CANCELLED: 2023 Canada Cyber Investigation Summit

This event has been cancelled.

The HTCIA Canada Cyber Investigation Summit delivers invaluable content, compelling keynotes, leading-edge insights and extensive opportunities to exchange ideas. Our attendees demand the most current and up-to-date information to help them succeed at work and continue to grow in their careers. Sponsoring and exhibiting at the conference provides your company with the opportunity to engage with high tech crime investigators at all levels who are actively learning and evaluating the best that the industry has to offer. Don’t miss your chance to talk to and influence this qualified audience!

We look forward to welcoming you to the 5th Annual HTCIA Canada Cyber Investigation Summit.

Training venue: University of Ottawa, 100 Louis-Pasteur Private, [Building: Learning Crossroads (CRX)], Ottawa, Ontario, K1N 9N3, Canada

May 17

May 18

May 19

May 17

TRACKS	1) Digital Forensics (Technical Level)
	2) Open Source & Intelligence
	3) eDiscovery/Legal /Ethics/Privacy
	4) Misc: Cloud Investigations / AI / ML / Threat Hunting & Mapping / Crypto Investigations

8:00 - 8:40	High Technology Crime Investigation Association (HTCIA) REGISTRATIONS / Coffee & Tea * Interact with Sponsors *
8:40 - 9:00	[Rm C140] Opening Session & Introductions
9:00 - 9:50	[Rm C140] KEYNOTE: William Callahan Dir of Gov't & Strategic Affairs - Blockchain Intelligence Group Confronting National Security & Public Safety Threats in a Borderless Digital Asset World Discover the hidden world of cryptocurrency crime‑fighting and the battle against money laundering and terrorist financing. Uncover the techniques and tools used by investigators to track and identify cyber criminals and confront the future of transnational criminal organizations with the rise of AI in digital asset money laundering investigations. Get ahead of the game and learn what tomorrow's financial crime fighters need to know.
9:50 - 10:00	Networking (Everyone) * Interact with Sponsors *
10:00 - 10:50	[Rm C - Forward Looking] Trevor Stevado, Loudmouth Security Description to follow (This is the team that will offer 'Capture‑the‑Flag [CTF]' during our Summit)	[Rm C - Legal/Privacy] Matin Fazelpour, Legal considerations during cyber crime investigations In Canada, cybersecurity and data protection are governed by a complex legal and regulatory framework. This presentation provides an overview of the evolving Canadian landscape governing data protection and cybersecurity that apply to investigators. We will explore the statutory framework of Canadian privacy and data protection laws relevant to cybersecurity, the regulatory and governance framework for certain regulated organizations and institutions, and the current state of the common law.	[Rm - Coud Investigations] Brad Ellis, Accelerating Incident Response Investigations with Cloud Automation The threat landscape of cybersecurity is constantly evolving, and organizations must be prepared to respond quickly and effectively to incidents. However, incident response procedures can be time‑consuming, complex, and prone to inconsistencies due to misconfigurations. This presentation introduces an automatically provisioned cloud‑based cybersecurity incident response environment to address these challenges. Using automation provides a consistent approach to provisioning an incident response environment and resources, reducing the time and complexity involved in the process.	[Rm C - Crypto Investigations] Eric Rowe: Truckers, Freedom, and Bitcoins: combining OSINT with blockchain information An overview of the Adopt-a- Trucker and HonkHonkHodl fundraising campaigns, and how the extensive open source and blockchain information which was available might be used to inform an investigation as well as a search and seizure. Using OSINT and blockchain information to discover: (1) donation, donor and recipient bitcoin addresses, (2) motivations of donors, (3) types of wallets used by the organizers and the truckers, (4) sources of KYC/identity information, (5) the use of seed word lists, and (6) the number of donation fund controllers.
10:50 - 11:00	Networking (Everyone) * Interact with Sponsors *
