures and actively defending against advanced cyber threats. From there, he transitioned into a pre-sales consulting role, where for the last eight years, he has been helping global organizations adopt innovative cybersecurity solutions and controls. This blend of hands-on technical expertise and customer-focused consultation has equipped Kyle with a holistic view of both the challenges enterprises face and the strategies that truly work.
Lars Stevenson
A twenty year IT veteran interested in Cybersecurity and looking to talk on an interesting subjects which others might not know much about.
Logan Fetterly
Logan Fetterly is an Information Security Officer with the Government of Alberta supporting CyberAlberta, a provincial program to raise Alberta to a world leader in cybersecurity. Here he applies skills in full-stack development, cybersecurity and project management to deliver safe and trustworthy cybersecurity for Albertans. Logan holds a Bachelor of Science in Computer Science from MacEwan University and a Master of Science in Cybersecurity from St. Bonaventure University, where he learned standards, policies, tools, and strategies to protect data and systems from cyber threats.
Logan also regularly engages with students in post-secondary Computer Science programs at the University of Alberta, NAIT and MacEwan University where he shares his personal experiences and advice for excelling in the field of IT.
Liliya Gerov
An accomplished business professional with over 15 years of experience in Human Resources, Technology & Information Services, Education and Marketing, complimented by a graduate degree in business (MBA), Prosci Change Management Certification and CISSP. in 2022 Liliya sought a new and exciting challenge and pivoted career from HR to Cybersecurity. The journey has been challenging yet rewarding.
Lisa Zhao
Lisa is a Certified Information Security Manager through ISACA. She is the Communications Director for the ISACA Calgary Chapter. She is a member on the board for CSA Z246.1: Security Management for Petroleum and Natural Gas Industry Systems. She is in the working group for CSA Z246.1, amending clauses on Cybersecurity and Information Management. Her leadership role in multiple boards across North America provides her an active and engaged perspective in the Security Governance, Risk and Compliance space.
Lisa is currently a Systems and Business Advisor. Her specialization is in developing, ensuring compliance, and auditing Security Programs. Her implementation of Integrated Planning and connecting the Management Systems are central to her approach. It ensures that Security Programs are not only effective in managing assets but also adept at addressing threats, vulnerabilities, and risks. Lisa's skills and insights make her an invaluable asset in the realm of Security Program development and continual improvement, where her contributions have significant impacts on how clients create compliant systems that work for their organization.
Lisa’s educational background includes a master’s in electrical engineering with a thesis focusing on self-driving vehicle security using Physical Security within the Wireless Communications domain. Her bachelor's is in Electrical Engineering. She is a member of APEGA, the certifying board for engineers in Alberta.
Lovington Dela Cruz
Lovington Dela Cruz brings over 25 years of combined experience in cybersecurity, industrial automation, process control, and instrumentation. Passionate about helping asset owners protect cyber-physical assets from cyber attacks, he focuses on enhancing safety, resilience, and performance. As the Global InfoSec Director at Arcadis, Lovington leads the development and implementation of ICS/SCADA security programs for asset owners across various sectors, including oil and gas, building infrastructure, water and wastewater, and transportation.
Lovington is a Professional Engineer, Global Industrial Cybersecurity Professional (GICSP), Functional Safety Engineer, and Project Management Professional (PMP). As an ISASecure voting member, he helps the asset owners, service providers and suppliers in providing the highest level of assurance for the cybersecurity of industrial automation control systems (IACS). He is also an active member of ISA99 Industrial Automation and Control Systems Security and IEC/TC 65 Industrial Process Measurement, Control, and Automation, the owner of the ISA/IEC 62443 series of standards. With extensive experience engaging with diverse global stakeholders, Lovington provides subject matter expertise on both local and international projects.
Lubos Kuzma
Lubos is the founder of Blue Warden Consulting Ltd., a consulting business focusing on the human element of cybersecurity - education, governance and compliance - within the SMB space in Alberta. His most recent experience includes over five years of teaching at a Canadian post-secondary institution, including cybersecurity topics such as Social Engineering and security of Internet of Things. Lubos has received a Master of Education degree from University of Calgary, specializing in adult learning, and continues to approach cybersecurity through educational lens.
Manuel Alfredo Liriano Rosario
I am Manuel Alfredo Liriano Rosario, a Master of Information Systems Assurance Management (MISAM) candidate at Concordia University of Edmonton, originally from the Dominican Republic. My background blends operational security experience with a growing focus on information systems governance. Currently, I am enhancing my expertise in IT governance, risk management, and compliance (GRC), particularly within cybersecurity frameworks, IT audit, and risk assessment. I am also pursuing Google's Cybersecurity Certificate, complementing my MISAM studies with practical, hands-on skills in areas like network security, incident response, and threat detection.
Prior to my academic pursuits, I gained valuable experience in security and operations management. As Caribbean Area Security Manager for The Church of Jesus Christ of Latter-day Saints, I mitigated security risks, conducted geopolitical risk analysis, and designed security training programs. I am passionate about research, regulatory compliance, and contributing to the field of cybersecurity.
