The 3rd Annual Toronto Official Cybersecurity Summit is the must-attend event for CISOs and senior leaders looking to strengthen resilience, reduce risk, and align security with business goals. Join top executives, innovators, and experts for a full day of actionable insights, cutting-edge solutions, and high-impact networking. Experience interactive panels, exclusive solution showcases, and strategic discussions that go beyond theory to deliver real-world results, all complemented by a catered breakfast, networking lunch, and closing cocktail reception.

Key Issues Covered at The Official Cybersecurity Summit

AI, Automation, and Emerging-Tech Risk (and Opportunity)

As artificial intelligence, automation, and new digital technologies accelerate across every industry, cybersecurity leaders face both unprecedented risk and powerful opportunity. The summit will explore how Cybersecurity leaders and their teams can harness emerging technologies to strengthen resilience, streamline operations, and stay ahead of adversaries who are equally quick to innovate. Attendees will gain insight into real-world applications of AI for threat detection, incident response, and decision intelligence, while learning how to identify and mitigate the new classes of vulnerabilities these tools introduce.

From generative AI and large language models to autonomous security systems and deepfake detection, these discussions will separate hype from reality. Experts will share practical frameworks for governing AI responsibly, managing data integrity, and aligning innovation with enterprise risk management. The conversations will help cybersecurity executives navigate the complex balance between embracing emerging technology for competitive advantage and ensuring it doesn’t become their next threat vector.

Key Takeaways:
• Learn how AI and automation are transforming threat detection, incident response, and security operations in measurable ways.
• Practical strategies for managing and mitigating new risks created by emerging technologies like generative AI and autonomous systems.
• Frameworks for responsible AI governance, including data integrity, transparency, and regulatory alignment.
• Real-world examples of organizations balancing innovation with security and risk management priorities.
• Actionable insights cybersecurity leaders can take back to their teams to prepare for the next wave of AI-driven threats and opportunities.

Supply Chain, Third-Party Ecosystem, and Identity Attack Surface

As organizations expand their digital ecosystems, the lines between internal and external risk are rapidly disappearing. Today’s threat actors know that the fastest way into a network isn’t always through the front door. From compromised vendors and cloud integrations to weak identity controls, attackers are exploiting every link in the chain. The summit brings cybersecurity leaders together to unpack how supply chain vulnerabilities, third-party dependencies, and identity-based risks are converging to create a complex and often underestimated attack surface.

Cybersecurity executives will explore real-world examples of cascading breaches, lessons learned from managing large vendor ecosystems, and emerging frameworks for continuous third-party risk monitoring. The discussions highlight strategies for mapping hidden connections, enforcing stronger identity governance, and building resilience through transparency and collaboration. Attendees will walk away with practical insights for reducing exposure and strengthening trust across every part of their digital supply chain.

Key Takeaways:
• Understand how interconnected supply chains and third-party vendors expand your organization’s attack surface.
• Learn proven methods to assess, monitor, and mitigate risks across your extended digital ecosystem.
• Explore best practices for managing identity as the new security perimeter, including zero trust and access governance strategies.
• Gain insights from real-world breach scenarios that reveal common breakdowns in vendor and identity controls.
• Leave with an actionable framework to improve third-party risk visibility, strengthen resilience, and build more secure partnerships.

Resilience, Risk, and Results: Aligning Security with Business Outcomes

In today’s threat landscape, resilience is more than just recovery - it’s readiness, adaptability, and alignment with the business mission. The summit explores how forward-thinking cybersecurity executives are quantifying cyber risk to drive smarter investments and communicate value in business terms. By translating technical controls into measurable business impact, cybersecurity leaders are helping their organizations make data-driven decisions that balance protection with performance.

Join top executives and thought leaders for in-depth discussions on the frameworks, metrics, and real-world practices shaping the next generation of cyber resilience. From risk quantification models to boardroom-ready reporting, this conversation will reveal how leading security teams are reframing cybersecurity as a strategic business enabler - bridging the gap between risk reduction and results.

