About
Through 27 years of progressive technology experience, 23 of those in senior security…
Articles by Jamie
Activity
-
Reflecting on my four years at Canadian Tire Corporation, I’m deeply grateful for the incredible people I worked with and the experiences that shaped…
Reflecting on my four years at Canadian Tire Corporation, I’m deeply grateful for the incredible people I worked with and the experiences that shaped…
Liked by Jamie Rees
-
Who are we? At Cyber Business Review, we bring together crowdsourced cyber insights, real-world experiences, and bold perspectives that challenge…
Who are we? At Cyber Business Review, we bring together crowdsourced cyber insights, real-world experiences, and bold perspectives that challenge…
Liked by Jamie Rees
-
Decisions for an ISO27001 implementation - 1. Are you going to “go it alone” or get outside help? When implementing ISO27001 into an organisation…
Decisions for an ISO27001 implementation - 1. Are you going to “go it alone” or get outside help? When implementing ISO27001 into an organisation…
Liked by Jamie Rees
Experience
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Education
-
-
The National Association of Corporate Directors (NACD) in partnership with and the CERT Division of the Software Engineering Institute (SEI) at Carnegie Mellon University deliver a robust program that demonstrates the certification holder's advanced understanding of the role of the board and executive management in cyber-risk oversight.
-
Licenses & Certifications
-
-
Archer GRC Professional
RSA/Archer
Issued -
-
-
HISP - Holistic Information Security Practitioner
HISP Institute
Issued -
-
SCNA - Solaris 8 Certified Network Adminstrator
SUN
Issued -
GSNA Gold - GIAC Certified Systems & Network Auditor
SANS
Issued ExpiresCredential ID 266 -
GCIH Gold - GIAC Certified Incident Handler
SANS
Issued ExpiresCredential ID 387 -
GCUX Gold - GIAC Certified Unix Security Administrator
SANS
Issued ExpiresCredential ID 111
Volunteer Experience
-
Member of the Editorial Board
Cyber Security: A Peer-Reviewed Journal - Henry Stewart Publications
- Present 8 years 3 months
Education
Guide the journal's content and peer-review articles submitted for publication to ensure they are practical, authoritative and relevant.
Cyber Security is the major new peer-reviewed journal publishing in-depth articles and case studies written by and for cyber security professionals. It will showcase the latest thinking and best practices in cyber security, cyber resilience, cyber crime and cyber warfare, drawing on practical experience in national critical infrastructure, government…Guide the journal's content and peer-review articles submitted for publication to ensure they are practical, authoritative and relevant.
Cyber Security is the major new peer-reviewed journal publishing in-depth articles and case studies written by and for cyber security professionals. It will showcase the latest thinking and best practices in cyber security, cyber resilience, cyber crime and cyber warfare, drawing on practical experience in national critical infrastructure, government, corporate, finance, military and not-for-profit sectors -
Volunteer Organizer
BSides Fredericton
- 5 years 1 month
Education
Organizing the first iteration of BSides Fredericton, a information/cybersecurity conference that brings people of all skill levels together to share ideas and learn.
-
Industry member - Technology Advisory Commitee
New Brunswick Department of Education and Early Childhood Development
- 4 years 5 months
Education
Member of Deputy Minister's advisory committee on technology based educational programs.
-
Industry Lead - Curriculum Advisory Council
New Brunswick Department of Education and Early Childhood Development
- 1 year 1 month
Education
Providing Cybersecurity industry insight and recommendations for new curriculum development in the New Brunswick school system.
-
Judge / Panelist
SC Magazine Awards 2016-2018
- Present 9 years 5 months
Science and Technology
Members of this panel primarily are from end-user organizations. They are invited and chosen to participate as judging panelists for the Trust Awards categories based on their industry expertise and background. Typically, they lead information security divisions, play roles in implementing information security policies and plans for their organizations, and/or have in-depth knowledge or experience with testing, deploying or managing IT security products/services.