11:00 - 11:50	[Rm - Forensics] Paul Lorentz, Samsung Rubin, is it the Keychain of Android? Is your FFS really a FFS. Are you getting everything you need to parse Samsung Rubin?	[Rm Cx - Case Study] Panel Discussion: ‑‑Neumann Lim ‑‑Neil Ning ‑‑Ravi Hans Managed Chaos: Navigating ransomware attacks with the art of incident response We will take you through a real ransomware case involving BlackBasta and provide a step by step guide to managing the many tasks dealing with the cyber incident. By following these steps, organizations can minimize the impact of a ransomware attack and ensure business continuity.	[Rm - OSInt] Alex Bruce, Developing Effective Open Source Information Collection (OSIC) Governance Over the last five years, I have noticed that while the OSIC/ OSINT practitioner community has developed excellent resources and tradecraft, many commonly lack a critical governance model needed to ensure long term operations success. This presentation will explore the key governance and framework components that should be embedded within any individual or group protocols when conducting OSIC. The presentation is geared towards all OSINT practitioners, investigators and program managers/team-leads.	Classroom Closed ‑ Please enjoy one of the other 3 on‑going training sessions.
11:50 - 13:00	Networking & Lunch Break (Everyone) * Interact with Sponsors *
13:00 - 13:50	[Rm C140] Warren Kruse (President, HTCIA IEC) & Trey Amick (Director, Magnet Forensics) Panel Discussion: Industrial IOT Intro and Analysis Considerations Join Warren Kruse and Trey Amick for a discussion on the potential relevance of IoT data to different corporate, criminal, and civil case scenarios, and the potential need for obtaining discovery from, for example, internet‑connected cameras; home automation systems; smart speakers, TVs, and refrigerators, and wearables. This discussion will also touch on aspects of the industrial realm such as the challenge of IoT data generated in factories, warehouses, and pipelines, among other settings.
13:50 - 14:00	Networking (Everyone) * Interact with Sponsors *
14:00 - 14:30	[Rm C140] Top Tier Vendor Showcase (Marketing) Rudi Thorsteinson from Blockchain Intelligence Group will walk through an example of how QLUE, its cryptocurrency tracing tool, is used to easily trace and track the movement cryptocurrency through different obfuscation techniques, services and protocols, and across multiple blockchains. During this time, he will show how funds move across the blockchain, how exchanges are identified, and how to collect intelligence to identify bad actors.
14:30 - 15:20	[Rm C - Digital Forensics] Colin Cree, Search Preparations Critical in both public and private sector. Search planning is critical to any engagement or investigation. This session will provide an understanding of common search issues and how to plan to minimize their effect on your practice.	[Rm C - Financial Investigations] Chris Pierre, Financial Investigations While there have been incredible advances in technologies such as cryptocurrencies, identifying who one is dealing with, beneficial ownership, business interests, assets, liabilities and financial relationships remain a very important part of investigation and due diligence risk management. This presentation will address trending issues at the intersection of OSINT, financial crime investigation and risk management.	[Rm - Cloud Investigations] Thom Yohannan, Introduction to Cloud Forensics The workshop will encompass a basic yet comprehensive overview of cloud forensics. 1. How cloud platforms, specifically, AWS/GCP/Azure 2. A history of case law one should be aware of 3. Forensic tasks in the cloud versus on-premise	Classroom Closed ‑ Please enjoy one of the other 3 on‑going training sessions.
15:20 - 15:30	Networking (Everyone) * Interact with Sponsors *
15:30 - 16:20	[Rm - Forward Looking] Mark Gaudet, The emergence of cyber ranges as the core of a cybercrime investigation ecosystem The global shortage of cybersecurity professionals is driving the deployment of cyber ranges as a key tool in workforce development and training. Cyber ecosystems are developing around cyber ranges that go beyond individual training to include research, cyber awareness, live simulations and incident response exercises. What role can cyber ranges play in building a sustainable cybercrime policing force, while increasing awareness, and reporting rates for cybercrime.	[Rm - Forward Looking] Neal Kushwaha, Canadian threats and risksthrough the public’s eyes Building on last year’s talk titled “It’s not all Cyber: Exposing Target Behaviours and Motives”, targeting, intelligence, described the different types of intelligence, and described the difference between evidence and intelligence. This year he will describe the value of the National Security Centre of Excellence (NSCOE/CdESN)) and describe some of key threats and risks Canadian entities and individuals of National Interest are facing today, and time permitting will dive into more than one anonymized cases.	[Rm - Legal/eDiscovery] Vivek Gupta, eDiscovery Strategies Description and timeslot to follow.	Classroom Closed ‑ Please enjoy one of the other 3 on‑going training sessions.
16:20 - 18:00	Social Event & Networking (Everyone) * Interact with Sponsors *