Key Takeaways:
• Learn how to translate cybersecurity metrics into meaningful business outcomes that resonate with executive leadership and the board.
• Explore practical approaches to cyber risk quantification that help prioritize investments and justify budget decisions.
• Understand how resilience strategies can align with overall business continuity and growth objectives.
• Gain insights from leading CISOs on how they communicate security value across the organization to drive engagement and accountability.
• Discover frameworks and tools that connect operational security performance with measurable business impact.

Top 6 Reasons to Attend the Cybersecurity Summit

1
Learn

Learn from renowned experts from around the globe on how to protect & defend your business from cyber attacks during interactive panels & fast track discussions.

2
Evaluate Demonstrations

Evaluate and see demonstrations from dozens of cutting-edge cybersecurity solution providers that can best protect your enterprise from the latest threats.

3
Time, Travel & Money

Our mission is to bring the cyber summit to the decisionmakers in the nation’s top cities. Our events are limited to one day only and are produced within first-class hotels, not convention centers.

4
Engage, Network, Socialize & Share

Engage, network, socialize and share with hundreds of fellow business leaders, cybersecurity experts, C-Suite executives, and entrepreneurs. All attendees are pre-screened and approved in advance. On-site attendance is limited in order to maintain an intimate environment conducive to peer-to-peer interaction and learning.

5
CEUs / CPE Credits

By attending a full day at the Cybersecurity Summit, you will receive a certificate granting you Continuing Education Units (CEU) or Continuing Professional Education (CPE) credits. To earn these credits you must participate for the entire summit and confirm your attendance at the end of the day.

6
A Worthwhile Investment

By investing one day at the summit you may save your company millions of dollars, avoid stock devaluation, and potential litigation.

Questions

For any questions, please contact our
Registration Team.

Sponsor

To sponsor at an upcoming summit, please fill out the
Sponsor Form.

Admission to the Cybersecurity Summit is reserved exclusively for active cybersecurity, IT, Information security practitioners tasked with safeguarding their enterprises against cyber threats and managing cybersecurity solutions. All registrations are subject to review.
 
Students, interns, educators, individuals not currently employed in IT, and those in sales or marketing roles are not eligible to attend.
 
Additionally, if we are unable to verify your identity with the information you provided during registration, your attendance may be cancelled.
 
Please note these qualifications pertain to all attendees, including members of our partner organizations.

Agenda

The Official Cybersecurity Summit delivers high-impact sessions designed to help leaders strengthen resilience, protect critical infrastructure, and align security with business goals.

Attendees will gain actionable insights from expert panels, explore cutting-edge solutions, and connect directly with top industry innovators - making this a can’t-miss agenda for CISOs and security executives.

8:00-9:00
Networking Breakfast
9:00-9:15
Welcoming Remarks
9:15-9:45
Presentation with Robert Knoblauch, Chief Information Security Officer, Rein Security: We build this city on control, then cyber reality came along

Over the past decade, organizations have invested billions into cybersecurity programs built on frameworks, maturity models, and compliance benchmarks. Yet breaches continue to accelerate—not because we lack tools, but because we’ve optimized for control in an environment defined by chaos.

This presentation challenges a core assumption of modern security: that we can meaningfully “control” risk in complex, distributed, and adversarial systems. Drawing on real-world incidents, supply chain compromises, and AI-driven attack evolution, this session reframes cybersecurity as a discipline of continuous resilience rather than static control.

The audience will gain an appreciation for: Why compliance-driven security creates a false sense of safety.  How attackers exploit organizational complexity, not just technical flaws. The shift from prevention-first to impact-aware resilience engineering and tips from the field to validate program effectiveness.

