Toronto — SC Congress Toronto 2014, Canada’s most prestigious and influential event for information security leaders, announces its fifth annual conference and expo at the Metro Toronto Convention Centre, June 17 and 18, 2014. The event brings together the brightest minds in the IT and information security field – from both the public and private sectors – to address the ever-evolving security threat landscape and the solutions and strategies necessary for defending Canada’s critical infrastructure and its enterprises.

SC Congress Toronto has become a staple for the Canadian information security industry. Attendees expect to gain essential information on the latest threats and issues facing the government and enterprise today. This year’s gathering will explore a number of key issues, including: the impact the NIST framework will have on businesses and critical infrastructure security; the future of PCI; and how threat actors will take advantage of the Internet of Things. Security practitioners will not want to miss this year’s event and the practical strategies outlined by some of the leading voices in enterprise network security.

“SC Congress Toronto has made its mark by delivering information that IT professionals can actually use to protect their organization,” says Illena Armstrong, VP of editorial, SC Magazine. “This conference is an opportunity to share best practices and provide solutions and tactics for the risks Canadian IT professionals are facing right now. Don’t just read the headlines about PCI, advanced attacks and critical information protection. Be part of the conversation about what these headlines mean for the security industry at the SC Congress Toronto.”

The 2014 SC Congress Toronto keynotes include:

TACIT security: Institutionalizing cyber protection for critical assets

Ongoing compromises and breaches continue to impact the operations for both public and private sector organizations. And often it’s an organization’s own institutional barriers and culture that stand in the way of effective cybersecurity and risk management programs. How does one take the challenging but necessary first steps to make the protection of critical infrastructure a top priority for an organization? NIST’s Ron Ross will describe the TACIT security approach set forth by National Institute of Standards and Technology (NIST), identifying the key areas you can focus on to ensure your critical assets are protected.

  • Ron Ross, fellow, National Institute of Standards and Technology (NIST)

Internet of Things: Now we need to secure what?

From basic home appliances, like a refrigerator, to complex lifesaving devices, like a pacemaker, everything is connected to the internet. While the Internet of Things (IoT) is full of possibilities, like many technologies it has grown quickly and with little regard for security and privacy concerns. This session will address those concerns and discuss how they are being handled by organizations, as well as by information professionals.

  • Jim Nelms, CISO, Mayo Clinic

Other top sessions include:

– PCI revisited

In the wake of some of the most serious payment card industry breaches in history, what does this mean for the PCI requirements? How can PCI help you do your job and protect your organization better?

  • Gregory T. McLean, manager, information security, North America and Asia, Transcom International

– 21st century incident response

Security and privacy incidents force companies to reassess their risk profile. Is their assessment accurate? We’ll look at incident response beyond IT, including HR and audit for internal attacks; supply chain management and physical security for both data centers and hosted sites. This presentation will bring the harsh realities to those tasked with shaping the response to incidents.

  • Vikas Bhatia, CEO, Kalki Consulting

– Point-of-sale malware

2014 started off with quite a bang as we ended 2013 with retailers getting hit left and right at the POS. So what is this malware? How does it work? And what is to be done about it?

Additional must-attend sessions will address: 

  •     The art of cyber war
  •     Infosec impact on enterprise strategic goals
  •     Mobile: None of these things look like the other
  •     The sky is falling: How to make the most out of reporting on security
  •     SSL vs. IPsec: From PCs to smartphones and back again
  •     The state of protecting North America’s critical infrastructure
  •     Canadian privacy legislation
  •     Hackitvists, state-sponsored attacks and organized crime – Oh My!
  •     And much, much more!

A full list of speakers, a conference agenda, media partners, sponsors and participant registration can be found at

About SC Magazine

SC Magazine provides IT security professionals with in-depth and unbiased information through timely news, comprehensive analysis, cutting-edge features, contributions from thought leaders and the best, most extensive collection of product reviews in the business. By offering a consolidated view of IT security through independent product tests and well-researched editorial content that provides the contextual backdrop for how these IT security tools will address larger demands put on businesses today, SC Magazine enables IT security pros to make the right security decisions for their companies. Besides the monthly print magazine and vibrant daily website, the brand’s portfolio includes the SC Congress and Expo series (Chicago, London, New York, Toronto), SC Awards (U.S. and U.K.), SC Marketscope, SC Magazine Newswire and SC Magazine IT Security Executive Forums.