misaApproximately 200 delegates attended the 2015 MISA (Municipal Information Systems Association) Annual Security Conference in beautiful Niagara-on-the-Lake last week. There was something for everyone – the techies had training sessions, there were humorous keynote speakers and very informative sessions on what governments are doing to keep us and our information safe.

Day 1 (Monday) was largely a training day with both Technical and Management Tracks. Later that day there was a welcome reception and dinner, with a hospitality suite to end the day.

Michel Juneau of Katsuya, a former CSIS staff member, kicked off Day 2 with a very interesting keynote address on how we should be viewing information security. “It is not enough to just meet the standards.” said Juneau. “An Information Security professional should be acting like an Intelligence Officer”. This means that we need to dig down further, examine trends, consider what new methods the ‘bad guys’ are now using, and constantly try to stay ahead of them.

Juneau also spoke about the 5 types of security threats: State sponsored; Industrial espionage; Organized crime; Hacktivism; and Insiders. He noted that 86% of all security breaches were facilitated by insiders. He also claims, justifiably, that the executive level staff are most likely to cause a breach as they frequently try to circumvent policy and procedures.

Richard Langley from the City of Ottawa and Ken Bendelier from CCIRC (Canadian Cyber Incident Response Centre) presented on the need for every organization to have a Security Program. Langley emphasized the need for IT to be able to speak business language to organizational leaders, and how InfoSec is really Risk Management.

Bendelier, aided by Frank Turbide from CCIRC spoke about how CCIRC track thousands of security incidents across Canada every day. According to Bendelier, only one third of security incidents are reported to CCIRC, meaning two thirds of all incidents are unknown to the organization incurring them.

One of the most insightful leadership sessions came from Marc Coyle from the City of Bellville. Coyle explained how he presented his IT vision for Bellville to senior leaders. He spoke about mentoring individuals who came through his organization, and how proud he was when these people became successful in their own rights.

To summarize his presentation, Coyle quoted John C. Maxwell: “A leader is one who knows the way, goes the way and shows the way”.

Tuesday evening saw the delegates head to Jackson-Triggs winery for an evening of wine tasting and delicious food. The delegates didn’t let the rain stop them from having a great time.

The Wednesday opening keynote was Michael Kerr, a very funny and inspirational speaker who spoke about the need for humour at work. “Laughter is actually the best medicine” said Kerr. “This has been proven by many different studies. Make sure you learn to have some fun while at work. You can’t be serious all the time”.

Next year, the annual security conference will be held the Hockley Valley Resort from September 26th – 28th, 2016. Make sure you put this event in your calendar for a few days of learning, networking and fun.