Quick links

InfoSec Seminar Series

Research Directions and Industry Trends

Presented by the Information Systems Security and Assurance Management (ISSAM) Department in Mihalcheon School of Management, the monthly InfoSec Seminar Series provides high level talks on research directions and technology trends in the field of ISSAM.

The noon hour seminars are held on the second Thursday of every month from September to June. Talks are open to anyone interested in security research and technologies, not only to Concordia University of Edmonton (CUE) members. 

Previous InfoSec Seminars

Missed a seminar? Access the recordings below:

June 2022

For this seminar, two current ISSAM students walk us through their research. Each presentation is around 30 minutes including Q&A.

Talk 1: An overview of Programming Languages in Blockchain Development and Security

Speaker: Lilian Behzadi, M.Sc., P.Eng.
Graduate Student (MISSM) at Concordia University of Edmonton

Talk 2: Exploring SDN vulnerabilities

Speaker: Franco Jaraba
Network Proposal Specialist – Rockwell Automation Company

May 2022

Components of IT Audit: Understanding the IT Audit Process

The goal of this presentation is to provide an overview of the responsibilities and general duties on an IT Audit engagement. Elements of General IT Controls (GITCs) and IT Automated Controls (ITACs) are explained along with determining the layers where automated controls operate, linking those layers to specific risks arising from the use of IT and linking those risks to the GITCs that address them. This seminar is for anyone considering a career in IT Audit and wants to find out what the job potentially entails.

Speaker: Aman Dharni, M.Sc. (MISAM)
Consultant, Technology Risk Consulting
KPMG

April 2022

CEC-Council Webinar – Cybersecurity Career Paths

This EC-Council hosted webinar showcases the most sought-after certifications in the demanding cybersecurity industry. Take a deep dive into the desired job roles in Canada, what to expect for entry-level positions, and what certification options are available, plus the benefits of an Academia partnership. Join Wesley Alvarez and the Academia team discussing the cybersecurity workforce demand, career paths and certifications, and plan your next steps for a career in cybersecurity. 

Speaker: Wesley Alvarez
Consultant, Technology Risk Consulting
Director of Academics
EC-Council | Academia
Tampa, FL

March 2022

The Role of the Office of the Information and Privacy Commissioner of Alberta

You may have heard of or read about Alberta’s privacy laws in the news, when you visit your family physician, in your academic program or especially when there are reported privacy breaches or public breach investigations. As a member of the public or as a student, you may be interested in knowing how your personal or health information in the custody or under the control of organizations, custodians and public bodies is protected or you may have expectations on the secure management of your information. When working for organizations (or if you have your own business), public bodies or health care custodians, as an employee or contractor, you are required to comply with the applicable privacy laws in Alberta or you may be part of a team that helps to protect the personal or health information of others. In this presentation you will get to understand the role of the Office of the Information and Privacy Commissioner as an enforcer of the privacy laws in Alberta. You will also get to understand the important role information security plays in the work the Office does from the review of privacy impact assessments and privacy breach reports to conducting privacy investigations including prosecutable (offence) investigations. The Protection of personal and health information is a requirement in all of Alberta’s three privacy laws.

Speakers:
Nji Lionel Nji, M.Sc. (MISSM), CISSP, CDPSE, M.Sc. Phys., B.Sc. Phys.
Senior Information, Privacy and Security Manager
Office of the Information and Privacy Commissioner (OIPC) of Alberta

Christine Wagoner, M.Sc. (MISSM), CISSP, CDPSE, CISA
Senior Information Privacy Manager
Office of the Information and Privacy Commissioner (OIPC) of Alberta

February 2022

Why is Privileged Access Management Important and How Can it Prevent Breaches from Happening?

Many breaches have happened due to lack of proper Privileged Access Management (PAM) control. A bad actor can gain access to the most crucial assets of organizations by breaking into their Active Directory, powerful accounts, or a service account. Bad actors take advantage of orphan or forgotten powerful IDs in an environment and find ways to infiltrate and gain access to deep local networks. They then exfiltrate this critical data and sell it in the black market. This presentation shows how PAM tools can help protect organizations and stop bad actors from gaining administrator control inside networks. 

