Research Directions and Industry Trends
Presented by the Information Systems Security and Assurance Management (ISSAM) Department in Mihalcheon School of Management, the monthly InfoSec Seminar Series provides high level talks on research directions and technology trends in the field of ISSAM.
The noon hour seminars are held on the second Thursday of every month from September to June. Talks are open to anyone interested in security research and technologies, not only to Concordia University of Edmonton (CUE) members.
Previous InfoSec Seminars
Missed a seminar? Access the recordings below:
November
The Seduction of Cyber Tools and AI: Are Your Defenses Armed or Just for Show?
This talk explores the evolving cyber threat landscape, where AI plays a key role on both sides of the cyber battlefield. While AI enhances threat detection and response, cybercriminals also use it to breach security in novel ways. The session focuses on the challenges SMEs face, common security weaknesses, and the need for continuous validation of security controls. It stresses the importance of continuous monitoring, assessment, and validation to ensure defenses remain armed—rather than just for show.
Speaker: Calvin Engen, CTO, CISSP, Managing Partner
October
Geopolitical Tensions and Cybersecurity: Strategic Insights for Canadian organizations
This session offers key insights for IT security leaders on staying proactive against international cyber risks. In today’s interconnected world, geopolitical tensions and cybersecurity are closely linked, with nation-states increasingly using cyberattacks to target critical infrastructure, governments, and private companies. As these attacks grow in frequency and severity, they can disrupt essential services and cause significant economic and social harm. Watch the seminar to explore how these geopolitical tensions impact the cybersecurity of Canadian organizations and what they can do to prepare for these evolving threats.
Speaker: Gaby Gamarra, Senior Technical Cyber Security Advisor, Canadian Centre for Cybersecurity
September
SAP Security – Risk Identification and Response
This talk aims to discuss applicable risks and potential responses to mitigate vulnerabilities uncovered within an SAP ERP environment.
Speaker: Justin Halabi, Senior Consultant, KPMG
June
Government Access to Data Examined
Join internationally recognized cybersecurity expert Tim Rains, VP & CISO at ADT, as he explores pressing concerns about U.S. government data access in the post-Snowden era. In this talk, Tim examines the growing tension between U.S. intelligence operations and European concerns over potential overreach. With over two decades of cybersecurity experience at leading companies like T-Mobile, AWS, and Microsoft, Tim sheds light on why European Union-based CISOs remain deeply concerned about U.S. surveillance laws like FISA and the CLOUD Act. Discover the data behind these concerns and why privacy-related fines on U.S. tech companies continue to rise in Europe. Don’t miss this in-depth discussion with author of “Cybersecurity Threats, Malware Trends, and Strategies” as he unpacks the truth behind economic espionage allegations and the source of EU-U.S. tensions.
Speakers: Tim Rains
May
Dissecting a Cyber Attack – A walkthrough along the Cyber Kill Chain
Join Jerbin Joy Kolencheril, Lead Cyber Security Engineer at Arctic Wolf Networks, as he dissects real-world cyber attacks in this informative presentation. With 7 years of IT experience and a Master’s in Information System Security Management (MISSM), Jerbin will guide you through the cyber kill chain, from initial reconnaissance to ransomware deployment and data exfiltration. Learn how attackers operate and discover effective measures to mitigate these threats. This talk is essential for anyone looking to understand and combat cyber risks.
Speakers: Jerbin Joy Kolencheril
April
ISSAM Graduate Student Presentations
This special edition of the Infosec series features two presentations by graduate students in our ISSAM programs. First up, we’ll hear research about security and privacy assessment frameworks to provide accessible technologies for blind and visually impaired people. Next, we explore research into self-sovereign identity and legacy data in the healthcare industry. Thank you to all of our presenters!
Speakers: Archana Govindarajan, Hrishil Kamal Shah, Tseide Krekelberg, Stella Chukwujama, Zhuoran Li, Agam Gupta and Brechin Piper.