Mohsin@Mimic Sohail
A hands-On Servant leader with 18+ years of track record working at Technology start-ups ( Series B and C ) and scaling them up to achieve 100M+ Revenue and then also working in Large organization to grow Revenue ($100M to $250M). Grown teams across North America from a handful to 30+ high potential individuals and leaders. Proficiencies across Sales, Engineering, Architecture, Professional Services and Customer Success.
Technically speaking, can roll up the sleeves and work with engineers in various Agile platforms(CI/CD - Gitlab, Kubernetes, Terraform), Programming languages ( C/C++, Python ), Cloud platforms (GCP and AWS), Hypervisors (VMWare and KVM), Networking ( Service Provider and Datacenter Architectures) and Cybersecurity (a Certified CISSP). Most recently his focus has been on using Machine learning ( Supervised and Unsupervised ) approaches to detect malicious behaviour across an organizations digital stack.
Strategically - can present to C-Level, E-Level(EVPs) and Customers with crisp and clear Communications on a variety of topics including Budgets (Capex and Opex), Customer success KPIs, Sales tactics , Risk(GRC, Threat Modeling and Proactive Security) and Architecture roadmaps(aligned to SABSA, NIST CSF and NIST SP-800). His experience spans across the North American Financial sector ( Top 10 ) Service Providers ( Top 8 ) and Federal/State Level Sectors.
Kai Iyer
Security Engineer at Amazon's Enterprise Protection Program and a GIAC Certified Security Professional with expertise in web application development, DevSecOps, applied machine learning, threat hunting, purple teaming, and incident response. Passionate about leveraging advanced technologies to tackle complex cybersecurity challenges, with a proven track record of delivering innovative solutions. Actively contributes to the community through conference talks and open-source projects, inspiring collaboration and knowledge sharing in the field.
0wen
A cybersecurity professional who specializes in offensive security.
Pedro Kertzman
Pedro is an accomplished professional with over 15 years of expertise in technology and cybersecurity. Currently a Senior Solutions Architect at ESET, he specializes in designing and delivering robust security solutions tailored to the specific needs of clients across diverse industries. When he is not working in his Cyber Lab, Pedro enjoys spending quality time with his children, building in his LEGO City, or recording episodes for his Cyber Threat Intelligence Podcast.
Penny Longman
Penny is a security leader with experience in mining, manufacturing, environmental sciences, data analytics, consulting, academia and healthcare. She has a broad technical and business background and brings that unique perspective to her work. Penny is passionate about generating real organisational change around cyber security and safety, and focuses on moving people forward into new ways of interacting securely with technology.
Quinn Kramer
Since the Y2K era, Quinn Kramer has built a diverse career in IT, holding roles such as Helpdesk, Service Desk, Network Administrator, SysAdmin, Security Admin, Security Specialist, QSA, and Security Analyst. He has witnessed the evolution of technology firsthand, from Novell and Windows 3.11 to the rise of cloud computing and AI. With a wealth of knowledge and practical insight, he has spent the last 10 years specializing in cybersecurity, helping organizations navigate the challenges that arise.
Rafal Los
25+ year veteran of cyber security, Founder/host of Down the Security Rabbithole Podcast. Professional, speaker, writer, tinkerer, pundit and what-not.
Rob Sealock
Cyber professional of over 25 years with experience in IT/OT. Highlights: being one of the first dozen worldwide Rapid Response Engineers for Microsoft, SAIT adjunct instructor, and CAF Singles Officer.
Romain Dumont
Romain Dumont is a malware researcher working for ESET. His work involves deep malware analysis and threat hunting with a current focus on the APAC region. He is passionate about reverse engineering and has previously worked on obfuscation, Windows kernel components, vulnerability assessment, game cheats, and malware from all kinds of platforms.
Aarti Gadhia
Aarti Gadhia is a changemaker and has dedicated her entire career to breaking down barriers and boundaries to achieve equality for underrepresented groups in STEM and in leadership. She was honored for her contribution to the cybersecurity community by being named as one of the Top 20 Women in Cyber Security in Canada. Aarti founded Standout To Lead to empower women in cybersecurity to join boards and SHE (Sharing Her Empowerment), a resource group with a mission to be a collective voice and accelerate change within the organization.
She currently works at Sysdig and brings 25 years of sales and leadership experience. She has worked at cybersecurity organizations such as Sophos, Trend, VMWare Carbon Black, Bugcrowd, Tines and Microsoft. Aarti actively participates in the cyber security community as a speaker, a mentor and a judge for provincial scholarships. She servers on boards and volunteers her time with WiCyS Western Canada Affiliate, ISACA and OWASP Vancouver, Vigitrust Global advisory board and ObserveID.
Aarti is one of the authors of the book "The Rise of the Cyber Women: Volume Two" and was quoted in Canadian Security Magazine as she shared her views on the importance of soft skills to break down barriers in traditional hiring. She is excited to share her involvement as the Sponsorship Chair for the first global herstory in the making “The Women In Security Documentary”.
Due to her international background, she loves to travel and learn different cultures. Her tagline: “Be Authentic, Be Yourself.”