Social Event Sponsor:

May 18

TRACKS	1) Digital Forensics (Technical Level)
	2) Open Source & Intelligence
	3) eDiscovery/Legal /Ethics/Privacy
	4) Misc: Cloud Investigations / AI / ML / Threat Hunting & Mapping / Crypto Investigations

8:00 - 9:00	High Technology Crime Investigation Association (HTCIA) REGISTRATIONS / Coffee & Tea * Interact with Sponsors *
9:00 - 9:50	[Rm C140] KEYNOTE: Adam Belsher CEO, Magnet Forensics Fireside Chat
9:50 - 10:00	Networking (Everyone) * Interact with Sponsors *
10:00 - 10:50	[Rm C - Digital Forensics] Colin Cree, Imaging : Do it right, or not at all Capturing a defensible image is the most important step in any examination. This session is a review of imaging issues, and types of imaging, ie boot disks, forensic software, hardware imagers, remote imaging options.	[Rm C - Investigations] Allan Chabot, Where Cyber meets Physical in an era of a Digital Transformation Physical Security practitioners are adopting new technologies to innovate how security protection services are delivered to their organizations. In this session, we will explore this digital transformation through the lens of exploring what kind of data is generated by interconnected sensors, CCTV cameras and badge readers. As an investigator, you can improve the quality, timeliness and thoroughness of your fact finding through a better understanding of physical security programs and the personnel who are responsible for its execution.	[Rm C - Forward Looking] John Armit, Tricks of the trade: What’s in a fraudster’s toolbox? With all demographic groups being expected to use technology for many facets of their lives, Canadians are being increasingly targeted by cyber criminals. The presentation will focus on “Tricks of the trade: What’s in a fraudster’s toolbox?”, attendees will learn about current cyber enabled frauds and the most common fraud techniques in the marketplace right now.	[Rm C - Crypto Investigations] Eric Rowe, Tracing Interpretation for Investigators An overview of Bitcoin graphing and the information it may provide to investigators. Starting with UTXOs, addresses and clusters, and then moving through transaction patterns, metadata and OSINT this presentation will explore some of the insights that an investigator can hope to gain from tracing tools.
10:50 - 11:00	Networking (Everyone) * Interact with Sponsors *
11:00 - 11:50	[Rm Cx - Forensics] Brent Salo, UAV/Drone Forensics Drones In 2023: What is the problem? Brent will discuss the latest trends and challenges digital forensic investigators are faced with when dealing with modern consumer UAV devices.	[Rm C - eDiscovery/Legal/Ethics] Dominic Morissette, Analyzing the impact of illlegal IPTV and their influence on the viewership of live sport and pay per view events Illegal IPTV services are now widely sold and distributed, especially on social media. This presentation aims at explaining how this influences the viewership of live sports and pay per view events, and present possible solution to limit the negative impacts of this phenomenon.	[Rm C - Crypto Investigations] John Dent, Strategic Insights into the Laundering of the Proceeds of Cyber-Enabled Crime This 'Money Laundering/ Cryptocurrency' presentation will provide a broad overview into the high-level trends identified in the laundering of ransomware and cyber-enabled fraud proceeds. The presentation will explore what happens to ransoms after they are paid, and what methods and services ransomware and other threat actors use to launder the cryptocurrency before cashing it out.	[Rm C ‑ OSINT] Robert Coccaro AND David Shewbert, Managed Attribution: Why it's important in OSINT Managed attribution refers to the deliberate and strategic management of how information is attributed to specific individuals or organizations.It is often used in situations where anonymity or confidentiality is required, such as in research of proprietary or sensitive information. The goal of managed attribution is to provide accurate and reliable information while protecting the identity of the researcher or analyst.
11:50 - 13:00	Networking & Lunch Break (Everyone) * Interact with Sponsors *
13:00 - 13:50	[Rm C ‑ OSInt] Matin Fazelpour, Legal considerations during cyber crime investigations In Canada, cybersecurity and data protection are governed by a complex legal and regulatory framework. This presentation provides an overview of the evolving Canadian landscape governing data protection and cybersecurity that apply to investigators. We will explore the statutory framework of Canadian privacy and data protection laws relevant to cybersecurity, the regulatory and governance framework for certain regulated organizations and institutions, and the current state of the common law.	[Rm - Forward Looking] Melissa Martineau, Cyber Behavioural Analysis: The Human Element of Cybercrime Investigations This presentation introduces the audience to the application of behavioural analysis techniques (aka profiling) to cybercrime investigations. Providing a brief explanation of the historical application of behavioural analysis to investigation and the types of profiling possible, Ms. Martineau will explain how she is using her skills that were initially honed in the interpersonal violence domain, to cybercrime. The presentation will conclude with a couple of case examples.	[Rm C - OSInt] James Skinner, Threat Hunting in Mobile Environment Case Study Are you curious about the hidden intricacies of telco mobile networks and how they impact modern hunting techniques? Join us for an eye‑opening talk on the fascinating world of cellular networks versus traditional networks. Discover the complexities of telco mobile networks and gain insight into how traditional threat analysis differs within them. Don't miss out on this rare opportunity to expand your knowledge and enhance your hunting skills.	Classroom Closed ‑ Please enjoy one of the other 3 on‑going training sessions.
13:50 - 14:00	Networking (Everyone) * Interact with Sponsors *
14:00 - 14:30	[Rm C140] Top Tier Vendor Showcase (Marketing)
14:30 - 15:20	[Rm C ‑ Legal] David Sutherland, Overview of Canadian Cybercrime Law enforcement landscape This presentation will provide an overview of the Canadian Cybercrime Law Enforcement landscape, touching on a variety of topics including Cybercrime law, the investigation assessment process, information sharing, criminal investigations, collaboration with industry and current challenges. The secondary focus of this presentation is to discuss how law enforcement can work together to combat Cybercrime.	[Rm - Investigations] Josh Gluck, O.P.P. Investigation Case Study Description to follow	[Rm C ‑ OSInt] Miguel Garzon, Open‑Source C2 Frameworks: The New Trend Among Threat Actors The use of open‑source command‑and‑control (C2) frameworks by threat actors is gaining traction as an alternative to traditional C2 toolkits like Cobalt Strike, Sliver, and Brute Ratel. In this presentation, we will discuss the increasing popularity of open‑source C2 frameworks among threat actors and their effectiveness in bypassing modern security defenses. We will introduce Havoc, an advanced open‑source C2 framework that uses sleep obfuscation, indirect syscalls, and return address stack spoofing to remain undetected.	Classroom Closed ‑ Please enjoy one of the other 3 on‑going training sessions.
15:20 - 15:30	Networking (Everyone) * Interact with Sponsors *
15:30 - 16:20	[Rm C140] Warren Kruse (President, HTCIA IEC) Discussing the many reasons and benefits of your membership in the High Technology Crime Investigation Association
16:20 - 16:30	* Interact with Sponsors *

