ATLSECCON 2025

The two most important parts of incident response are having a documented plan and a skilled and trained team.  But the next two important things are often overlooked: speed and organization.

As incident commander, would you like to get away from status reports all days and spend your time leading the response instead?
Would you like to spend your tropical vacation uninterrupted by needing to lead incident response?
Would you like improve your team's efficiency and not have every investigator chasing the same shiny thing?

There is a way, and it's easier than ISO or NIST. Come and hear about a better world, where we learn efficiency from firefighters.

Implementing ISO/IEC 27001 effectively can be a transformative step for organizations aiming to enhance their information security posture, or it can become a checkbox exercise with minimal benefit. This session will provide actionable insights into overcoming common challenges in ISO 27001 implementation, including risk assessment, stakeholder buy-in, and leveraging technology. Attendees will learn practical lessons to implement ISO27001 effectively and have a real impact on improving their organization's security. 

Paul will leverage his experience of working with a wide range of organizations globally to provide practical examples of some of the common pitfalls and challenges for people and organizations working towards and maintaining an ISO27001 certification.

The session will cover and give examples of how to complete these required steps:

1. Framework selection
2. Compliance and environment scope
3. Gap assessment
4. Determining objectives
5. Methodology identification
6. Resource requirements
7. 3 P’s development – policy, process, and procedures
8. 3 P’s implementation
9. Monitoring and assessment

Cybersecurity education often neglects the critical role of risk management despite its fundamental importance in protecting data and systems. This presentation argues that cybersecurity professionals need a robust understanding of risk assessment, mitigation, and management.

We will demonstrate a significant deficiency in risk management instruction by analyzing current cybersecurity education frameworks and widely used definitions of cybersecurity. We will discuss the implications of this gap, highlighting how it impacts the security posture of organizations and the professional development of cybersecurity practitioners.

This presentation aims to raise awareness of this critical issue and provide actionable recommendations for educators, institutions, and professionals to integrate comprehensive risk management training into cybersecurity curricula. By bridging this gap, we can cultivate a more proactive and resilient cybersecurity workforce capable of effectively addressing the evolving threats of the digital world.

It is easy to get caught up with the latest flashy tool, but if we are not aligning our activities with risk, then we are not effectively protecting the organization. This presentation talks about the fundamentals of risk, how as IT people we need to keep risk central to our activities, and how everyone on the team has a part to play in managing risk.

In an era where technology permeates every facet of organizational operations, the development and implementation of comprehensive policy is paramount. However, maintaining these policies becomes problematic when technology (especially Cyber Security) constantly changes, organization’s need a better approach. This session outlines the methodology and strategic approach to creating and implementing the Technology Use Manual (TUM), which encapsulates all policies, practices, and standards required for compliance with the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF).

As cyber threats like ransomware and data breaches continue to rise, understanding the role of cyber insurance is essential for CISOs and infosec specialists. This presentation will explore the critical intersection between cyber insurance and cybersecurity strategies, highlighting its importance in mitigating financial risks and enhancing organizational resilience. Attendees will gain insights into the current cyber threat landscape and learn how to integrate cyber insurance with proactive risk management. Participants will leave with actionable strategies to strengthen their organization’s defenses against evolving cyber threats.

As cyber threats like ransomware and data breaches continue to rise, understanding the role of cyber insurance is essential for CISOs and infosec specialists. This presentation will explore the critical intersection between cyber insurance and cybersecurity strategies, highlighting its importance in mitigating financial risks and enhancing organizational resilience. Attendees will gain insights into the current cyber threat landscape and learn how to integrate cyber insurance with proactive risk management. Participants will leave with actionable strategies to strengthen their organization’s defenses against evolving cyber threats.

In today’s ever changing digital landscape, higher education institutions continue to strive to protect their technology assets and data from cyber risks. As stewards of corporate governance - management and the board of trustees partner together to navigate through these enterprise risks and build a sustainable culture of cyber responsibility. 
 
In this informal conversation, Kevin Magee, Board of Trustee at Brock University and former Chief Security Officer for Microsoft Canada and Gemma Ahn, AVP and Head of ITS Brock University share practical insights on how to build a mutual understanding of cyber-related risk, foster accountability and ensure strategic alignment.

This presentation will cover digital risk measurement, monitoring and reporting digital risks by employing automation. The below topics will be covered:

1) Risk Appetite as a Foundation for Risk Metrics
2) The What, Why and How of Risk Metrics 
3) The Essence of Risk Reporting 
4) Making Risk Reporting Effective 
5) Automation Case Study

The Learning Objectives will be to:
1. Get familiar with Risk Appetite
2. Understand the what and why of Risk Measures / Metrics
3. Understand the Metric build process