Robert Knoblauch
Robert Knoblauch
Chief Information Security Officer
Rein Security
9:45-10:15
Presentation with Lina Dabit, Executive Director, Optiv Canada: Global Game, Global Target: Understanding and Defending against the Hybrid Threat Landscape of FIFA 2026

While events like FIFA and the Olympics bring together our global community in a celebration of sport and national pride, they also attract threat actors who target every aspect of the games. FIFA 2026 will be the first games to host forty-eight national teams across three countries and have the additional challenge of defending against an unprecedented hybrid landscape. This session will explore layered security considerations and how to coordinate our efforts to combat evolving threats.

Lina Dabit
Lina Dabit
Executive Director, office of the CISO
Optiv Canada
10:15-10:25
Innovation Spotlight - Trend AI: The Security for AI Blueprint: How to Hack-Proof Your AI Stack​

Are you prepared to defend your organization against the evolving threats of the AI era? In this must-attend session, we reveal an innovative cybersecurity approach designed specifically for protecting AI systems and large language models (LLMs).

Brian Hewgill
Brian Hewgill
Solutions Engineer
TrendAI
10:25-10:45
Horizon 3 AI Presentation: Proving Cyber Resilience: Measuring Outcomes, Not Effort

Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters.  What matters is whether they can prove their defenses actually work.  In this talk, Horizon3.ai shares how leading organizations are using autonomous pentesting to see their environment through the attacker’s eyes — continuously, safely, and at scale.

By shifting from assumptions to proof, they’ve learned to:

• Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk that are known to be abused by threat actors.

• Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.

• Reduce attacker dwell time. Use pentest results to precisely deploy honeyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.  

Cyber resilience isn’t about being perfect — it’s about getting better over time. And the only perspective that truly matters is the attacker’s.

Drew Gelinas
Drew Gelinas
Senior Sales Engineer
Horizon3.ai
10:45-11:15
Networking Break
11:15-11:45
Panel 1: AI and Emerging Tech at the 2026 Security Frontline

Abstract
AI and new digital technologies will continue to shift the cybersecurity landscape in 2026. This session explores how modern tools can enhance detection, response, and decision making while introducing new risks tied to generative systems, data integrity, and fast moving threat innovation. Leaders will gain a clear view of how to adopt emerging technology in a responsible and strategic way that supports resilience and aligns with enterprise risk goals.

Key Takeaways
• How AI and emerging tech are reshaping core security functions
• The new risks created by generative models and evolving attack techniques
• Practical governance steps that support responsible AI use
• Examples of organizations pairing innovation with disciplined risk management

J.D. Miller
J.D. Miller
SVP, Communities Event Programming
CyberRisk Alliance
Moderator
Jon Rohrich
Jon Rohrich
Cybersecurity Practice Lead/ ISC2 Chapter President
Avanade/ ISC2 Toronto Chapter
Isaac Ojeh
Isaac Ojeh
Senior Security Analyst
PayFacto
Rafael Ramirez
Rafael Ramirez
Ethical Hacker, Community Builder & Mentor of Digital Legacies
RafaRocks
An Nguyen
An Nguyen
Founder
Toronto IAM Community
11:45-11:55
Innovation Spotlight - Exabeam: Accelerated Security Operations: The Speed of AI, The Confidence of Human Control

A forward‑looking look at how security teams can harness AI agents at machine speed while keeping humans firmly in control — redefining SOC operations for the Agentic Enterprise.

Michael Harrington
Michael Harrington
Senior Security Engineer
Exabeam
11:55-12:25
Presentation with Raphael Adeyemo, Sr. Manager Tech and Cyber Risk, Manulife: From Skills Gap to Signal Gap: How Visibility, Trust, and Access Shape Cybersecurity Careers

Canada has roughly 25,000 unfilled cybersecurity roles, and for fifteen years our industry has answered with the same prescription: train more people!. In late 2025, ISC2 quietly retired the workforce-gap metric that shaped this response, because the data now tells a different story. The real constraint on cybersecurity careers is no longer supply. It is signal: the visibility, trust, and access that turn trained talent into deployed capability. And the infrastructure that builds signal at every stage of a career is mentorship and network. 
This keynote shows why mentorship and sponsorship have become the highest-leverage career moves in our field, and how professionals at every level, from students to CISOs, can extend their networks deliberately in a hybrid era where casual connections have quietly faded.
Attendees will leave with a clear model for diagnosing where careers actually stall, a working distinction between mentorship and sponsorship, and practical ways to build the kind of network that accelerates careers and helps close the workforce gap we have been unable to train its way out of.

