Event Agenda

June 2nd – 3rd, 2026 // Calgary, Canada

Day 2 // June 3rd 2026 08:15 – 04:30 Conference Chair : Martin Laberge, Exec. Director Cyber Security, CISO, Energir
	08:15Registration & Coffee
	08:50Chairman’s Opening Address : Martin Laberge, Exec. Director Cyber Security, CISO, Energir
	09:00Panel Discussion: Building Effective OT Incident Response: How Should We React When Disaster Strikes? . In the event of a cyber attack on our OT systems, what should be our first steps, and how should we prioritise protection and response? How can we best mitigate risk to prevent future attacks? How can we build our teams so they are prepared for such attacks? How can we best take care of our teams following an attack? What can we do to tackle stress and anxiety that may occur post an attack? What can we do so we are best prepared to respond to a cyber attack? . – Moderator: Martin Laberge, Executive Director & CISO, Énergir – Angie Fyke, Vice President, Head of IT, Ontario Medical Supply – Tolu Oni, Director, Cyber Security & Infrastructure, UFA Co-operative Limited – Wayne Silberman, Technical Field Director, Cohesity – Adina Schoeneman, Sr. Product Marketing Manager, CrowdStrike .
	09:40Case Study: Inside the Incident - A Real-World Cyber Response Case Study . How we initially detected the attack, and what our initial response was to an attack on our systems How we guaranteed effective decision-making despite operational and safety constraints, through coordination between OT, IT, engineering, and incident response teams How we effectively contained the attack, and what our disaster recovery strategy was to ensure restoration of industrial operations Our key lessons learned to improve our readiness for future attacks on our infrastructure . – Robert Rosales, VP of IT and Cyber Security, Oak Harbor Freight Lines .
	10:10Presentation: From Cybersecurity Strategy to Operational Resilience As cyber threats increasingly target critical infrastructure, traditional perimeter security is no longer adequate for Operational Technology (OT) environments. This session explores Zero Trust as an operational model for improving cyber resilience, governance, and compliance across converged IT/OT systems. Attendees will learn how identity-driven policies, segmentation, continuous verification, and centralized orchestration reduce risk while supporting industrial operations. The discussion also covers modernization, platform-based security architectures, Zero Trust maturity assessment, and phased implementation strategies aligned to resilience and business continuity goals. . – John Walsh, Field CTO for Government, FinServ, Manufacturing, Retail/Transportation & OT/IoT, IGEL Technology .
	10:40Breakfast Hosted by Armis & X10 Technologies

TRACK A Effective Strategies to Overcome IT/OT Convergence Challenges Chair: Martin Laberge, Exec. Director Cyber Security, CISO, Energir
	11:20Case Study: Building a Future-Ready Security Architecture: Our Journey . How we developed a roadmap for the best policies to implement to ensure our OT environments remain safe through IT-OT convergence efforts How a converged IT-OT SOC has helped strengthen a leading firm’s cyber security outlook Where security assessments have helped to ensure a secure architecture, while upgrading legacy assets The importance of a comprehensive audit in building a robust security system – Kajeevan Rajanayagam, Director of Cyber Security, University Health Network .
	11:50Presentation: Why IT/OT Convergence Initiatives Fail IT/OT Convergence is widely recognized as an enabler for operational efficiency and industrial transformation. However, many convergence projects underperform or fail to achieve their intended objectives, due to misalignment across the human, process, technology, and business domains. This presentation examines the strategic contributing factors behind the underperformance of many IT/OT convergence projects, drawing on first-hand experience in supporting convergence projects across critical infrastructure and industrial environments. The session provides a structured view of how these failure drivers can undermine the realization of convergence outcomes and presents actionable guidance that asset owners can adopt to improve the chances of success on their IT/OT convergence projects. . – ET Atere, ICS/OT Cybersecurity Consultant, WSP .
	12:00Presentation: Quantum Computing: A New Realistic Paradigm . Learn the basics of Quantum Computing Learn the practical applications where Quantum Computing is being used at present Explore Quantum Computing and how it influences cyber security – Prashant Prashant, Senior Cyber Security Advisor, Enbridge .

