Committee Members

CISO Forum Canada – Committee Members

mohsen web 1 - Committee Members

Mohsen Azari

Senior InfoSec Cyber Security Manager, Walmart Canada

“During the past 20 years, Mohsen has worked in technology field helping people and organizations find better and safer solutions to their business problems.”

Mohsen Azari is a Senior Cyber Security Manager for Walmart Canada. He is an advocate of Agile security, and a public speaker at various DevOps and AI conferences. He has been with Walmart for past 8 years. Mohsen’s responsibility is to ensure Confidentiality, Integrity and Availability of Walmart assets, as well as protecting customer and associates information. He graduated from McMaster University, Hamilton, Ontario in 1995, and obtained his CISSP in 2006. He is currently a Gartner Evanta governing body member, and a lean Belt certified.

During the past 20 years, he has worked in technology field helping people and organizations find better and safer solutions to their business problems. He has led multiple teams of infrastructure and security professionals, and collaborated extensively with clients, business stakeholders, and leaders to achieve individual and organizational goals.

Some highlights of his career include co-authoring first MPAA Anti-Piracy and Security Standard, otherwise, known as CDSA APCP, Implementing Walmart Canada bank Security posture, as well as the new Walmart Photo Centre. He is a firm believer that, dealing with modern security threats would require fresh thinking and innovation in all facets of technology. His recent work on GRC and Incident response has allowed him to build a framework for continuous risk evaluation and mitigation.

leung web 1 - Committee Members

Michael Leung

Principal & Management Consultant, CANADIAN CYBERSECURITY INC.

“Michael was previously the head of Information Security at a Canadian financial institution for over 11 years…”

Michael Leung is an experienced leader of governance and risk management in cyber/information security with more than 15 years of senior level management responsibility. He is the principal of CANADIAN CYBERSECURITY INC. and a management consultant – helping businesses and organizations identify, prepare for and mitigate cyber risks by providing counsel and expertise in risk management, strategy, and tactics.

Michael was previously the head of Information Security at a Canadian financial institution for over 11 years, and also an active volunteer and a leader within the local, national and international cyber/information security, IT governance and risk community. He has volunteered on a number of task forces, working groups, and committees for ISACA International, and is also a member of the Institute of Corporate Directors. As a past President and Board chair of the ISACA Vancouver Chapter, he was responsible for the oversight and direction of chapter operations in promoting the practices and the development of professionals in IT risk, governance of enterprise IT, information security management, and IT assurance within the local business and academic community, and chapter membership.

ISACA is a non-profit, global membership association for IT and information systems professionals, and consists of more than 450,000 engaged professionals, more than 135,000 members in 188 countries, including 217 chapters worldwide and offices in both the United States and China.

Jamie Web - Committee Members

Jamie Rees

CISO, Energie NB Power

“Jamie has spent the past 18 years in senior roles, cultivating security cultures, creating new positions and developing award winning programs in telecommunications…”

Jamie Rees believes in cybersecurity as a provider of value and enabler of innovation in organizations. He has spent the past 18 years in senior roles, cultivating security cultures, creating new positions and developing award winning programs in telecommunications, financial services, government, and utility verticals.

Jamie shares, with the teams he has directed, the North American CSO 50 Award, the IT Association of Canada Ingenious Award for technology projects demonstrating outstanding business value, and was presented with the CyberSmart Award for his work demonstrating to students the importance of developing cybersecurity skills. He holds an MSc in Information Security from Royal Holloway and is certified in cyber-risk oversight by the National Association of Corporate Directors and Carnegie Mellon SEI.

Jamie works for a NB Power as the Chief Information Security Officer. He is also a member of the editorial advisory board for the UK based Cyber Security: A Peer-Reviewed Journal, a co-founder of B-Sides Fredericton, and serves as chair on ICTC’s National Cyber Security Leadership Council on Youth and Education.

hughb web - Committee Members

Hugh Burley

Director of Information Security, Thompson Rivers University

“Hugh is the Director of Information Security for Thompson Rivers University in Kamloops, British Columbia and the ISO for BCNET, BC’s regional post-secondary research network.”

Hugh is the Director of Information Security for Thompson Rivers University in Kamloops, British Columbia and the ISO for BCNET, BC’s regional post-secondary research network. He has been leading TRU’s information security program since 2007. Hugh has served in a variety of capacities in regional and national working groups and boards and holds current Information Security, Risk, Audit, and Privacy professional certifications.

Prior to working in the post-secondary environment Hugh worked in the private sector in various technical and project management roles.

FaroqN web 1 - Committee Members

Farooq Naiyer

CISO, Orion

“Farooq brings rich experience of more than 15 years in the area of cybersecurity, privacy, technology compliance and assurance.”

Farooq is the CISO of the largest research and education network in Canada, The CISO role at ORION has been born out of a collaborative initiative supported by ORION and five of their client Universities and three Colleges in Ontario. The role provides this community with strategic security thought leadership, while bringing them tangible working programs and tools for compliance, risk management, a governance framework as well as delivery of broader shared security services.