March
The Evolution of Modern Cybersecurity
In this Seminar, Andrew Humphrey speaks to the latest threats in cybersecurity and how modern cybersecurity solutions are evolving to stop them, as well as how security is evolving from a reactive to a proactive approach. Todd McCullough provides a live demonstration of a leading-edge security platform, with examples of how it can map and stop breaches. Andrew Humphrey is an account manager at Trend Micro. Andrew has held roles in the Channel, National Account, and currently at Trend Micro. Todd McCullough is a Senior Solution Engineer with Trend Micro. Todd has more than 20 years of experience in the industry with some of Canada’s leading tech firms.
Speakers: Andrew Humphrey and Todd McCullough
February
Physics of Cybersecurity
In this month’s seminar, we explore the world of physics-based cybersecurity with Dr. Sebastian Fischmeister. Delve into innovative approaches that leverage physical properties to enhance computer system security. Discover real-world insights from attempts to commercialize these methods, including successes, failures, and lessons learned. From detecting intrusions in various systems to safeguarding against tampering and counterfeits, this presentation offers a comprehensive view of the challenges and advancements in cybersecurity across diverse domains.
Speaker: Dr. Sebastian Fischmeister
January
Let’s Make Fun of Cybersecurity
This presentation covers core cybersecurity concepts spanning people, processes and technology in a humorous way. Enjoy learning with a side of laughter in this fun edition of InfoSec.
Speaker: Prashant Prashant
November
Challenges faced by Canada’s Indigenous People in Cybersecurity
This presentation explores the challenges faced by Canada’s Indigenous People in Cybersecurity.
Speaker: Jarret Leaman
October 2023
The AI-Cyber Security Nexus: Risk Factor and Enabler
This presentation explores how AI plays a dual role in the cybersecurity industry, acting as both a significant risk factor and an area of opportunity.
Speaker: Glenne J. Grossman
September 2023
Empowering Cybersecurity Futures: Unlocking Potential through Local Professional Organization Memberships
The journey to launching a successful cybersecurity career requires crucial steps, including networking with like-minded peers and established professionals. Professionals organizations such as local Chapters and Affiliates in Alberta offer students the ideal platform for expanding their classroom knowledge. Through meetings with local leaders, tapping into their expertise, and listening to their experiences, students gain invaluable insights. These organizations facilitate access to potential job opportunities and keep them updated on current job trends and industry developments. By providing resources to connect with professionals and gain practical knowledge, they empower students to make informed decisions and excel in the field of cybersecurity.
Speaker: Hyma Pandyaram
June 2023
Cybersecurity Challenges within the Airline Industry
Five experts from WestJet’s Cybersecurity Governance, Risk and Compliance team provide an overview of risk assessment and privacy in the airline industry and their tips on transitioning from education into employment.
Speakers: Aaron Ferguson, Dan Neal, Alice Kramer-McNish, Alex Mabbott and Tolulope Mabo
May 2023
Psychological Trauma and Cybercrime
In this presentation, Dr. Katy Kamkar and Ryan Duquette introduced various cyber crimes and discussed how many of these crimes succeed due to human error. They also discussed the impact of cyber crime on mental health and provided some individual coping strategies. Finally, they discussed what organization should be focusing on to prevent such crimes from occurring and how to best support employees.
Speakers: Dr. Katy Kamkar and Ryan Duquette
Please note that the recording for this session is not available.
April 2023
Bridging the gap: Mitigating Cyber Risks in the Insurance Sector
The cyber threat landscape is continuously evolving which has led to an exponential growth in the cyber attacks. The insurance industry is particularly vulnerable because, among other things, they have in their possession valuable personal data of customers and financial assets. This presentation covers the cyber risks faced by insurance sector from both internal and external sources, including third parties. It also explores two real-life case studies to understand the security considerations for insurance companies and how to mitigate the security risks.
Speaker: Parul Khanna
March 2023
Protecting Your Digitalized Life
Getting to the Internet is a breeze with our enabled devices at home, work, school and vehicles. During the pandemic, we relied heavily on enabled devices, Wi-Fi, other technologies and social media platforms to keep us connected to family members, colleagues, classmates and coworkers. Gain information to safely protect your privacy and devices. During this interactive session, you’re welcome to make adjustments as you learn how to protect your digitalized life.