TRACK B Tackling Key Cyber Risks Faced Through Our Operations Chair: Trent Johannesson, CISO, Phoenix Energy Services
	11:20Case Study: When Cyber Meets Kinetic: Rethinking Risk in Peer-State Conflict Peer-state conflicts increasingly target civilian and industrial systems through combined cyber and kinetic effects. Drawing on lessons from recent conflicts, this presentation examines how cyber and kinetic operations could be used in support of adversarial goals. Attendees will learn how cyber-informed engineering, hazard analysis, and enemy-focused threat modeling can be applied to understand wartime risk and build resilience beyond traditional cyber incident response and continuity planning. . – Rob Sealock, Enterprise Architecture Manager (OT Cyber Security Lead), Fortis Alberta .
	11:50 Presentation: When the Bulkheads Hold But You Can't See: Telemetry as the Missing Layer in OT Cyber Resilience OT operators have spent a decade getting segmentation right: Purdue zones, DMZs, data diodes, jump servers, firewalls between every level. Those are the bulkheads, and they work. But when a real incident hits the plant floor, segmentation alone doesn’t tell you which compartment is flooding, how fast, or what’s adjacent. That’s the job of telemetry, and it’s where most OT security programs are quietly underinvested. Drawing on a global oil and gas deployment, this session examines where a vendor-neutral telemetry layer fits inside a defense-in-depth OT architecture. High enough in the Purdue model to avoid proprietary binary protocols, low enough to see what matters. We will discuss how telemetry data turns existing segmentation, TAPs, BAD sensors, jump servers, and historians into a sensor grid that supports the five functions every IR team needs under fire: detect, scope, contain, investigate, and report. . – Albert Caballero, Field CTO, Cribl .
	12:00Presentation: Early Warning Without an Incident: Lessons from a Targeted Malvertising Campaign This presentation examines a targeted malvertising attempt against Incident Command training materials in Alberta. While endpoint defenses prevented compromise, the decisive factor was rapid intelligence sharing. The session highlights how timely communication and trusted networks can stop emerging threats before they spread across critical infrastructure sectors. . – Ani Elgudzhyan, Cybersecurity Operations Advisor, City of Calgary .

–
	12:40 Lunch Hosted by IGEL Technology

TRACK A Adapting Our Strategies For Bill C-8 Compliance Chair: Martin Laberge, Exec. Director Cyber Security, CISO, Energir
	13:40Presentation: Bill C‑8: The Readiness Journey for CISOs Bill C‑8, An Act Respecting Cyber Security will soon become law and introduce new cybersecurity obligations for critical infrastructure operators across Canada. But what does the legislation mean in practice—and how prepared is your organization? This interactive session helps CISOs and senior security leaders navigate Bill C‑8 by clarifying which provisions apply, how key terms are defined, the anticipated implementation timeline, and the practical steps organizations should take now to prepare for its operational implementation. The discussion will focus on the protection of critical cyber systems spanning ICS, OT, IT, and AI environments, including supply‑chain considerations and the detection and reporting of cybersecurity incidents as defined under the Critical Cyber Systems Protection Act (CCSPA). Tailored for leaders in energy, transportation, telecommunications, finance and other CI sectors, participants will leave with clear takeaways, practical guidance, and a realistic view of their organization’s readiness in an evolving threat and regulatory landscape. . – Richard Larose, Cyber Principal, Strategic Advisor on Bill C-8, Cyber Partnership, Canadian Centre for Cyber Security .
	14:10 Panel Discussion: Will Compliance To Bill C-8 & Provincial Regulations Ensure Security? . What is Bill C-8? What is The Security Management for Critical Infrastructure Regulation (Alta Reg 84/2024)? How can we ensure our organisations comply with these regulations? Are these regulations enough? Or do we need to utilise global standards such as IEC 62443 to stay secure? Do these regulations help ensure security? Or do they create a false perception of security internally? . – Moderator: Osman Saleem, Program Manager – ICS and OT Cyber Security, Greater Toronto Airports Authority – Henry Bosch, Associate Director, Grid OT & Security, Epcor – Bernadette Silva-Nguyen, CISO, Trans-Northern Pipelines Inc. – Ani Elgudzhyan, Cybersecurity Operations Advisor, City of Calgary – Tim Dressel, Director, Information Technology, NTPC Limited – Terry Freestone, RCO, Canada Energy Regulator .