Farooq brings rich experience of more than 15 years in the area of cybersecurity, privacy, technology compliance and assurance.

Prior to joining ORION Farooq was part of the Cybersecurity and Privacy team at PwC in Canada where he led several cyber security engagements. Prior to that Farooq had led IT Assurance teams for a leading retail giant in Canada. He has also held leadership roles in leading financial institutions in the Middle East and south Asia. And has prior had association Big 4 consulting firms in south Asia.

He has strong academic background with BSc (Hons) (Computer Sciences) He holds various leading certifications in the area of Information Security and IT assurance which include CISA , CRISC , ISO 27001 Lead Auditor , COBIT , PCI – QSA ( Quality Security Assessor) , PCIP and have attended numerous international and local training with regards to Information Security Management and IT audit & Compliance.

In recognition of the IS initiatives undertaken as the CISO of DIB Bank he was awarded the CSO Compass Award in 2010.

He has delivered lectures at some of the leading universities in South Asia on IT Audit, Information Security Management and IT Compliance. And conducted several workshops in the same area.

He was selected as the Community Leader for “Information Security Management” at the cybersecurity conference at Las Vegas – USA organized by the Information Systems Audit and Control Association. He has served on the Board of Directors of the local chapters of Information Systems Audit and Control Association – in the past.

SalmanAshraf web - Committee Members

Salman Ashraf

Director IT Security/Risk, Travelers Canada

“Salman has led high-performing teams in consulting environments to develop IT security programs and create enterprise-wide risk aware cultures”

Salman is the Director of IT Risk at Travelers Insurance where he leads the IT Risk, Security, and Compliance activities. In this role, he is the primary point of contact spanning diverse activities including: Risk Management practices (utilizing ISO 27005/31000, NIST, COBIT, ITIL, and TRA); Threat and Vulnerability Management; IT Audit/Compliance (SOX, PCI, OSFI); and Business Continuity.

Previously, Salman has motivated and led high-performing teams in consulting environments to develop IT security programs and create enterprise-wide risk aware cultures for his clients in North America and The Middle East. As a consultant, Salman managed and delivered over 50 successful information security and risk projects in Information Security, Cyber Security, IT Audit, IT Risk Management, and Business Continuity for large financial and telecommunication organizations. The projects included ISO 27001 implementation and certification, PCI Compliance implementation and attestation, and establishing Security Operation Centers.

Salman holds an MBA in Technology Management in addition to numerous security and risk certifications including PMP, CISSP, CISA, and ISO 27001. Salman enthusiastically pursues continuous professional development opportunities; he has completed Harvard University’s Cybersecurity Managing Risk in the Information Age Certificate.

sunnyjassal web - Committee Members

Sunny Jassal

CSO, British Columbia Institute of Technology

"Sunny brings with him nearly two decades of progressive experience in leading Enterprise IT, Cybersecurity and Risk Management across various sectors."
Sunny Jassal is a transformational leader who is highly skilled at aligning vision with business strategic goals. He brings with him nearly two decades of progressive experience in leading Enterprise IT, Cybersecurity and Risk Management across various sectors, including higher-education, health, policing, compliance and telecom. Sunny has a keen interest in transforming IT and organizations toward digital optimization and transformation. With special interests in Cyber Security he leads by the principle of ‘security by design’.

Sunny is currently the Cyber Security Officer at British Columbia Institute of Technology (BCIT), BC's largest post-secondary institution. As a Cyber Security Officer, he provides leadership and oversight over all aspects of enterprise cyber security, including IT GRC, policy formation and application. Prior to joining BCIT, Sunny severed as a Director of IT for British Columbia Medical Association providing leadership and oversight over all aspects of IT (Enterprise Architecture, Network, Cyber, Software Development and Service Delivery).

Sunny is dedicated to the profession and thrives on challenges in both professional and personal life. He is also an active member of, and participates in, various local, national and international Information Technology, Cybersecurity, IT governance, and Risk management communities. He also serves as a Director to the board of ISACA Vancouver Chapter where he provides strategic leadership and direction to the chapter’s Cybersecurity certification program.

Sunny holds a Bachelors of Technology (B.Tech with distinction) in Technology Management from British Columbia Institute of Technology (BCIT), and various top industry certifications: Certified Chief Information Security Officer (CCISO), Certified Information Security Manager (CISM), Systems Security Certified Practitioner (SSCP), Microsoft Certified Systems Administrator (MCSA) and Microsoft Certified Technology Specialist (MCTS).

Bashir Fancy - Committee Members

Bashir Fancy

Managing Director, Corporation Solutions & Services Inc.

"Mr. Fancy’s experience includes Operations, Systems, Finance, Risk Management & Security, Audit, IT, Marketing & Sales and Strategy at organizations that included Citibank, SNS.."