May 19

TRACKS	1) Digital Forensics (Technical Level)
	2) Open Source & Intelligence
	3) eDiscovery/Legal /Ethics/Privacy
	4) Misc: Cloud Investigations / AI / ML / Threat Hunting & Mapping / Crypto Investigations

8:00 - 9:00	High Technology Crime Investigation Association (HTCIA) REGISTRATIONS / Coffee & Tea * Interact with Sponsors *
9:00 - 9:50	[Rm C140] KEYNOTE Mario Mainville Exec. Director, Corporate Services Branch @ Competition Bureau Canada "Competition Law Enforcement in the Digital Age"
9:50 - 10:00	Networking (Everyone) * Interact with Sponsors *
10:00 - 10:50	[Rm C - Digital Forensics] Frank Corkery, Overcoming Vehicle Forensic Challenges with Advanced Acquisition Techniques Learn about advanced acquisition and decoding techniques used to recover data from vehicle infotainment systems, navigation systems, and other electronic control units. Explore advanced data extraction methods when the major tools either don’t provide support, or the hardware is not in adequate condition to use standard acquisition techniques. Discover how to deal with data from 3 different chip types: eMMC, NAND, and NOR; receive an overview of ISP/ Direct eMMC as an advanced non‑destructive data method; and as a last resort, the Chip-Off process.	[Rm - Forward Looking] Matt Holland, Malware and AI: Mystery or Myth? The future of malware, and how AI will change the implementation of malware and hacker campaigns. But how much will AI truly impact malware, its operational usage, or other types of offensive hacking campaigns? This intermediate/advanced presentation will explore malware, the true potential effects of AI on malware, and what can be expected over the next 5 years.	[Rm - eDiscovery] Rob Fried, Investigation of Connected Devices Robert will discuss the forensic investigation of “connected” devices and focus on the forensic preservation, analysis, and review of data in forensic tools and document review platforms. Additionally, Robert will also discuss the types of cases being encountered, and the potential linkage between different data sources that are encountered during an investigation. Finally, Robert will offer guidance on key skills that will assist today’s digital investigators.	[Rm C - Forward Looking] Trevor Stevado, Loudmouth Security Description to follow (This is the team that will offer 'Capture‑the‑Flag [CTF]' during our Summit)
10:50 - 11:00	Networking (Everyone) * Interact with Sponsors *
11:00 - 11:50	[Rm C140 - Investigations] RMCP: David Sutherland, Bell: Anthony Martin, and Rogers: Daniel Pink Panel Discussion: Law Enforcement and industry cooperation – Case Study Using a recent illegal IPTV distribution case, the panel will highlight the benefits and challenges when law enforcement and industry work collaboratively during a criminal investigation. This case study will cover topics such as information sharing, legal considerations, disclosure and the court process, with an emphasis on the friction points inherent within law enforcement/industry cooperative efforts.
11:50 - 12:15	[Rm C140] Closing Session: Warren Kruse (President, HTCIA IEC) & Denis Roussel (1st VP, HTCIA IEC)

Speakers

Attendee Registration

Due to members experiencing delays in getting their travel approvals, the organizing committee has now extended the Early Bird Pricing until April 30, 2023!

Sponsor CCIS!

Travel

Gallery

Platinum Sponsor:

Blockchain Intelligence Group

Gold Sponsors:

High Technology Crime Investigation Association

Sponsorship-Gold-level

Bronze Sponsors:

Grayshift

MSAB

Agnovi

Magnet Forensics

Teel Technologies Canada

EFS e-Forensic Services Inc.

Sponsorship-Bronze-level

Supporters:

High Technology Crime Investigation Association

Bell Canada

Venue:

uOttawa

uOttawa-1

uOttawa-2

uOttawa-3

Parking and Sustainable Transportation-1

Parking and Sustainable Transportation-2

Keynote Speakers

William Callahan

Dir of Gov't & Strategic Affairs
Blockchain Intelligence Group

Bio

William (Bill) J. Callahan III is a law enforcement veteran with 20+ years in the Drug Enforcement Administration (DEA). He retired from the DEA as the Special Agent In Charge for the St. Louis division and held numerous posts in the DEA since joining in early 2000. Bill specialized in complex, multi-jurisdictional money-laundering investigations. In many of these investigations, illicit actors took advantage of trade-based money laundering schemes, dark web narcotic distribution involving cryptocurrency, and market manipulation to obfuscate the true source of the funds. While assigned to DEA Headquarters, Bill established DEA’s proactive money laundering audit team, where he took part in the development of creating policy and procedures in furtherance of DEA’s undercover operations involving cryptocurrency.

Adam Belsher

CEO
Magnet Forensics Inc.