Raphael Adeyemo
Raphael Adeyemo
Sr. Manager Tech and Cyber Risk
Manulife
12:25-1:25
Lunch
1:25-1:55
Panel 2: Securing the Extended Ecosystem: Supply Chains, Vendors, and Identities

Abstract:
As organizations expand their digital ecosystems, risks extend far beyond internal networks. Threat actors are increasingly exploiting supply chains, third-party vendors, and identity gaps to gain access. This session brings together cybersecurity leaders and solution providers to explore how these interwoven risks create a complex attack surface -and how technology can help mitigate them.

Panelists will share real-world examples, lessons from managing large vendor networks, and innovative tools and frameworks for continuous risk assessment. Discussions will highlight strategies for mapping hidden dependencies, enforcing strong identity governance, and strengthening resilience through automation, collaboration, and transparency. Attendees will gain actionable insights on reducing exposure, improving third-party risk visibility, and leveraging technology to secure their extended digital ecosystem.

Key Takeaways:
• Understand how supply chains, vendors, and identities amplify organizational risk.
• Explore practical methods and tools for assessing, monitoring, and mitigating third-party and ecosystem vulnerabilities.
• Learn how to treat identity as a security perimeter using zero trust, access governance, and automated solutions.
• Gain insights from real-world breaches that reveal common gaps in vendor and identity controls.
• Walk away with a technology-informed framework to enhance resilience, secure partnerships, and reduce exposure across your digital ecosystem.

J.D. Miller
J.D. Miller
SVP, Communities Event Programming
CyberRisk Alliance
Moderator
Yudy Cardona
Yudy Cardona
Cybersecurity Leader
Icon Consultants Canada Inc
Ron Soper
Ron Soper
Field CTO
Ping Identity
Jamon Camisso
Jamon Camisso
Senior Engineering Manager
Chainguard
1:55-2:05
Innovation Spotlight - BeyondTrust: Modern Approach to​ Identity Security​: Navigating the Shift to ​Privilege-Centric Identity Security​

As threats have evolved so too has the approach to Modern Identity Security. A Privilege-Centric approach must be adopted and considered with this evolution. Identity and user management for all accounts within an organization must mature to meet the demands of the cloud, nonhuman identities, Agentic AI and modern attack vectors. Your PAM strategy must now manage and mitigate not only traditional privileged access (root and admin) but also attacks against identities with a path to privileged access.  

These paths to privilege still remain one of the most valuable targets for cybercriminals because many organizations are defending their environments with fragmented or siloed security strategies and solutions. Security gaps and risks lie in endpoints, cloud environments, Saas Applications, third-party access and now Agentic AI and NHI which make the battleground even harder to defend.  

Identity Security builds on the foundation of defense-in-depth, coupling visibility with least privilege and Zero Trust while addressing critical risks with priority and exposing less-than critical risks for awareness.  Leverage a strategy that works, improves compliance, helps meet cyber insurance mandates, enhances security posture, while giving you the visibility needed to protect your environment.

Peter Boyes
Peter Boyes
Country Director, Solutions Engineering
BeyondTrust
2:05-2:30
Fireside chat with Isaac Ojeh, Senior Security Analyst, PayFacto: Beyond the Firewall: Why Giving Back Matters in Cybersecurity

Cybersecurity is more than protecting systems and data - it is also about strengthening communities, mentoring future leaders, and creating opportunities for others to succeed. Join cybersecurity leader and community advocate Isaac Ojeh in conversation with J.D. Miller, SVP at CyberRisk Alliance, for a fireside discussion on the importance of volunteering and giving back as a cybersecurity professional.