Speaker: Dr. Bonita Best
February 2023
From Conception to Delivery: The Journey to Publishing a Blockchain-based Manuscript
In this special seminar, celebrating MISAM’s 10 year anniversary, Dr. Shaun Aghili discusses Blockchain technology’s potentials and security challenges as a disruptive technology in the 2020s. Professor Aghili also shares his experiences and research supervisory procedures related to the publication of his most recent book thanks to the efforts of his research teams in 2021 and 2022.
Speaker: Shaun Aghili, CMA(US), CISSP-ISSMP, CCSP, CISA, CIA, CRMA, CCSA, CFSA, CGAP, CFE, CBE, CBSA, CBSP, CBPM
January 2023
Security Architecture and Risk Management in Retail Industry
The seminar introduces Security Architecture and how the Security Architecture Assessment process augments “Secure by Design Concept” in an organization along with Risk Management in the retail industry.
Speaker: Ranbir Singh Bali, MISSM, CEH, Microsoft Security Associate Security Architect, Cyber Security Department
Sobeys Capital Inc.
December 2022
What NOT to put in your resume
People are always asking what to put in a resume: what helps me stand out? What should I highlight? What fonts and formats should I use? However, people rarely ask what they should refrain from doing. After seeing nearly a thousand cybersecurity resumes over the years, Michael Spaling has noticed several everyday items that, if included, significantly reduce your chances of getting to the interview stage. In this presentation, Michael highlights these items in a fun and humorous way to ensure you avoid accidentally including them.
Speaker: Michael Spaling
Team Lead, Information Security
Office of the Chief Information Security Officer, University of Alberta
November 2022
Exploring Microsoft security, compliance, and identity features
During this talk, Mina describes the fundamentals of Security and compliance in Microsoft and how these fundamentals can help companies to protect their environment. Also, it helps organizations manage their regulatory requirements with greater ease. This talk also includes some guidance on Microsoft learning path and certifications.
Speaker: Mina Alinejad
Information Security Specialist, Grant Thornton LLP
October 2022
Overview of the Communication Security Establishment (CSE) / Canadian Centre for Cyber Security (CCCS) and the cyber skills shortage in Canada
Many cyber security jobs are unfilled at this time across the nation, so how do we ensure to fill the gap and keep Canada and its sectors secure? In this seminar, an historic overview of CSE and CCCS is presented as well as its mandate, role, activities and partnerships. It offers an overview of the current state and trends in the cyber world as well as the cyber skills gap we are facing today and what it means for those joining the workforce, where also promoting the role of women in the Cyber Security field is essential in helping secure the country.
Speaker: Mutaz (Mo) Ahmed
Senior Analyst at the Canadian Centre for Cyber Security
September 2022
What to know to be hired in Fortinet
In this presentation, Maninder Singh discusses the Fortinet Security Fabric, ZTNA and SDWAN. He also talks about central management and reserves the last few minutes to chat to students about current opportunities at Fortinet and how students can prepare to be successful in interviews.
Speaker: Maninder Singh
TAC Director at Fortinet
June 2022
For this seminar, two current ISSAM students walk us through their research. Each presentation is around 30 minutes including Q&A.
Talk 1: An overview of Programming Languages in Blockchain Development and Security
Speaker: Lilian Behzadi, M.Sc., P.Eng.
Graduate Student (MISSM) at Concordia University of Edmonton
Talk 2: Exploring SDN vulnerabilities
Speaker: Franco Jaraba
Network Proposal Specialist – Rockwell Automation Company
May 2022
Components of IT Audit: Understanding the IT Audit Process
The goal of this presentation is to provide an overview of the responsibilities and general duties on an IT Audit engagement. Elements of General IT Controls (GITCs) and IT Automated Controls (ITACs) are explained along with determining the layers where automated controls operate, linking those layers to specific risks arising from the use of IT and linking those risks to the GITCs that address them. This seminar is for anyone considering a career in IT Audit and wants to find out what the job potentially entails.
Speaker: Aman Dharni, M.Sc. (MISAM)
Consultant, Technology Risk Consulting
KPMG
April 2022
CEC-Council Webinar – Cybersecurity Career Paths
This EC-Council hosted webinar showcases the most sought-after certifications in the demanding cybersecurity industry. Take a deep dive into the desired job roles in Canada, what to expect for entry-level positions, and what certification options are available, plus the benefits of an Academia partnership. Join Wesley Alvarez and the Academia team discussing the cybersecurity workforce demand, career paths and certifications, and plan your next steps for a career in cybersecurity.