Bio

Founded in 2010, Magnet Forensics is a developer of digital investigation software that acquires, analyzes, reports on, and manages evidence from digital sources, including computers, mobile devices, IoT devices and cloud services. Magnet Forensics’ software is used by more than 4,000 public and private sector customers in over 90 countries and helps investigators fight crime, protect assets and guard national security.

Mario Mainville

Exec. Director, Corporate Services Branch
Competition Bureau Canada

Bio

Speakers

Speakers are being added as they are confirmed.

Warren Kruse

President
HTCIA International

Bio

Chambers and Partners Ranked eDiscovery Expert, five years in a row (2018-2022). Warren has experience working in law enforcement and as a consultant, supporting law firms and corporations globally with incident response, computer forensics and Electronic Discovery. He is a co author of Computer Forensics: Incident Response Essentials. Warren was ranked as a top Professional Adviser in the 2018, 2019, 2020, 2021 and 2022 Chambers Litigation Support guide.

Testified as a Computer Forensic Expert for the US Securities and Exchange Commission (SEC) Conducted the computer and network forensics in the billion dollar "Comtraid" theft of Intellectual Property and Trade Secrets, for which he received the High Tech Crime Investigation Association’s Case of the Year Award. - frequent lecturer on computer forensics, incident response, and cybercrime. He has lectured internationally for groups including: SANS, Certified Fraud Examiners, ISSA, HTCIA, etc.

Denis Roussel

First Vice President
HTCIA International

Bio

Experienced technology investigator with the Government of Canada since 2001. Denis is the National Manager Digital Forensics and Major Case Management with the Department of Fisheries and Oceans Canada. Denis was Chief Technology Security at the Department of Justice Canada for over 8 years. He was also an Electronic Evidence Investigator with the Competition Bureau Canada as well as Manager with Shared Services Canada.

Denis completed with Honours both the Information Systems Security and the Public and Private Investigations program at Algonquin College. Was part-time instructor for the OSINT courses for 5 years. Was a licensed Private investigator in both Ontario and Quebec. Volunteered by giving various workshops on Digital Forensics, to post-secondary cyber security programs and to other government partners.

Denis was also HTCIA Ottawa President in 2017, 2020 and 2021 and has been on the organizing committee for the HTCIA Canada Cyber Investigation Summit for the past 4 years.

Eric Rowe

Senior IT Specialist
Canada Revenue Agency

Bio

Eric is a Senior IT Specialist in Canada Revenue Agency’s Criminal Investigations Directorate where he works primarily in the area of cryptocurrency and virtual asset investigation. His responsibilities include tracing cryptocurrency and virtual asset transactions for investigators, conducting intelligence and operational liaison work with foreign partners, training investigators and digital forensics analysts, and representing Canada as a delegate on cryptocurrency and virtual asset working groups at the OECD and the FATF. Eric holds a M.Sc. in digital forensics, a M.Sc. in digital currency, and advanced certificates in blockchain law, digital regulation, and decentralized finance.

Trey Amick

Director, Forensic Consultants
Magnet Forensics Inc.

Bio

Trey Amick is a forensics investigator with a background in both law enforcement and corporate investigations. As a detective with the Rock Hill Police Department in South Carolina, Trey was sworn as a Special Deputy United States Marshal and supported the US Secret Service Electronic Crimes Task Force. Previously, he served in roles in both Patrol and Professional Standards.

Most recently, as a corporate investigator, Trey managed the Enterprise Cyber Education and Awareness Team at Capital One, where he also served as part of the Cyber Technical Investigations Team. Trey is currently the Director, Forensic Consultants Team at Magnet Forensics, where he assists in the development of Magnet AXIOM Cyber and provides skilled support to customers with his combined knowledge of AXIOM and digital forensics. Trey is also the President of the High Technology Crime Investigation Association (HTCIA), New York Metro Chapter.

Colin Cree

Director/Owner
EFS e-Forensic Services

Bio

Dominic Morissette

President
PDN Cyber Security

Bio

Matin Fazelpour

Privacy & Cybersecurity Lawyer
BLG LLP

Bio

Neumann Lim

Senior Manager
Deloitte

Bio

Neumann Lim is a senior manager at Deloitte where he leads the development of the services, strategies and methodologies on cyber detection and incident response. Prior to this role, Neumann spent several years working with large enterprises and governments specializing in incident response.

With more than 15 years of infosec experience, he has delivered numerous cyber risk assessments, coordinated national incident responses across multiple industries. Neumann has been invited to share his thought leadership at many security conferences such as Grayhat Conf, DefCon BlueTeam Village, HTCIA Canada, Toronto CISO Summit and CCTX.

Allan Chabot

Sr Specialist, Asset Protection
Bell Canada

Bio

James Skinner

Sr. Security Systems Integrator
Bell Canada

Bio

Mr. Skinner's expertise in the field of security engineering is unparalleled, with nearly two decades of threat hunting experience under his belt. As a former network engineer, he possesses a unique perspective on how to design effective mitigations against attacks. Over the years, Jamie's practical experience in designing and implementing security systems has propelled him to become a full-time threat analyst and hunter, making him an invaluable asset to the security community. His knowledge is highly sought after by various organizations, including government, law enforcement, and other security teams. If you're looking to learn from a seasoned pro in the field, don't miss the chance to hear Mr. Skinner share his insights and experiences.