Drawing from Isaac’s extensive involvement in mentorship, education, outreach, and community leadership, the session will explore how giving back can shape careers, expand professional networks, and help address some of the industry’s biggest challenges, including workforce development and accessibility. Attendees will leave with practical ideas for getting involved and a deeper understanding of why community engagement has become an essential part of leadership in cybersecurity.

Isaac Ojeh
Isaac Ojeh
Senior Security Analyst
PayFacto
J.D. Miller
J.D. Miller
SVP, Communities Event Programming
CyberRisk Alliance
2:30-2:50
Presentation with Mina Movahedi, Cybersecurity Specialist, Bell : Strategic Autonomy: Redefining Leadership in the Era of AI Insiders

As we move into 2026, the cybersecurity landscape has shifted from managing "tools" to governing "entities." The rise of autonomous AI agents has introduced a profound Identity Crisis: these digital coworkers possess the agency to plan, execute, and collaborate, yet they often operate in a grey zone of accountability.

This challenge is compounded by the explosion of Shadow AI. Much like the "Shadow IT" of the past decade, employees are now deploying unsanctioned autonomous agents to bypass organizational friction. These "Ghost Insiders" operate outside traditional IAM visibility, creating a massive surface area for machine-speed breaches and lateral movement. When a Shadow AI agent misinterprets a goal or escalates its own privileges, it becomes an unmanaged Insider Threat that no traditional firewall can stop.

In this session, we will move beyond the technical stack to explore a new leadership doctrine required for the agentic era. We will dissect the mechanics of Non-Human Identity and the urgent need for a "Linguistic Firewall" to secure autonomous intent. Attendees will learn how to practice Strategic Override—the high-stakes art of knowing when to empower an autonomous system and exactly when to reclaim human command.

Leadership in 2026 is no longer about supervising human output; it is about governing delegated intent. Join us to learn the framework for leading a workforce that is increasingly autonomous, inherently risky, and often invisible.

Mina Movahedi Shakib
Mina Movahedi Shakib
Cyber Threat Investigator
Bell
2:50-3:20
Networking Break
3:20-3:50
Panel 3: The Power of Diversity in Cybersecurity: Building Smarter, Stronger Teams

Abstract:
Cybersecurity challenges are complex, and solving them requires teams with diverse perspectives, skills, and experiences. This panel explores how diversity drives better problem-solving, innovation, and threat detection in security organizations.

Panelists will share strategies for attracting and retaining talent from varied backgrounds, leveraging unique thinking styles, and applying different experiences to uncover blind spots in risk management. Attendees will gain actionable insights for building teams that are not only technically skilled but more adaptive, creative, and resilient in the face of evolving cyber threats.

Key Takeaways:

  • Understand how diversity strengthens problem-solving, innovation, and threat response.
  • Learn approaches to recruit and retain talent from non-traditional backgrounds.
  • Explore how different perspectives and thinking styles reveal hidden risks.
  • Gain strategies to create teams that are adaptable, collaborative, and resilient.
  • Walk away with practical ideas for integrating diversity into cybersecurity team design and strategy.
J.D. Miller
J.D. Miller
SVP, Communities Event Programming
CyberRisk Alliance
Moderator
Mina Movahedi Shakib
Mina Movahedi Shakib
Cyber Threat Investigator
Bell
Yudy Cardona
Yudy Cardona
Cybersecurity Leader
Icon Consultants Canada Inc
3:50-4:00
Innovation Spotlight - Teleport: No Identity, No Trust: Why Your AI Agents Need Cryptographic Credentials

As agentic AI moves from experiment to enterprise, organizations are granting autonomous workloads broad access through the same static API keys and shared service accounts used a decade ago — creating a fleet of high-autonomy systems with no verifiable identity, no audit trail, and no way to enforce least privilege. AI agents don't just run code; they call APIs, query databases, escalate privileges, and spawn sub-agents, making them first-class security principals that demand first-class identity controls. This session examines how cryptographic workload identity eliminates secret sprawl, enables short-lived credentials that expire before they can be weaponized, and creates a tamper-evident attribution chain across multi-agent workflows.