TRACK B Designing Security Strategies For The Technologies of Tomorrow, Today Chair: Trent Johannesson, CISO, Phoenix Energy Services
	13:40Presentation: From Variability to Victory: Standardising Cybersecurity for Virtual Power Plant and Aggregated DER Systems This presentation helps attendees: . Understand cyber risks and benefits of VPPs and aggregated DER systems Evaluate risk distribution across stakeholders (VPP owners, aggregators, utilities, OEMs) Explore shared responsibility models for cyber risk management Leverage the DER Standards Library (openei.org/der-cyber-standards) to strengthen DER aggregation and VPP cybersecurity Understand UL 2941 cybersecurity certification to support policymakers, regulators, utilities, and aggregators in enhancing grid security and fostering U.S. innovation. . – Danish Saleem, Team Lead – Energy Systems Security, National Laboratory of the Rockies .

TRACK B
Designing Security Strategies For The Technologies of Tomorrow, Today
Chair: Trent Johannesson, CISO, Phoenix Energy Services

13:40Presentation: From Variability to Victory: Standardising Cybersecurity for Virtual Power Plant and Aggregated DER Systems

This presentation helps attendees:
.

Understand cyber risks and benefits of VPPs and aggregated DER systems
Evaluate risk distribution across stakeholders (VPP owners, aggregators, utilities, OEMs)
Explore shared responsibility models for cyber risk management
Leverage the DER Standards Library (openei.org/der-cyber-standards) to strengthen DER aggregation and VPP cybersecurity
Understand UL 2941 cybersecurity certification to support policymakers, regulators, utilities, and aggregators in enhancing grid security and fostering U.S. innovation.

.
– Danish Saleem, Team Lead – Energy Systems Security, National Laboratory of the Rockies
.

–
	14:50 Break & Networking

Plenary: A Practical Demonstration of Cyber Security Risks in Industrial Control Systems Chair: Martin Laberge, Exec. Director Cyber Security, CISO, Energir
	15:20 Workshop: Practical Demonstration of Cyber Security Risks in Industrial Control Systems This session provides a hands-on demonstration of cyber security risks in industrial control systems (ICS) using a simulated industrial cooling process. It shows how attacks on cooling system controls can cause thermal imbalance and environmental deviations, highlighting real-world operational and safety impacts. The focus is on defensive strategies, including strict network segmentation, application whitelisting, preventing abuse of native protocols such as Modbus, and monitoring suspicious control commands. A physical Purdue-level model is used, featuring an ESP32-based SCADA/HMI control board, temperature sensors, and a fan. An attack using Living-Off-the-Land techniques and Metasploit on Kali Linux demonstrates how legitimate tools can be exploited in ICS environments. . – Prashant Prashant, Senior Cyber Security Advisor, Enbridge & Rajat Kumar Kundu, OT Network & Cyber Security Specialist, Capital Power
	16:20Roundtables: Pick a Table and Let’s Discuss! T1: Overcoming Common Attacks to ICS Environments – Discussing The Simulation Further Rajat Kumar Kundu, OT Network & Cyber Security Specialist, Capital Power . T2: Putting Our Mental Health First: How Can We Ensure Our Teams Stay Motivated Against an Expanding Threat Landscape? – Martin Laberge, Executive Director & CISO, Énergir . T3: Building Key Tools To Mitigate Cyber Risk Training Through Our Organisations Danish Saleem, Team Lead – Energy Systems Security, National Laboratory of the Rockies .
	17:00Closing Remarks by Martin Laberge, Exec. Director Cyber Security, CISO, Energir
	17:05End of Conference

Event Agenda

Join the Line-Up

Register Now

Request a Sponsor Pack

Contact Us

QG Media

Social

Privacy Policy