Speaker: Wesley Alvarez
Consultant, Technology Risk Consulting
Director of Academics
EC-Council | Academia
Tampa, FL
March 2022
The Role of the Office of the Information and Privacy Commissioner of Alberta
You may have heard of or read about Alberta’s privacy laws in the news, when you visit your family physician, in your academic program or especially when there are reported privacy breaches or public breach investigations. As a member of the public or as a student, you may be interested in knowing how your personal or health information in the custody or under the control of organizations, custodians and public bodies is protected or you may have expectations on the secure management of your information. When working for organizations (or if you have your own business), public bodies or health care custodians, as an employee or contractor, you are required to comply with the applicable privacy laws in Alberta or you may be part of a team that helps to protect the personal or health information of others. In this presentation you will get to understand the role of the Office of the Information and Privacy Commissioner as an enforcer of the privacy laws in Alberta. You will also get to understand the important role information security plays in the work the Office does from the review of privacy impact assessments and privacy breach reports to conducting privacy investigations including prosecutable (offence) investigations. The Protection of personal and health information is a requirement in all of Alberta’s three privacy laws.
Speakers:
Nji Lionel Nji, M.Sc. (MISSM), CISSP, CDPSE, M.Sc. Phys., B.Sc. Phys.
Senior Information, Privacy and Security Manager
Office of the Information and Privacy Commissioner (OIPC) of Alberta
Christine Wagoner, M.Sc. (MISSM), CISSP, CDPSE, CISA
Senior Information Privacy Manager
Office of the Information and Privacy Commissioner (OIPC) of Alberta
February 2022
Why is Privileged Access Management Important and How Can it Prevent Breaches from Happening?
Many breaches have happened due to lack of proper Privileged Access Management (PAM) control. A bad actor can gain access to the most crucial assets of organizations by breaking into their Active Directory, powerful accounts, or a service account. Bad actors take advantage of orphan or forgotten powerful IDs in an environment and find ways to infiltrate and gain access to deep local networks. They then exfiltrate this critical data and sell it in the black market. This presentation shows how PAM tools can help protect organizations and stop bad actors from gaining administrator control inside networks.
Speaker: Mohammad Mirheydari, M.Sc. (MISSM)
Senior Information Security Advisor
Scotiabank
December 2021
The Role of the Office of the Information and Privacy Commissioner of Alberta
Speakers:
Nji Lionel Nji, M.Sc. (MISSM), CISSP, CDPSE, M.Sc. Phys., B.Sc. Phys.
Senior Information, Privacy and Security Manager
Office of the Information and Privacy Commissioner (OIPC) of Alberta
Christine Wagoner, M.Sc. (MISSM), CISSP, CDPSE, CISA
Senior Information Privacy Manager
Office of the Information and Privacy Commissioner (OIPC) of Alberta
November 2021
Ransomware: Evolution and Future Trends
Speaker: Rasha Nasra, EdD
Academic Sector Lead
Canadian Centre for Cyber Security
October 2021
White-Box Cryptography and Some Implementations
Speaker: Tingting Lin, PhD
Software Developer
Irdeto
September 2021
Talk 1: Responding to Ransomware Attacks
Speaker: Martin Kratz, B.Sc., J.D., Q.C
Talk 2: Info Systems Security Panel Discussion
Panel Moderator: Tolulope Mabo, M.Sc. (MISAM 2017)
Panelists:
Mohammad Mirheydari, M.Sc. (MISSM 2016)
Parul Khanna, M.Sc. (MISSM 2016), CISSP, CCSP, CISM, CRISC, CDPSE, CCSK
Zeal Ekrebe, M.Sc. (MISSM 2020)
June 2021
Understanding Data Security, Privacy and Risk Management in Cloud
Speaker: Parul Khanna, M.Sc. (MISSM), CISSP, CISM, CRISC, CDPSE, CCSK, Microsoft AZ-900
Senior Security Risk Advisor
Manulife
Contact
If you have any questions regarding this series, please contact Shawn Thompson or Eslam G. AbdAllah, MISSM, Mihalcheon School of Management.