This session explores the essential links between cybersecurity, privacy and corporate governance. Governance professionals have the opportunity to assess the risks and links with performance and discuss what boards should do when a breach occurs, what incident response capabilities are there. This session will also explore theoretical and approaches to cyber threat management, as well as privacy breaches.
Game of Threats Simulation - (Note: this session will not be available for webcast participants)
Participating in a cybersecurity incident response interactive role-play
Understanding the cybersecurity mandate for boards
Defining and outlining your defense and an in-depth governance strategy
Developing key cybersecurity questions for directors
Industry Trends of interest to boards
The TSX security program journey and risk management ecosystem
Crucial Lines of Defence
Sample Reporting Topics for the Board
20 Questions Segment
Interactive discussion for governance professionals
Preparation for cybersecurity discussions
How to discuss and engage cybersecurity with the board
Privacy regulatory environment and landscape
Discussion of the role and mandate of the board in terms of privacy
Overview of opportunities and what leaders are doing around data and still building trust
RoundTable discussion/case study/interactive Q&A
Insurance Protection session, highlighting key risks, mergers and acquisitions and cyber insurance policies
Founder and CEO, Global Privacy & Security by Design
Former Ontario, Privacy Commissioner
Dr. Ann Cavoukian is recognized as one of the world’s leading privacy experts. She is currently the Executive Director of the Global Privacy & Security by Design Centre and is also a Senior Fellow of the Ted Rogers Leadership Centre at Ryerson University. Until June 2019, Dr. Cavoukian was the Distinguished Expert-in-Residence, leading the Privacy by Design Centre of Excellence at Ryerson University. Appointed as the Information and Privacy Commissioner of Ontario, Canada in 1997, Dr. Cavoukian served an unprecedented three terms as Commissioner. There she created Privacy by Design, a framework that seeks to proactively embed privacy into the design specifications of information technologies, networked infrastructure and business practices, thereby achieving the strongest protection possible. In October 2010, regulators at the International Conference of Data Protection Authorities and Privacy Commissioners unanimously passed a Resolution recognizing Privacy by Design as an essential component of fundamental privacy protection. This was followed by the U.S. Federal Trade Commission’s inclusion of Privacy by Design as one of three recommended practices for protecting online privacy – a major validation of its significance. Since then, Privacy by Design has been translated into 39 languages, giving it a true global presence.
Information Accountability Foundation
Peter provides strategic leadership to organizations, helping them leverage data intensive information use to achieve business value and differentiation. He is a globally minded executive leader, experienced in financial services and technology sectors and an internationally recognized professional in development of information public policy frameworks and organization governance, risk and compliance systems. He brings over two decades of expertise in corporate governance, ethical data use & data stewardship, privacy and risk management as well as extensive background in building sound organizational practices. He works with global executives, policy makers, regulators and academics to advance policy agendas and is a frequent speaker at US and International events. He has written extensively on workable policy frameworks and information governance accountability.
He is currently the CEO of Global Information Governance Solutions, a boutique consulting firm providing strategic advisory services to organizations.
He is also the Executive Strategist for Policy Innovation at The Information Accountability Foundation. He leads the Foundation’s work on public policy/governance mechanisms to achieve more effective data use and protection. He has also led the Foundations efforts on Ethical Artificial Intelligence.
Prior roles include GM Trustworthy Computing and Chief Privacy Strategist at Microsoft Corp. Before joining Microsoft, Peter served as the corporate privacy officer for the Royal Bank of Canada (RBC),
Peter holds an MBA with distinction from the Richard Ivey School of Business at the University of Western Ontario.
Cyber Thought Leader & Broker
Michélle is the Cyber Thought Leader & Broker for Canada within the Corporate Risk and Broking division, and specifically within the Toronto FINEX practice. Michélle provides risk solutions to organizations and is particularly experienced in large domestic and international Cyber placements across all industry sectors, where the key coverage issues of Business Interruption and Reputational Risk are needed to be addressed.
Having joined WTW FINEX Canada in October 2015, Michélle leads the placement of effective and market‐leading Cyber Liability/Data Breach solutions, and assists in the marketing and placement of all Management and Professional Liability products in Canada and the Lloyd’s of London insurance market.
Prior to joining WTW, Michélle was an Area Business Manager in the U.K. Retail industry where she was responsible for 14 stores and over 60 staff.
Partner, PwC Canada
Jordan is a Partner for PwC Canada and leads the National Privacy Practice. She has a passion for helping companies unlock data value and innovation while inspiring the customer trust and confidence needed to enable it.