-
National Council Member - Maritime Provinces Coordinator
Canadian Cybersecurity Alliance (CCA) / Alliance canadienne sur la cybersécurité (ACC)
- Present 9 years 4 months
Science and Technology
The CCA/ACC formed to contribute to an increased understanding of the current state of cybersecurity in Canada, and coordinate the identification of future directions for research, education, dialogue and professionalization of the domain.
-
Member of the Advisory Board
CSO Digital
- 1 year 4 months
Science and Technology
CSO Digital is IT World Canada's quarterly security focused digital publication - a one-stop resource for timely, relevant, security news and insights you can rely on.
The Advisory Board is an insightful and esteemed group of security professionals from across Canada with real-life experience safeguarding data and ensuring trust.
http://digital.itwc.ca/cso-digital-may-2016/
http://digital.itwc.ca/f/cso-digital -
Subject Matter Expert - Reviewer Cybersecurity Certification Practice Analysis Task Force (PATF).
ISACA
- Present 10 years 10 months
Education
ISACA's new cybersecurity certification job practice
Perform an electronic independent review of the draft certification job practice and participation on a remote focus panel. Refining the list of task and knowledge statements that have been developed by the Cybersecurity Certification Practice Analysis Task Force (PATF). These statements represent the tasks performed by a 3 – 5 year cybersecurity practitioner and the knowledge necessary to conduct these tasks. -
Subject Matter Expert - Beta Exam Development
CompTIA
- Present 24 years
Education
Reviewed beta exam content and provided remarks to strengthen the original Security+ exam before its production release.
-
Research proposal evaluator
Natural Sciences and Engineering Research Council of Canada
- 2 months
Education
Review NSERC Collaborative Research and Development or Industrial Research Chair proposals for cybersecurity research and provide funding recommendations.
Publications
-
Changing the Information Security Story
Self
See publicationA short story I use to illustrate some of my thoughts on how to bridge the communications gap between Security and Business.
Honors & Awards
-
Lifetime Achievement Award
CISO Forum Canada
This award recognizes an individual who has made a great impact in the cybersecurity world, and within their communities as well.
-
CyberSmart2017 Award
CyberNB
Recognition for community involvement via work with ICTC to create and foster the CyberTitan program in Canada thereby demonstrating to kids the value and importance of developing these unique skills they can carry through life
-
CSO50 Award
CSO Online - IDG Enterprises
"The CSO50 Awards recognizes organizations for security projects and initiatives that demonstrate outstanding business value. The CSO50 Awards are scored according to a uniform set of criteria by a panel of judges that includes security leaders, industry experts and academics."
http://www.idgenterprise.com/press/cso-announces-the-2015-cso50-award-honorees-recognizing-innovative-use-of-security-in-driving-business-value -
Ingenious Award
TechNation formally Information Technology Association of Canada
Winner of the 2014 Ingenious Award in the Small to Med Public Sector category for our Security Event Management Centre. "Ingenious Awards recognize excellence in the use of technology to improve the performance of large and small businesses, government operations and not-for- profit organizations. The Ingenious Awards Program aims to build awareness of how enlightened Canadians are building more competitive enterprises, more effective organizations and a stronger Canadian economy through the…
Winner of the 2014 Ingenious Award in the Small to Med Public Sector category for our Security Event Management Centre. "Ingenious Awards recognize excellence in the use of technology to improve the performance of large and small businesses, government operations and not-for- profit organizations. The Ingenious Awards Program aims to build awareness of how enlightened Canadians are building more competitive enterprises, more effective organizations and a stronger Canadian economy through the innovative use of technology." https://ingeniousawards.ca/about/
-
North America Project of the Year Award Finalist
Tech Exec Network Information Security Executive Program
Finalist in the Academic/Public Sector Category "The Information Security Project of the Year Award focuses on information security projects completed in the past 12-18 months. These projects and their teams are recognized for having a significant impact to an organization's risk management or information security posture. This award brings to light the team behind the work. The project submissions are evaluated on their scope, goals, execution, and results."…
