August 11th, 2023 meeting

DATE:June 9th, 2023
TIME:2:00pm to 4:00pm (PST)
VENUE:Virtual Meeting, Zoom registration link
TOPIC:FEARLESS – Why the business does not think cybersecurity is a problem


Every day, our newsfeed is cluttered with news of ransomware, data exfiltration, stolen crypto, phishing, supplier attacks, and even DDoS. To us, there is no doubt that the cyber landscape is fraught with dangers. The organizations we are working so hard to secure are always only a hair away from becoming the next headline. As technology and security professionals, we know this. But what about the business? Are they just as aware of the threats? Are they prioritizing the organizations’ resources to fight cybercrime? If the answer is “No” to either of these questions, they are probably naive to the risk they face, and think that bad things can only happen to others, right? Certainly, they are negligent in their duties, and could care less about their organizations’ proprietary information, their customers’ PII, and their third parties’ information? Or are they simply arriving at the wrong conclusion despite having done their utmost due diligence?

In this session, we will consider the different frames of mind and explore potential solutions to correct the business’ view that cybersecurity deserves some, but not more attention. We will discuss how to steer them with effective operational and risk management approaches so they are just as vigilant as we are.


Elson Kung is the founder and consultant of Cactimo. He has hands-on and leadership experience in operational risk management, guiding businesses to implement effective controls to reduce a diverse array of risks including cyber security, third party, data privacy, financial reporting, regulatory compliance, resilience, and fraud. For over 25 years, he has worked in IT, various functions in the business, and the front-line of a company with $128 billion of assets and $2.5 billion of income in 2022.

A former president of ISACA Vancouver Chapter, he now serves on the board of BCG Counselling Group, the Provincial Security Advisory Council of BC, and is a Toastmasters area director. He also volunteers, runs, hikes and bikes.

April 9th, 2021 meeting

DATE:April 9th, 2021
TIME:2:00pm to 4:00pm (PDT)
VENUE:Zoom Online meeting
RSVP Required – register at Zoom
TOPIC(S):Presentation 1: Why is phishing still an issue?
Presentation 2: Setting the CISO free
PRESENTER(S):  Presentation 1: Mike Fleck (Senior Director of Sales, Cyren)
Presentation 2: Rob Newby (CEO, Procordr)

Presentation 1 detail:


Why is phishing still an issue? Let’s take a look at the tactics attackers are using and discuss why these simple, yet sophisticated, tricks allow malicious messages to evade detection. Mike will share summary statistics about the scale and type of phishing attacks and also provide detailed examples of specific incidents.


Mike Fleck is the Senior Director of Sales Engineering at Cyren. With over 15 years of experience in information security, Mike holds patents for transparent encryption and automated encryption key management and has been featured in Security Week, Information Security Magazine, Information Management, and NBC News. Prior to Cyren, Mike was the Vice President of Identity Protection at 4iQ, a provider of dark web threat intelligence that helps to protect consumer identities and to investigate cybercriminals. Previously, Mike was the Vice President of Security at Covata Limited (ASX: CVT) where he directed US operations and global marketing. He joined Covata in 2017, by way of acquisition of CipherPoint which he co-founded in 2010 and was CEO. His vast experience with complex Fortune 500 and Federal Government environments includes technical leadership roles at Vormetric (acquired by Thales), High Tower Software (acquired by NetForensics), Predictive Systems (NASDAQ: PRDS), and Lockheed Martin.

Presentation 2 detail:


Cybersecurity is now front page news. Companies are exposed, and CISOs need to make strategic decisions. Lack of accountability can lead to large fines and even prison time for Board members, but they aren’t being appropriately informed. Rob Newby was a new CISO in this situation 2 years ago. His board was concerned, but about the wrong things.

Rob explains what we’re doing wrong now in Security, and what simple changes can be made for the better to fix issues in reporting, strategy, governance and the demand for skills.


Rob is a problem solver for UK and EMEA boards, as a CISO and Security Adviser Rob has returned failing programmes and projects to the critical path, including setting up and developing multiple lines of defence in parallel, defining and delivering measurable business value. He is now the CEO of UK Cybersecurity startup Procordr, delivering strategy and governance solutions to large enterprises He previously worked as a CISO to SmartDCC, Strategic Adviser to Group CISO at Admiral Group, and at Aviva Group, he was the CISO for General Insurance and Strategic Adviser to their UK CISO.

Friday, November 13, 2020 2pm to 4pm

Fri, Oct. 9, 2020 2:00pm — 4:00pm

DATE:November 13th, 2020
TIME:2:00pm to 4:00pm (PST)
VENUE:Zoom Online meeting
Please obtain passcode to enter meeting from email confirmation

RSVP Required – register at Zoom
TOPIC(S):Cyberwarfare: The New “Colder” War
PRESENTER(S):  Kevin Murphy

2:00 pm – 2:15 pm  Welcome and announcements
2:15 pm – 2:45 pm  Featured Presentation
2:45 pm – 3:15 pm  Break
3:15 pm – 3:45 pm  Featured Presentation
3:45 pm – 4:00 pm  Q&A 

Abstract:  Is Cyberwarfare actually the next World War?  Modern cybersecurity threats have evolved into very effective disinformation campaigns and destructive ransomware. What can we collectively do to protect ourselves, our business, and our democratic institutions? Hint: the solution is more than just technology.

Kevin was the VP of Cybersecurity Operations and Governance at, a retired US Air Force intelligence officer, and the former Director of Windows Security Architecture at Microsoft with over 25 years of experience in threat intelligence and information security. Kevin holds the CISM, CISSP, and CGEIT security certifications.