Event Agenda

• What lessons can we learn from recent attacks?
• What should the first steps be from an incident response standpoint to ensure downtime is limited?
• How can we mitigate panic and stress during and after an attack? How can we best take care of our teams following an attack?
• What is the plan of action if facilities shut down and people cannot work? Do you have one?
.
– Moderator: Kush Gidda, Director, Cyber and IT Security, Ontario Power Generation
– Kevin Dreyer, I.T. Director & CISO, Maple Reinders Group
– Shawn McBurnie, Head of IT/OT Security and Compliance, Northland Power Inc.
– Manoj Tiwary, Chief Information Officer, Subaru Canada Inc
.

• Why traditional OT security models fall short in modern factories
• The growing risk of third-party and remote access in industrial environments
• Core principles of Zero Trust applied to OT and cyber-physical systems
• How to securely connect users, devices, and applications without exposing the network
• Practical strategies for implementing Zero Trust in brownfield and greenfield environments
.
– Hitesh Chhabra, Transformation Architect Americas, Zscaler
.

• How we built an effective human firewall and culture of security through our organisations
• How we have gone beyond simple awareness training to focus on the ‘individual’ when building our strategies
• How we have used training and education internally to shift our company’s mindset towards a security-oriented approach
• What we have done to communicate human-centric approaches throughout our organisations, ranging from low-level employees to C-level executives
• How we changed the mindset internally to not only encourage awareness, but to ensure a culture of security
.
– Gord Howells, VP IT, Sofina Foods
.

Regulatory expectations for cybersecurity and operational resilience are increasing across manufacturing environments. Manufacturers must strengthen OT security in ways that protect uptime, safety, and production without adding unnecessary complexity. This session shares practical lessons from 20 years of OT security compliance experience across regulated industrial sectors. In this session, you will learn how to:
.
• Apply proven OT security compliance practices to modern manufacturing environments
• Move from checkbox compliance to proactive, operationally-aligned security
• Use centralized visibility and near real‑time risk insights to protect distributed industrial assets
.
– Rick Kaun, Global Director Cyber Security Services Sales, Rockwell Automation
.

As manufacturing rapidly adopts AI for predictive maintenance, quality control, and process optimization, many AI tools are being deployed without proper security oversight. This “Shadow AI” introduces hidden connections to OT environments, creating new attack surfaces. This talk explores emerging risks, real-world scenarios, and governance strategies to secure AI-enabled manufacturing operations.
.
– Christian Moreira, BISO, McKesson
.

• What the current threat landscape looks like facing Canada, with reference to the biggest challenges faced in 2025
• The risks faced to our OT security due to geopolitical instability, such as through tariffs and how this is affecting Canadian organisations
• How we can best ensure our assets and supply chains are protected from dangers posed to our operations through management, collaboration and comprehensive strategies
• Where we can learn lessons from last year to build comprehensive strategies in 2026 and beyond
.
– Lambert Ditner, Manager, Emerging Technologies & AI, Canadian Centre for Cyber Security
– Jonathan Wismer, Manager, Critical Infrastructure Guidance, Government of Canada
.

As infrastructure converges, old approaches leave organizations exposed. Join us as we examine lessons learned from breaches like the April 2025 attack on the Lake Risevatnet dam in Norway. During this session, we’ll explore steps security leaders can take to bridge the OT-IT divide, prioritize cyber exposure based on business impact, and apply practical safeguards to secure legacy systems.
.
– Dino DiMarino, Chief Revenue Officer, Tenable
– Dan Hewitt, OT Cybersecurity Leader, Tenable
.

.
As IT and OT environments converge, Canadian manufacturers face compounding risks from expanding supply chains, AI-driven threats, and outdated security models. This session examines why supply chain risk has become one of the most disruptive operational exposures in the sector, and introduces an architecture-integrated approach to cyber resilience that aligns security requirements with business context from the design stage.
.
– Amyn Sarif, Field CISO, Sopra Steria
.

– James Roemele, Solutions Engineer, Acronis
– Hamid Adem, Cyber Protection Advisor, Acronis
.

• How should we best manage our teams through convergence to ensure security? How can we raise awareness of cyber security in OT environments?
• What does an effective governance strategy look like for our IT/OT Convergence? How can we overcome communication and cultural differences through such strategies?
• How can we get “yes’” from our Boards when building our strategies? How can cyber risk quantification help when selling our IT/OT strategies?
• How can we adjust our strategies to account for tariffs and other challenges that our organisations may face to build an all encompassing business strategy?
.
– Moderator: Moazzam Jafri, Sr. Manager Information Security, Confidential
– Christian Moreira, BISO, McKesson
– Ivan Sestak, Director Cyber Security Operations, Toronto Transit Commission (TTC)
– Christopher Rivers, Vice President of Information Technology/Information Systems, CEL Group of Companies
– Debbie Clarke, Factory Cyber Security Manager, Unilever
.

• How can we cut through the hype to pinpoint practical AI applications that genuinely strengthen OT security?
• What real-world examples demonstrate how AI can enhance our cyber security within OT environments?
• What threats does AI bring to our manufacturing environments? How can we look to overcome them?
• How should leaders approach AI adoption strategically over the coming years to ensure measurable impact? Can manufacturing afford to leverage AI in processes while keeping security paramount?
• Is AI just the first step of new innovations? Will Quantum Computing, Cryptography and other new technologies bring more than AI when discussing new innovations?
.
– Moderator: Goran Novkovic, Director of Industrial Cyber Security, Toronto Transit Commission (TTC)
– Amogh Bhosle, Global Lead OT & Cyber Security, Sanofi
– Philippe Lafontaine, Head of Cybersecurity, IPEX
– Priscilla Kosseim, CISO & CPO, Groupe Robert
– Steve McNamara, VP OT Security GTM, Zscaler
.