Bashir Fancy is the Managing Director, Corporation Solutions & Services Inc., providing Risk Management, Governance, Security, Operations, IT consulting services globally. Mr. Fancy is former Chairman and Chief Executive Officer of Canadian Information Processing Society National Board (CIPS). Former President of Canadian Information Processing Society – Ontario (CIPS Ontario). Mr. Fancy continues to worked very closely with Colleges, Universities and Corporations across Ontario, Canada and globally. He is helping develop programs for Students and is on PAC Advisory Board of Universities and Colleges. Mr. Fancy is heading the cyber security task force and has started a cyber security meetup that has attracted a lot of members, including students, where sharing of the current trends, challenges and how to deal with these evolving threats is paramount. He is a thought leader in the fast-paced changing environment of Technology landscape. He has been the Senior Executive Advisor, with Deloitte & Touché and held similar position at Grant Thornton. Bashir Fancy also headed operations at Citibank, headed the Payments business at SNS (3rd party processor that later became known as Emergis when acquired by Bell Canada), and managed operations in Air Canada, including Product Management, IT and Customer Service. As an Auditor he was exposed to many different businesses globally to review their end to end operations, including IT, Risk Management & Security, Marketing & Sales, Finance & Customer Service. Mr. Fancy mentors many executives as well as many students.

Mr. Fancy served as the Executive Vice President for Risk Management & Security at Visa International Head Office and was also their Global Head of Internal Audit for Visa in San Francisco. He led original team that developed the “Account Information Security” –Data Security Standards (now known as PCI- DSS), impacting any Organization that stores, processes or transmits Credit or Debit card information. Bashir Fancy, in his previous role as the Head of Risk Management & Security for Visa Canada, developed & implemented a strategy of Fraud Prevention Program that led to 50% reduction in fraud losses, after a growth of 40% per year for 5 previous years. This strategy was adopted globally. Mr. Fancy continues to assist financial institutions globally including the World Bank, Telecoms, Retail businesses and others to deal with the root causes and become efficient, secure and compliant. Mr. Fancy is amongst the very few who understand the Payment business inside out and has extensive experience in Retail, Airline, 3rd party processing and the Banking world that spans many countries. Mr. Fancy’s experience includes Operations, Systems, Finance, Risk Management & Security, Audit, IT, Marketing & Sales and Strategy at organizations that included Citibank, SNS ( initially acquired by BCE and became Emergis, now absorbed into TELUS) –a 3rd party processor that did all the backend processing & point of sale for Canadian Banks and major retailers. Mr. Fancy also held senior management role in Air Canada and the “Supermarket Group”, after starting his career at West, Wake & Price (Auditors) –became part of Price Waterhouse to do his accountancy and then move to the Corporate world to take on Technology certification. Mr. Fancy is frequently asked to speak at Conferences globally and provide advice on Governance, Risk Management & Security, PCI-DSS, Big Data, Analytics, IoT, Operational efficiency and forensic work. Mr. Fancy Chairs Conferences on Smart Utilities of the Future as well as the Global Mining Conference and heads/manages Round Tables for senior executives on Technology/Governance/Risk Management/Security and businesses of the future. He has excelled at change management and does a lot of mentoring to ensure succession planning. Mr. Fancy continues to be involved in Mobile Payments, Mobile Wallets combined with changing landscape of Payment Industry & Technology/Security in general.

Samer Adi - Committee Members

Samer Adi

VP Infrastructure and CISO for Interac

"Before joining Interac, Samer was the head of information security and internal controls for a large retail company in Canada..."

Samer Adi is currently the VP Infrastructure and CISO for Interac.

Before joining Interac, Samer was the Head of Information Security and Internal Controls for a large retail company in Canada. He lead a team of security professionals to provide the best information security protection possible and maintain compliance with regulator’s requirements. Prior, Samer was the CISO for the Canadian office of a global IT consultancy company. He managed a team responsible for providing complete cybersecurity services externally to clients and internally within a global structure. Samer was also the CISO for the largest payment processing company in Canada. He was able to maintain PCI-DSS and PA DSS complaint status for the company over the years. In addition, he served with the largest network provider for white label ATMs with the same capacity. He has more than 30 years’ experience in information security and information technology infrastructure support.

Samer published two books in computer maintenance that are part of the Grade 11 and 12 curriculum. In his spare time, Samer helps grassroots soccer players to advance their skills to become better athletes

Michael Web - Committee Members

Michael Ball

Information Security Adviser
& vCISO at TeamCISO

"Currently, Michael is working to provide an enterprise Information Security program as Virtual CISO to several smaller brands..."

Over the past 30 years, Michael has had opportunity to work as Information Security Advisor with and for many of Canada's largest financial and Insurance brands. From Security Architect to IT Audit Mediator, to CISO in several distinguished organizations, Michael has championed governance, compliance and risk from a business values perspective. Currently, Michael is working to provide an enterprise Information Security program as Virtual CISO to several smaller brands that individually could not justify a full time CISO.