Cybersecurity & Privacy Governance: The Role of the Board and Governance Professionals

This session explores the essential links between cybersecurity, privacy and  corporate governance. Governance professionals have the opportunity to assess the risks and links with performance and discuss what boards should do when a breach occurs, what incident response capabilities are there. This session will also explore theoretical and approaches to cyber threat management, as well as privacy breaches.

Agenda 

Morning Session

Game of Threats Simulation - (Note: this session will not be available for webcast participants)

• Participating in a cybersecurity incident response interactive role-play
•  Understanding the cybersecurity mandate for boards
•  Defining and outlining your defense and an in-depth governance strategy
• Developing key cybersecurity questions for directors
  

Cyber Brief

• Industry Trends of interest to boards
•  The TSX security program journey and risk management ecosystem
• Crucial Lines of Defence
• Sample Reporting Topics for the Board
  

20 Questions Segment

• Interactive discussion for governance professionals
• Preparation for cybersecurity discussions
• How to discuss and engage cybersecurity with the board
  

Afternoon program

• Privacy regulatory environment and landscape
• Discussion of the role and mandate of the board in terms of privacy
• Overview of opportunities and what leaders are doing around data and still building trust
• RoundTable discussion/case study/interactive Q&A
• Insurance Protection session, highlighting key risks, mergers and acquisitions and cyber insurance policies

Speakers:

Ann Cavoukian
Founder and CEO, Global Privacy & Security by Design
Former Ontario, Privacy Commissioner

Dr. Ann Cavoukian is recognized as one of the world’s leading privacy experts. She is currently the Executive Director of the Global Privacy & Security by Design Centre and is also a Senior Fellow of the Ted Rogers Leadership Centre at Ryerson University.  Until June 2019, Dr. Cavoukian was the Distinguished Expert-in-Residence, leading the Privacy by Design Centre of Excellence at Ryerson University.  Appointed as the Information and Privacy Commissioner of Ontario, Canada in 1997, Dr. Cavoukian served an unprecedented three terms as Commissioner.  There she created Privacy by Design, a framework that seeks to proactively embed privacy into the design specifications of information technologies, networked infrastructure and business practices, thereby achieving the strongest protection possible. In October 2010, regulators at the International Conference of Data Protection Authorities and Privacy Commissioners unanimously passed a Resolution recognizing Privacy by Design as an essential component of fundamental privacy protection.  This was followed by the U.S. Federal Trade Commission’s inclusion of Privacy by Design as one of three recommended practices for protecting online privacy – a major validation of its significance. Since then, Privacy by Design has been translated into 39 languages, giving it a true global presence.


Richard Wilson, CISSP
Partner, Cybersecurity & Privacy, and Independent Director

Richard is a partner in PwC's Cybersecurity & Privacy Consulting practice. He helps boards and management teams understand and strategically defend against the rapidly evolving cybersecurity threats today. His unique board cybersecurity framework equips directors and management teams to have the right dialogue about cyber strategies, resources, processes, systems, and services.

Currently, Richard serves as a director on the board for the Independent Electricity System Operator, which balances supply and demand in the Ontario power sector, and its adjoining power jurisdictions in Canada and the US. 
Richard has 27 years of professional services experience, including 15 years in a CEO or COO role for publically traded and private companies.  He has more than 14 years of experience advising boards and C-Suites on governance, strategy, organizational planning, risk, and risk response.

Richard has been published in Compliance Week, Canadian Business, and the Globe & Mail and is a keynote speaker on the cybersecurity & risk in Canada, the US, and Mexico. He is Chair of PwC’s Risk Forum, and is a past board member of CPA Canada's Corporate Oversight & Governance Board


Jordan Prokopy
Partner, PwC Canada

Jordan is a Partner for PwC Canada and leads the National Privacy Practice. She has a passion for helping companies unlock data value and innovation while inspiring the customer trust and confidence needed to enable it.
For nearly 15 years, Jordan has developed, assessed and executed privacy and responsible data use programs - from ownership, strategy, and governance to decision-making, processes and culture. She has conducted hundreds of privacy and responsible data use assessments and helped organizations understand their privacy and responsible data use obligations. She is consistently viewed by her clients as an effective integrator between the business teams looking to innovate with data and the data protection teams looking to protect it.

Before PwC, Jordan led the Information Protection program for Target Canada. This included managing data protection and CASL programs, defining and executing program strategy and management, and partnering across the business to embed a strong data protection culture and drive better data use decisions to enable data-driven initiatives and strategic business priorities.
Jordan is a dynamic and energetic speaker presenting and publishing on several topics including the privacy implications of Artificial Intelligence, interest based advertising and trusted data optimization.