AI is playing a massive role in contributing to new cyber-attacks with rogue actors utilising AI quicker than we are to protect our cyber security systems. This session will discuss:
.
• How we can best overcome new AI threats in light of an expanding threat landscape with attackers increasingly utilising AI for their attacks
• Provide a deep-dive into how we can adapt technically to these new threats brought by AI
• Explore how we can build a comprehensive strategy that defences our OT infrastructure against AI-based threats
• Provide an extensive roadmap of how we can build effective cyber defences that take into account the evolving nature of AI
.
Goran Novkovic, Director of Industrial Cyber Security, Toronto Transit Commission (TTC)
.

• What we have done to optimise our OT SOC
• How we built a SOC that provides overview of all parts of our infrastructure, to support effective management of assets and tools to keep us safe moving forward
• How new innovations and technologies have helped support us in our implementation of a SOC through our manufacturing environments
• How we defined and tracked OT SOC KPIs (MTTD, MTTR, unplanned downtime, safety impact) to justify investment
.
– Ivan Sestak, Director Cyber Security Operations, Toronto Transit Commission (TTC)
.

• How we made IAM work in our OT environments
• How we developed our IAM architecture to effectively fit our OT strategies
• Why it was important for us to establish roles and responsibilities in our IAM strategies
• How we ensured effective deployment and delivery of IAM in our organisation
• Why we put collaboration at the forefront for our strategies for Identity Access Management in OT environments
.
– Leonardo Ovidio, Global Director, Cybersecurity and Risk Management, Brookfield Renewable
.

Insights and lessons learned from the front lines in securing critical digital systems through design in Canadian infrastructure projects.
.
– Ahmed Ali Khan, Consulting Services Lead – Industrial OT Cybersecurity, WSP
.

• How we identified and prioritised vulnerabilities across complex OT environments to build an effective roadmap for OT vulnerability management
• How moving from static asset inventories to dynamic, real-time visibility helped us
• The importance of integrating IT and OT perspectives to create a unified risk picture
• How we can overcome challenges with our legacy systems, vendor patching, and resource constraints and where we can utilise automation and threat intelligence to strengthen our OT vulnerability management
.
– Shawn McBurnie, Head of IT/OT Security and Compliance, Northland Power Inc.

.
• Should manufacturing organisations seek to follow Bill C-8 compliance structures? Or should they look beyond this to European regulations such as NIS2?
• For multinational organisations operating in Canada, how can we best stay compliant to provincial, federal and external regulations?
• Do we need regulations? Or is it better to adopt our own frameworks to secure our OT such as NIST 2.0, Zero-Trust, Purdue Models etc?
• Do regulations ensure security? Or does it create a false perception of safety?
• Does Canada need its own NIS2 which applies for manufacturing organisations?
.
– Moderator: Dr. Shri Kulkarni, Advisor – Critical Infrastructure Security — US Defence, Confidential
– Jeffrey De Sarno,, Director, IT & Cyber Security, Sphere Manufacturing Group
– Ernest Eustace, Head of Cyber Defense, Operations, and Delivery, Greater Toronto Airports Authority
– Leonardo Ovidio, Global Director, Cybersecurity and Risk Management, Brookfield Renewable
– Jean-François Boucher, IT Director, CVTech-IBC inc

• What are the most significant threats we face today? How will these threats evolve to present new challenges for the future of cyber security in Canada
• How can we best manage and monitor our IIoT device inventories across our production lines?
• What tools can we implement to secure our device-to-device and device-to-cloud communications (protocols, encryption, authentication)?
• How can we best harden IIoT endpoints through configuration, access restrictions, and secure firmware updates to secure our smart manufacturing?
• What tools are necessary to secure the future of OT Security?
.
– Moderator: Manoj Tiwary, Chief Information Officer, Subaru Canada Inc
– Abu Thomas, IT Director, Contract Pharmaceuticals Limited
– Razi Farooqui, Cybersecurity Lead, Confidential
– Inamullah Siddiqui, Cyber Security Lead, Confidential
.

.
T1.Developing Cyber Strategies Which Ensure ROI for our Boards
– Christian Moreira, BISO, McKesson
.
T2. Embedding Zero Trust Through Our Manufacturing Operations
– Ivan Sestak, Director Cyber Security Operations, Toronto Transit Commission (TTC)
.
T3. Building Effective OT Security Strategies While Utilising the Cloud
– Jeffrey De Sarno, Director, IT & Cyber Security, Sphere Manufacturing Group
.
T4. Ensuring Data Security Through an Expanding Threat Landscape
– Moazzam Jafri, Sr. Manager Information Security, Confidential

• Why is collaboration important for our cyber security?
• How can public-private partnerships, information sharing platforms, and threat intelligence sharing initiatives specific to critical national infrastructure protection help inform our cyber strategies?
• How can we establish trust, overcome legal and regulatory challenges, and foster an environment of cooperation among government agencies, industry sectors, and cyber security experts?
• How can collective efforts between organisations lead to a stronger OT security posture through both our organisations and society?
.
– Moderator: Kevin Dreyer, VP, Global Operations & CISO, Rakuten Kobo Inc
.