Colin Ferguson

Sr. CTI Analyst
Bell Canada

Bio

Miguel Garzón

Sr. Specialist @ Bell Canada
Faculty Member at uOttawa

Bio

Miguel Garzon is a senior security specialist at Bell Canada and an adjunct professor at the Faculty of Engineering of the University of Ottawa. With over a decade of experience in the field of cyber security, Miguel has become an expert in the applications of machine learning in cyber security, threat hunting and malware analysis.
He holds a PhD in Computer Science from the University of Ottawa, where his research focused on developing machine learning algorithms for detecting and classifying malware. He has published several papers in prestigious academic journals and conferences, and his work has been recognized with numerous grants.

Brent Salo

President
SCG Canada Inc

Bio

Frank Corkery

Sales & Forensic Services
Teel Tech Canada

Bio

Frank is a digital forensics examiner and technical sales representative for Teel Technologies Canada based in Ottawa, Ontario. He has been with Teel since 2018. His focus is on conducting and managing digital forensic investigations following industry standard methodology for a wide range of private, public and government organizations. Frank also works with clients to support their needs for forensics hardware, software, and services.

Paul Lorentz

Product Specialist
Cellebrite

Bio

Thomas Yohannan

Cyberinsurance | Security
Forensics | Law

Bio

I live where technology meets business and law.

As an attorney with business development and sales skills, I specialize in information security, compliance and payments. My passion for bringing new products to market through a mix of strategy, research analysis and an understanding of risk and regulatory frameworks for high touch verticals helps enterprises companies succeed.

From early stage tech firms (Cvent), to international leaders (UBS & Goldman Sachs) and industry giants (Cisco), I have been fortunate to spend my career crafting messages and growing bottom lines for some of the world's best IT solutions corporations.

John Dent

Director
Government of Ontario

Bio

Brad Ellis

Sr. Cloud Security Consultant
Mirai

Bio

John Armit

Detective Constable
Ontario Provincial Police

Bio

Detective Constable John Armit has been a member of the Ontario Provincial Police (OPP) for 22 years. In 2015, John began working in his current position with the OPP’s Anti-Rackets Branch (ARB), investigating economic crimes and political corruption. In May 2021, John began an 18-month secondment with the Canadian Anti-Fraud Centre (CAFC) as a Detective Sergeant working as a law enforcement Liaison Officer nationally and internationally.

Alexandre Bruce

Senior Program Officer
Fisheries and Oceans Canada

Bio

Daniel Pink

Intellectual Property & Comms Lawyer
Rogers Communications

Bio

Daniel Pink is an experienced lawyer specializing in copyright and technology law for Rogers Communications, one of Canada’s largest telecommunications companies. Daniel is the Director of Copyright and Broadband and heads Rogers’ Content Protection Team. He also provides strategic advice to the media and cable lines of business and has extensive experience with Canadian regulatory matters.

Anthony Martin

Integrity Investigator
Bell Canada

Bio

Anthony has a passion for using adaptive and integrated technologies to his advantage while conducting investigations and risk assessments. He is always examining information in a holistic manner and asking the questions “What can we see?” and “What does the evidence tell us?” in an investigation.

He has been involved with investigations in one form or another over the last 25 years. Anthony is currently an Integrity Investigator with a focus on Intellectual Property and Content. Prior to that, Anthony worked as an Internal Investigator and auditor (of billing systems) with Bell, has collaborated with Law Enforcement agencies, both professionally and personally (as a community liaison) and participates in various training exercises to keep his skills up to date in this transformational world.

Neil Ning

Toronto Cyber Risk Advisory
Deloitte Canada

Bio

Neil Ning is a security Lead with 7+ years of experience in Security Operation, Incident Response and Security Project Management. He is talented in problem-solving and has helped numerous clients to resolve their security challenges. As a leader in the incident response practice, Neil has led and participated in many enterprise-level security incidents and provided strategy plans on incident containment, incident recovery and implementation plan on industry-lead security tools.

Ravi Hans

Toronto Cyber Risk Advisory
Deloitte Canada

Bio

Ravi Hans is a senior consultant at Deloitte with the Risk Advisory team engaged on cyber incident response. He has worked in a number of roles in the information security space over the last 5 years including security operations analyst, vulnerability management, and threat hunting. Ravi has worked incidents across a broad spectrum of clients as part of the Risk Advisory team with a focus on incident investigation.

Matt Holland

Co-Founder and CEO
Field Effect

Bio

Starting his career at the Communications Security Establishment, Matt spent seven years in the Tailored Access Operations (TAO) group as a leading security researcher specializing in intelligence tradecraft and technology for key top-secret projects for the Five Eyes.

In 2007, he co-founded his first company and grew it to be a silent leader in the privatized intelligence industry, serving democratic governments globally. It was acquired by L3 in 2018.