Speaker: Mohammad Mirheydari, M.Sc. (MISSM)
Senior Information Security Advisor
Scotiabank

December 2021

The Role of the Office of the Information and Privacy Commissioner of Alberta

You may have heard of or read about Alberta’s privacy laws in the news, when you visit your family physician, in your academic program or especially when there are reported privacy breaches or public breach investigations. As a member of the public or as a student, you may be interested in knowing how your personal or health information in the custody or under the control of organizations, custodians and public bodies is protected or you may have expectations on the secure management of your information. When working for organizations (or if you have your own business), public bodies or health care custodians, as an employee or contractor, you are required to comply with the applicable privacy laws in Alberta or you may be part of a team that helps to protect the personal or health information of others. In this presentation you will get to understand the role of the Office of the Information and Privacy Commissioner as an enforcer of the privacy laws in Alberta. You will also get to understand the important role information security plays in the work the Office does from the review of privacy impact assessments and privacy breach reports to conducting privacy investigations including prosecutable (offence) investigations. The Protection of personal and health information is a requirement in all of Alberta’s three privacy laws.

Speakers:
Nji Lionel Nji, M.Sc. (MISSM), CISSP, CDPSE, M.Sc. Phys., B.Sc. Phys.
Senior Information, Privacy and Security Manager
Office of the Information and Privacy Commissioner (OIPC) of Alberta

Christine Wagoner, M.Sc. (MISSM), CISSP, CDPSE, CISA
Senior Information Privacy Manager
Office of the Information and Privacy Commissioner (OIPC) of Alberta

November 2021

Ransomware: Evolution and Future Trends

The past few years have seen an exponential growth in the number of Ransomware attacks as well as multiple high-profile incidents with record-breaking ransom demands. In this seminar, we examine the evolution of Ransomware, some of the technical factors that have enabled the surge in the frequency and number of Ransomware attacks, as well as some future trends that we expect to see in this space.

Speaker: Rasha Nasra, EdD
Academic Sector Lead
Canadian Centre for Cyber Security

October 2021

White-Box Cryptography and Some Implementations

Over the past two decades, the field of cryptanalysis has experienced major changes with the violation of the black-box premise that the attacker only has access to observations external to an implementation of a cryptographic algorithm. Attacks focused on the implementation details of cryptographic primitives in devices are called white-box attacks, which have become common in recent years. With white-box attacks, one can no longer assume that an operating environment can be trusted. An adversary can directly observe and tamper with the implementation to extract information about the cryptographic key.  Therefore, the traditional cryptographic algorithms that have been built on the assumption that the adversary has only access to the external data as per a black box model functionality generally incorporate no countermeasures to such attacks. White-box cryptography (WBC) was proposed to address this problem – it aims to provide security even where the attacker is able to perform invasive active attacks on the software implementation of the cryptographic algorithm.

Speaker: Tingting Lin, PhD
Software Developer
Irdeto

September 2021

Talk 1: Responding to Ransomware Attacks

The presentation explores aspects of the growing ransomware threat taking the audience through the lens of two real attacks. The presentation considers issues around payment as well as issues using blockchain. Mr. Kratz concludes looking at options to recover ransom payments and steps to reduce the risk of these attacks.

Speaker: Martin Kratz, B.Sc., J.D., Q.C

Talk 2: Info Systems Security Panel Discussion

A panel discussion on the need for security professionals in businesses and governments. Our Panelists share their experiences with the latest technology and research trends in information security and what students need to learn and acquire to be successful in finding employment.

Panel Moderator: Tolulope Mabo, M.Sc. (MISAM 2017)

Panelists:
Mohammad Mirheydari, M.Sc. (MISSM 2016)
Parul Khanna,
M.Sc. (MISSM 2016), CISSP, CCSP, CISM, CRISC, CDPSE, CCSK
Zeal Ekrebe, M.Sc. (MISSM 2020)

June 2021

Understanding Data Security, Privacy and Risk Management in Cloud

Organizations are rapidly moving to cloud providers to reduce costs, pursue digital transformation initiatives, and improve the agility of business. This session is centred on discussing fundamental cloud computing concepts, characteristics and services. It delves into how data security is achieved within cloud environment, best practices for systems and applications to protect data and reviews the risk associated with each of the cloud deployment models. In the end, the session also talks about cloud-based certifications and learning resources for folks looking to dive deep into the realms of cloud security.

Speaker: Parul Khanna, M.Sc. (MISSM), CISSP, CISM, CRISC, CDPSE, CCSK, Microsoft AZ-900
Senior Security Risk Advisor
Manulife

Contact

If you have any questions regarding this series, please contact Shawn Thompson or Eslam G. AbdAllah, MISSM, Mihalcheon School of Management.