For nearly 15 years, Jordan has developed, assessed and executed privacy and responsible data use programs - from ownership, strategy, and governance to decision-making, processes and culture. She has conducted hundreds of privacy and responsible data use assessments and helped organizations understand their privacy and responsible data use obligations. She is consistently viewed by her clients as an effective integrator between the business teams looking to innovate with data and the data protection teams looking to protect it.
Before PwC, Jordan led the Information Protection program for Target Canada. This included managing data protection and CASL programs, defining and executing program strategy and management, and partnering across the business to embed a strong data protection culture and drive better data use decisions to enable data-driven initiatives and strategic business priorities.
Jordan is a dynamic and energetic speaker presenting and publishing on several topics including the privacy implications of Artificial Intelligence, interest based advertising and trusted data optimization.
Chief Information, Security Officer
Head of Infrastructure Services, TMX
Bobby Singh, as a CTO & CISO at TMX, is responsible for delivering secure and highly available common technology services across TMX. As a member of the executive leadership team, Bobby is defining TMX's cybersecurity and technology vision and strategy, to advance the organizational agenda. He is responsible for TMX's corporate information and IT systems and services, as well as all aspects of security, governance, risk, and compliance. He represents TMX in key forums focused on critical infrastructure, network evolution, intelligence, and availability. Prior to joining TMX, Bobby has held positions at TD Bank, Rogers Communications and eHealth, where he designed multi-year technology and culture transformation programs. He received his MBA from the University of Pittsburgh and holds CISSP, CISM, CISA and CPA designations.
Chief Data & Trust Officer, TELUS
Pamela Snively is the Chief Data & Trust Officer at TELUS. She leads the team responsible for privacy governance and data ethics, along with data management and a number of compliance functions, including the Anti-bribery & Corruption and Competition Law programs. Pam approaches overall data governance through the lens of customer trust, leveraging TELUS’ Customer First principle to drive the organization’s commitment to privacy and data ethics.
Pam is a lawyer but has dedicated most of her career to developing and operationalizing privacy best practices, either as a consultant or in-house. Under Pam’s leadership, TELUS has significantly transformed its approach to transparency about its data handling practices. This has included a refresh of the TELUS Privacy Centre to include layered information on TELUS' data management practices, as well as some best practices to help our customers protect their information. Pam has also published the framework for her privacy management program online, encouraging TELUS’ customers to more fully understand what responsible private sector organizations do to protect privacy.
Pamela was the recipient of the 2017 Ontario Bar Association’s Karen Spector Memorial Award for Excellence in Privacy Law. She participates in a number of national and international think-tanks and governance bodies related to privacy and data governance, including serving as a Board member for the Information Accountability Foundation and on the Privacy and Data Advisory Committee for the Canadian Marketing Association. She is also a founding member and Chair of Canada’s Business Privacy Group, a working group made up of some of Canada’s leading privacy professionals and industry associations focused on building trust in Canada’s digital ecosystem and legislative regime.
Pam is a frequent speaker on privacy and data ethics and she actively encourages other organizations to join her in her mission to earn and elevate consumer trust in our digital ecosystem.
Richard Wilson, CISSP
Partner, Cybersecurity & Privacy, and Independent Director
Richard is a partner in PwC's Cybersecurity & Privacy Consulting practice. He helps boards and management teams understand and strategically defend against the rapidly evolving cybersecurity threats today. His unique board cybersecurity framework equips directors and management teams to have the right dialogue about cyber strategies, resources, processes, systems, and services.
Currently, Richard serves as a director on the board for the Independent Electricity System Operator, which balances supply and demand in the Ontario power sector, and its adjoining power jurisdictions in Canada and the US.
Richard has 27 years of professional services experience, including 15 years in a CEO or COO role for publically traded and private companies. He has more than 14 years of experience advising boards and C-Suites on governance, strategy, organizational planning, risk, and risk response.
GPC Course Cancelation Policy
Governance Professionals of Canada’s policy on payment and registration changes is designed to be flexible. We are committing to doing our best to accommodate you within the limits of this policy.
Governance Professionals of Canada reserves the right to:
If the anticipated minimum registration has not been met within four days of a session start date, or if any unforeseen circumstances occur, GPC may elect to cancel or reschedule the session. In this event, registrants will be notified immediately, and any fees already paid and received by GPC can be either refunded or re-allocated to the rescheduled session, or as a credit toward another GPC event or course. GPC shall not be responsible for any other costs incurred by the participants other than their registration fees.
NOT A Member Yet? Join us
© 2016 Governance Professionals of Canada