Pamela Snively
Chief Data & Trust Officer, TELUS

Pamela Snively is the Chief Data & Trust Officer at TELUS. She leads the team responsible for privacy governance and data ethics, along with data management and a number of compliance functions, including the Anti-bribery & Corruption and Competition Law programs.  Pam approaches overall data governance through the lens of customer trust, leveraging TELUS’ Customer First principle to drive the organization’s commitment to privacy and data ethics.  

Pam is a lawyer but has dedicated most of her career to developing and operationalizing privacy best practices, either as a consultant or in-house. Under Pam’s leadership, TELUS has significantly transformed its approach to transparency about its data handling practices. This has included a refresh of the TELUS Privacy Centre to include layered information on TELUS' data management practices, as well as some best practices to help our customers protect their information. Pam has also published the framework for her privacy management program online, encouraging TELUS’ customers to more fully understand what responsible private sector organizations do to protect privacy.

Pamela was the recipient of the 2017 Ontario Bar Association’s Karen Spector Memorial Award for Excellence in Privacy Law. She participates in a number of national and international think-tanks and governance bodies related to privacy and data governance, including serving as a Board member for the Information Accountability Foundation and on the Privacy and Data Advisory Committee for the Canadian Marketing Association.  She is also a founding member and Chair of Canada’s Business Privacy Group, a working group made up of some of Canada’s leading privacy professionals and industry associations focused on building trust in Canada’s digital ecosystem and legislative regime.

Pam is a frequent speaker on privacy and data ethics and she actively encourages other organizations to join her in her mission to earn and elevate consumer trust in our digital ecosystem.

Pam is a frequent speaker on privacy and data ethics and she actively encourages other organizations to join her in her mission to earn and elevate consumer trust in our digital ecosystem.

Peter Cullen
Executive Director
Information Accountability Foundation

Peter provides strategic leadership to organizations, helping them leverage data intensive information use to achieve business value and differentiation. He is a globally minded executive leader, experienced in financial services and technology sectors and an internationally recognized professional in development of information public policy frameworks and organization governance, risk and compliance systems. He brings over two decades of expertise in corporate governance, ethical data use & data stewardship, privacy and risk management as well as extensive background in building sound organizational practices. He works with global executives, policy makers, regulators and academics to advance policy agendas and is a frequent speaker at US and International events. He has written extensively on workable policy frameworks and information governance accountability.

He is currently the CEO of Global Information Governance Solutions, a boutique consulting firm providing strategic advisory services to organizations. 

He is also  the Executive Strategist for Policy Innovation at The Information Accountability Foundation. He leads the Foundation’s work on public policy/governance mechanisms to achieve more effective data use and protection. He has also led the Foundations efforts on Ethical Artificial Intelligence.

Prior roles include GM Trustworthy Computing and Chief Privacy Strategist at Microsoft Corp.  Before joining Microsoft, Peter served as the corporate privacy officer for the Royal Bank of Canada (RBC),

Peter holds an MBA with distinction from the Richard Ivey School of Business at the University of Western Ontario.

Bobby Singh
Chief Information, Security Officer
Head of Infrastructure Services, TMX

Bobby Singh, as a CTO & CISO at TMX, is responsible for delivering secure and highly available common technology services across TMX. As a member of the executive leadership team, Bobby is defining TMX's cybersecurity and technology vision and strategy, to advance the organizational agenda. He is responsible for TMX's corporate information and IT systems and services, as well as all aspects of security, governance, risk, and compliance. He represents TMX in key forums focused on critical infrastructure, network evolution, intelligence, and availability. Prior to joining TMX, Bobby has held positions at TD Bank, Rogers Communications and eHealth, where he designed multi-year technology and culture transformation programs. He received his MBA from the University of Pittsburgh and holds CISSP, CISM, CISA and CPA designations.

Presenting Sponsor

Event Sponsors

GPC Course Cancelation Policy

Governance Professionals of Canada’s policy on payment and registration changes is designed to be flexible. We are committing to doing our best to accommodate you within the limits of this policy. 

Governance Professionals of Canada reserves the right to:

• Cancel a course due to low registration or unforeseen circumstances
• Substitute a speaker or facilitator due to unforeseen circumstances
• Make changes to this policy and to registration fees without notice

Unforeseen circumstances could constitute:

•  Adverse weather conditions
• Speaker illness or family emergency
• Other extenuating circumstances

If the anticipated minimum registration has not been met within four days of a session start date, or if any unforeseen circumstances occur, GPC may elect to cancel or reschedule the session.  In this event, registrants will be notified immediately, and any fees already paid and received by GPC can be either refunded or re-allocated to the rescheduled session, or as a credit toward another GPC event or course. GPC shall not be responsible for any other costs incurred by the participants other than their registration fees.