Steven Martin
Steven Martin
Senior Solutions Engineering Manager
Teleport
4:00-4:20
Closing Keynote Presentation with Jonathan Weekes, President, BOXX Insurance Inc.: From Cyber Risk to Cyber Resilience: Aligning Security and Insurance

In this closing keynote, Jonathan will detail how cyber insurance is a strategic and financial risk transfer that keeps businesses and operations resilient against today’s cyber threats. He’ll also detail how security programs and their teams can work together in partnership with insurers to decrease cyber and operational risks. 

Jonathan Weekes
Jonathan Weekes
President
BOXX Insurance
4:20-4:50
Networking Reception

Speakers

Our speakers bring unmatched expertise and real-world experience in cybersecurity, risk management, and business strategy. Through engaging keynotes, panels, and discussions, they deliver actionable insights and practical solutions that help CISOs and security leaders stay ahead of evolving threats.

Raphael Adeyemo
Raphael Adeyemo
Sr. Manager Tech and Cyber Risk
Manulife
Peter Boyes
Peter Boyes
Country Director, Solutions Engineering
BeyondTrust
Jamon Camisso
Jamon Camisso
Senior Engineering Manager
Chainguard
Yudy Cardona
Yudy Cardona
Cybersecurity Leader
Icon Consultants Canada Inc
Lina Dabit
Lina Dabit
Executive Director, office of the CISO
Optiv Canada
Drew Gelinas
Drew Gelinas
Senior Sales Engineer
Horizon3.ai
Michael Harrington
Michael Harrington
Senior Security Engineer
Exabeam
Brian Hewgill
Brian Hewgill
Solutions Engineer
TrendAI
Robert Knoblauch
Robert Knoblauch
Chief Information Security Officer
Rein Security
Steven Martin
Steven Martin
Senior Solutions Engineering Manager
Teleport
J.D. Miller
J.D. Miller
SVP, Communities Event Programming
CyberRisk Alliance
Mina Movahedi Shakib
Mina Movahedi Shakib
Cyber Threat Investigator
Bell
An Nguyen
An Nguyen
Founder
Toronto IAM Community
Isaac Ojeh
Isaac Ojeh
Senior Security Analyst
PayFacto
Rafael Ramirez
Rafael Ramirez
Ethical Hacker, Community Builder & Mentor of Digital Legacies
RafaRocks
Jon Rohrich
Jon Rohrich
Cybersecurity Practice Lead/ ISC2 Chapter President
Avanade/ ISC2 Toronto Chapter
Ron Soper
Ron Soper
Field CTO
Ping Identity
Jonathan Weekes
Jonathan Weekes
President
BOXX Insurance
To speak at an upcoming summit, please fill out the Speaker Request form. »

Sponsors

The Official Cybersecurity Summit connects innovative solution providers with the cybersecurity leaders who evaluate and influence purchasing decisions. With a dynamic exhibition hall and a packed agenda of interactive panels and engaging sessions, this event offers unmatched opportunities to showcase solutions and build meaningful connections.

To sponsor at an upcoming summit, please fill out the Sponsor form. »

Partners

The Cybersecurity Summit is proud to partner with some of the industry’s most respected organizations in technology, information security, and business leadership.

If your organization is interested in partnering with The Cybersecurity Summit, please fill out the Partnership Form »

Admission to the Cybersecurity Summit is reserved exclusively for active cybersecurity, IT, Information security practitioners tasked with safeguarding their enterprises against cyber threats and managing cybersecurity solutions. All registrations are subject to review.

Students, interns, educators, individuals not currently employed in IT, and those in sales or marketing roles are not eligible to attend.

Additionally, if we are unable to verify your identity with the information you provided during registration, your attendance may be cancelled.

Please note these qualifications pertain to all attendees, including members of our partner organizations.