Matt has an established background and expertise in distributed computing, low level security systems and cross platform methodologies, and has a track record of commercialization and success with “hard problems”. Matt’s background directly contributes to Field Effect’s comprehensive cyber security solution, Covalence, and the aggressive growth of Field Effect worldwide.

Mark Gaudet

Vice President
Simulation Technologies

Bio

Mark Gaudet is an experienced product leader with a broad background that spans engineering, product management, product marketing and business development. He is passionate about continually learning and building great products customers love.

After starting his career in semiconductor design and manufacturing at Nortel, Mark joined ISOTRO Network Management where he had the opportunity to implement the market strategy he developed for an MBA project. As VP of Marketing, he helped the company grow revenue from zero until they were acquired by Bay Networks. He also sits on the advisory board for the Canadian Institute for Cybersecurity at the University of New Brunswick and is a member of the ICTC National Cyber Security Leadership Council on youth and education.

Mark holds a B.Sc. in Engineering Physics from Queens University and a Master of Business Administration from the University of Ottawa.

Rob Fried

Sr. VP, Forensics & Investigation
Sandline Global

Bio

Robert B. Fried has over 20 years of experience in the field of digital forensics. He has developed and instructed basic and advanced courses in computer forensics for / to law enforcement personnel, while a Computer Crime Specialist with the National White Collar Crime Center (NW3C) and has held senior leadership positions within global digital forensics practices for professional services organizations. Robert is Senior Vice President and Global Head of Forensics & Investigations for Sandline Global. He is a certified forensic examiner, a licensed private investigator in New York and South Carolina, and a licensed professional investigator in Michigan.

Robert obtained a Master of Science degree in Forensic Science and a Bachelor of Science degree in Forensic Science from the University of New Haven. He is a featured speaker at industry events, an invited guest for industry podcasts, and an author for industry publications, including PI Magazine, where he created the CyberSleuthing Department. Robert is the author of two books: Forensic Data Collections 2.0: The Guide for Defensible & Efficient Processes (published in 2022) and Forensic Data Collections 2.0: A Selection of Trusted Digital Forensics Content (published in 2023), available at Amazon and other online retailers.

Chris Pierre

Founder & Managing Director
KeyNorth Group

Bio

Having been a fraud investigator and open source intelligence professional for nearly two decades, I have dedicated my career to helping clients uncover the facts when a wrongdoing has occurred and helping them manage their risks. There is nothing quite like the “aha moment” when I figure out what has gone wrong in a client’s situation and can provide a solution. Not only am I deeply client-focused, but I am also truly captivated by fraud, open source intelligence, adult learning, and technology, both on and off the job. Over the years, I have been involved in hundreds of inquiries ranging from corporate litigation support, government fraud and corruption investigations to investor fraud, data breaches, and enhanced due diligence inquiries. I’ve also had the pleasure of training hundreds of investigation professionals in investigative research (i.e. OSINT).

As Founder & Managing Director of the KeyNorth Group, I am a passionate and tenacious entrepreneur and leader. Since 2008, I have worked with a team of talented professionals as we served a wide range of clients from across Canada and abroad, including government and law enforcement agencies, corporate clients, and not-for-profit organizations, to name a few. Leveraging a solution-oriented approach, the firm strives to shed light on confusing situations while helping clients identify gaps in their operations and policies.

Melissa Martineau

Head of Cyber Behavioural
Analysis & Research

Bio

Melissa Martineau has a Bachelors degree in Criminology and Sociology, an honours degree in
Criminology and a Masters of Criminology Applied degree from the University of Ottawa, Canada. She
began her career within law enforcement when she joined the Behavioural Sciences Branch of the Royal
Canadian Mounted Police (RCMP) in 2002. Prior to this time, she had conducted field placements and
contract work with the RCMP and the Ottawa Police Service.

Ms. Martineau has spent the majority of her 20-year career working in the field of Behavioural Sciences.
She has worked both as a researcher and operationally contributing to case work. Ms. Martineau has
worked with the Violent Crime Linkage Analysis System (ViCLAS), she has conducted considerable
empirical research work to support behavioural sciences and the investigation of violent, serial and
sexual crime. Ms. Martineau was on the implementation team for pre-employment polygraph testing
and the National Sex Offender registry. She has specialized in the area of sex crime, sexual homicide,
violent crime linkage, statement analysis and polygraph. Ms. Martineau lead the development of the
national Investigative Statement Analysis (ISA) program within the RCMP and has trained personnel
within the RCMP and in other police services in this technique. Ms. Martineau also spent three years
working at the Polygraph School at the Canadian Police College where she undertook polygraph training
and helped modernize the training curriculum. Ms. Martineau has taught on a number of courses at the
Canadian Police College, including the Violent Offenders Behaviour Course, Major Case Management,
Forensic Interviewing, Polygraph Examiners Course and Senior Executive Training.