Saif Azwar
Saif Azwar is a cybersecurity consultant with over 20 years of experience in the field. His multiple qualifications, including CISSP, CCSP, CISM, CISA, CRISC, and CEH, demonstrate his dedication to staying current with cybersecurity challenges and regulatory demands.
Throughout his career, Saif has built solid partnerships and provided tailored security advisory services to meet the unique needs of various organizations. He has helped over 100 organizations protect their critical assets and sensitive information, ensuring business continuity, safeguarding reputations, and maintaining regulatory compliance.
Scott Taylor
Scott is a manager on CrowdStrike's professional services Red Team. Based out of Calgary, Alberta, Canada. Scott leads teams to deliver numerous service offerings including: Social Engineering, Adversary Emulations, Internal Red Team Exercises and penetration testing. In addition to the offensive security space, Scott has 20 years of experience in IT and Cyber Security, leading projects in OT/ICS, PCI compliance, risk and governance.
Sushil Madhukar
Sushil Madhukar is an accomplished and visionary cyber security leader and Chief Principal - Global Business of TechDemocracy, a leading Identity Security Services provider. As a recognized cyber security evangelist, Sushil draws upon his extensive background in defining strategies, implementing technologies, and building processes to drive the organization's cyber security roadmaps towards maturity. An insightful speaker, Sushil brings his wealth of knowledge and experiences to the audience. He has more than 2 decades of experience working in different business verticals and geography like USA, UK, Canada, and India. Sushil holds a master’s degree in business management and some leading certifications like CISA, CISM, CEH etc.
Deborah Turner-Chappell
As a Cyber Curious Senior Business Analyst (BA) with over 15 yrs of experience on large IT transformation initiatives, Deborah Turner-Chappell attended her first B-Sides conference in 2023 and within six months, she had obtained her CISSP certification and landed a role as a Cyber Security Business Analyst on one of the largest digital transformation programs in home and community care in Canada. She has been developing tactical approaches to integrating security & privacy needs into the projects from the discovery stage onward, along with teaching the application of security principles through the perspective of a Business Analyst, to the business leads and her fellow BAs, enabling them to also become cyber security and privacy allies!
Tim McCreight
Tim McCreight is a visionary leader in the global security industry, with over four decades of experience spanning physical and cybersecurity. As the CEO and Founder of TaleCraft Security, he is a passionate advocate for Enterprise Security Risk Management (ESRM) and has dedicated his career to empowering organizations to build resilient, business-aligned security programs.
A trailblazer in his field, Tim has held prominent leadership roles, including Vice President - Canada at Apollo Information Systems, National Director of Market Development and Strategic Advisory at CGI, and Managing Director of Enterprise Security for Canadian Pacific Railway. He has also served as Chief Security Officer (CSO) for The City of Calgary and Chief Information Security Officer (CISO) for the Government of Alberta, where he implemented transformative security strategies to align with business objectives.
Tim’s impact extends far beyond his executive roles. He served as the 2023 President of ASIS International, where he championed initiatives to advance the profession globally. As a columnist for Canadian Security Magazine and co-host of the podcast “Caffeinated Risk,” Tim shares thought leadership on ESRM and critical security trends, inspiring professionals worldwide.
An accomplished speaker and educator, Tim has delivered keynote addresses at prestigious conferences, providing insights on topics such as risk-based security, resilience strategies, and the convergence of physical and cybersecurity programs. His expertise in bridging complex security concepts with actionable business strategies has earned him recognition as one of the foremost thought leaders in his domain.
Tas Tondang
Tas has spent the last five years immersed in the worlds of threat hunting, detection engineering, and security research. Currently, he's making waves at Microsoft, specializing in cloud security research. Beyond his professional endeavors, Tas is a passionate contributor to the cybersecurity community, holding roles in the DFIR report and Curated Intelligence.
Vivek Ponnada
Vivek Ponnada is an OT Security practitioner with global experience and currently works at Frenos as SVP of Growth & Strategy. Having started his career in ICS as an Instrumentation Technician, Vivek became a Controls Engineer and commissioned Gas Turbine Controls systems in Europe, Middle-East, Africa and South-East Asia. Post MBA, Vivek held multiple roles including Sales, Marketing & Business Development and Services covering Control systems & Cybersecurity solutions for Critical Infrastructure industries (Power, Oil & Gas, Water, Mining etc.) at GE and XenonCyber Dynamics and Nozomi Networks. He is the co-lead for the Top 20 Secure PLC Coding Practices Project and his recent talks/contributions include DefCon ICS Village, ICS Cybersecurity Conference (Security Week), Industrial Security Conference in Copenhagen, several BSides and others. Vivek has a C.Eng from I.E. India, MBA from The University of Texas at Austin and GICSP certification from GIAC. He’s is also a CS2AI fellow, member of ISA, ISACA and the Public Safety Canada ICS Security Symposium Advisory Committee.
Darren Mayes
Incident Responder and People Manager with a passion for tackling systemic identity compromises and ransomware threats impacting Entra ID. Specialises in crafting and distributing robust incident response plans, developing Microsoft Graph PowerShell scripts, and implementing proven strategies to mitigate risks and enhance organisational resilience.