Ms. Martineau joined the National Cybercrime Coordination Unit in 2019. She led the development of
the operational intelligence program and managed the operational intelligence team until 2021 when
she began developing the cyber behavioural analysis capacity of the NC3. Ms. Martineau is applying the
skill set she acquired working with the Behavioural Science team to the cybercrime domain. She is
currently the sole cyber behavioural analyst in Canada. She has worked in collaboration with the FBI
Behavioural Analysis Unit Cyber team and is providing cyber behavioural analysis services to support
cybercrime investigations led by Canadian police services. She is currently a doctoral student in Cyber
Psychology.

Neal Kushwaha

Chairperson
NSCOESN (Canada)

Bio

Neal KUSHWAHA is a recipient of the Royal Canadian Humane Association’s Silver Medal of Bravery and commendation
from the Governor General of Canada, an international bilingual speaker, chairperson of the NSCOE, a guest lecturer at
Stellenbosch University, and a motivational speaker. He operates an Ottawa based consulting firm, IMPENDO Inc.
(member of the Paris Call) serving governments and international agencies as clients. His research and consulting fall
within the cross-section of cyberspace, security, law, policy, and politics.

The NSCOE’s mission is to help safeguard Canada and Canadian interests by advising and guiding Canadian entities of
multidomain threats and risks to national security through collaborative research in the areas of strategy, policy, law, and
technology. As the current chairperson of the NSCOE, Neal’s responsibilities include (1) building awareness and (2)
increasing the capability and maturity of Canadian entities on sovereignty & national security threats and risks.

Working on his PhD, Neal has written and published papers on cyberspace related to the International Law of Armed
Conflict, International Humanitarian Law, International Human Rights Law, sovereignty, policy, doctrine, and technological
matters. Aligned with his PhD research, he supports nations with their cyber programmes. While he is a prominent speaker
at cyber conferences on the global stage, it is his climbing that generates the most interest. Climbing since 1992, he is an
experienced and accomplished mountaineer, and climbs under the banner of Big Climbs, including Everest.

David Sutherland

Corporal David Sutherland
RCMP

Bio

David has been with the RCMP for 27 years, starting his career in uniform working general duties in the Lower Mainland of British Columbia. After 5 years, David moved to a plain clothes, general investigation unit working on serious crimes.

After 10 years in BC, David moved to Toronto where he spent over 15 years working on Intellectual Property Crimes involving mostly Copyright and Trademark offences. He led a team of investigators working on IP crime and was the RCMP’s IP crime coordinator for Ontario.

Prior to moving into the Cybercrime Investigative Team, David taught Applied Police Sciences at the RCMP Training Academy in Regina and law at the University of Saskatchewan in Saskatoon.

During the last 4 years David has been working on Cybercrimes.

Vivek Gupta

President
HTCIA Ontario Chapter

Bio

Consulting Partner with track record of driving revenue growth in professional services through cross service-line collaboration, thought leadership, sales enablement, creative IPs and building a healthy vendor alliance network in Cybersecurity and technology risk function. Distinct technical & functional domain expertise gained from building professional service practices & building delivery teams from scratch while holding advisory, and professional services leadership positions with market leading organizations. Over 18 years of experience helping clients across multiple industry sectors, effectively manage their cyber, technology and compliance risks through technology enabled, customer-centric strategies and solutions. Relentless relationship builder, analytical thinker, consensus builder, C-suite communicator with excellent interpersonal and execution skills.

David Shewbert

Federal Relations & Operations
Authentic8

Bio

Robert Coccaro

Solutions Engineer
Authentic8

Bio

Robert Coccaro is a retired service member with experience in OSINT, Tactical Signals intelligence (SIGINT), and human intelligence (HUMINT) operations. After his military career, he has worked as a director of information technology (IT), technical trainer of thermal and infrared surveillance systems, developer of OSINT training curriculum, social engineering, and wireless pentesting programs for the Department of Defense (DoD) and commercial organizations.

Josh Gluck

Provincial Constable
Ontario Provincial Police

Bio

Provincial Constable Josh Gluck has been a member of the OPP for 23 years, holding various uniform positions from patrol officer to frontline supervisor, to Emergency Response Team (ERT) member. In recent years, he has worked for periods in the OPP’s Anti-Rackets Branch, Detachment Crime Unit, and on multiple cases with the OPP’s Criminal Investigations Bureau (CIB) and Cybercrime Investigations Team (CIT). In 2022, Josh formed a detachment-level team dedicated to improving investigations and better supporting victims of cyber-enabled and similar frauds that are now, unfortunately, a part of everyday life. Josh has presented case studies on cyber-enabled fraud and cryptocurrency-related crime to municipal, national, and international law enforcement, regulatory bodies, and the private sector, and regularly engages in community outreach, media, and education sessions on fraud trends, awareness, and prevention.

Plan Your Trip Today!

Les Suites Hotel Ottawa

Les Suites Hotel Ottawa, Ottawa downtown is a stone throw away.

One can experience the best of the capital city. It is actually near attractions like Parliament Hill, National Gallery of Canada and other top museums.

Hotel Les Suites Ottawa will give everyone the best of everything from comfort, location to outstanding service.

Learn More