Finalist in the Academic/Public Sector Category "The Information Security Project of the Year Award focuses on information security projects completed in the past 12-18 months. These projects and their teams are recognized for having a significant impact to an organization's risk management or information security posture. This award brings to light the team behind the work. The project submissions are evaluated on their scope, goals, execution, and results." http://www.ten-inc.com/ise/default.asp
-
Americas Information Security Leadership Awards Finalist
(ISC)2
Finalist in the Senior Information Security Professional Category. "Americas ISLA aims to recognize the achievements of outstanding information security professionals who have led an industry workforce improvement initiative, program or project. The program recognizes professionals who are leading initiatives that result in a more proficient, resilient information security workforce in Central, North, and South America." https://www.isc2.org/PressReleaseDetails.aspx?id=12514
Recommendations received
4 people have recommended Jamie
Join now to viewMore activity by Jamie
-
ISO27001 Myths: 36: “You must do all the non conformities before the next certification audit. Not true. I do come across certification bodies and…
ISO27001 Myths: 36: “You must do all the non conformities before the next certification audit. Not true. I do come across certification bodies and…
Liked by Jamie Rees
-
ISO27001 suggested change 8. The word “appropriate” should be removed from ISO27001. The term “appropriate” usually implies some level of judgement…
ISO27001 suggested change 8. The word “appropriate” should be removed from ISO27001. The term “appropriate” usually implies some level of judgement…
Liked by Jamie Rees
-
1. ISO27001 Myths: 34: You must do a “proper” implementation of ISO27001 Not true. Although to be fair it really depends on what you mean when…
1. ISO27001 Myths: 34: You must do a “proper” implementation of ISO27001 Not true. Although to be fair it really depends on what you mean when…
Liked by Jamie Rees
-
ISO27001 Myths: 33: “The risk assessment must be repeatable to get the same results”. Not true. But read on…. ISO27001 actually says that you must…
ISO27001 Myths: 33: “The risk assessment must be repeatable to get the same results”. Not true. But read on…. ISO27001 actually says that you must…
Liked by Jamie Rees
-
ISO27001 Myths: 31: “Your ISMS must meet all the requirements of all the interested parties”. Not true. As a silly example, you may have interested…
ISO27001 Myths: 31: “Your ISMS must meet all the requirements of all the interested parties”. Not true. As a silly example, you may have interested…
Liked by Jamie Rees
-
ISO27001 Myths: 30: “There are some implicit requirements in ISO27001” Not true. There are no implicit requirements in ISO27001. It is what it is…
ISO27001 Myths: 30: “There are some implicit requirements in ISO27001” Not true. There are no implicit requirements in ISO27001. It is what it is…
Liked by Jamie Rees
Other similar profiles
Explore more posts
-
Alexander Rudolph
As we head into 2025, this will likely be an even busier year for me and Canadian Cyber in Context. There is a lot on the horizon regarding projects and events in Canada, and so with it, will changes be coming to Canadian Cyber in Context to enable me to provide the best research and coverage of Canadian cyber defence public policy. In 2025, you can expect to see me cover CAFCYBERCOM, CPCSC, and other important policy topics affecting Canadian cyber defence. To help, I am accepting paid subscribers who will receive additional access and supplemental content and will be accepting sponsors. None of this will have any impact on the content other than providing the space and support to dedicate more time to providing you with the best information possible about what the Government of Canada is doing with cyber defence. https://lnkd.in/gX-79w6v #Canada #CAFCYBERCOM #research #innovation #defenceindustry #cyber #canadianarmedforces
-
Richard Henderson
As a proud member of the Operation: Defend the North (ODTN) 2025 Advisory Board, I’m excited to share why this event is a must-attend for Canada’s cybersecurity leaders and professionals. Imagine this: a major telecom blackout strikes the West Coast. Communications fail. Industries are paralyzed. How do we as cyber security professionals respond? On April 3rd, in Vancouver, we’re bringing together public and private sector leaders for a high-stakes cyber breach simulation that tests our ability to defend against and recover from this critical scenario. Cybersecurity isn’t just a job—it’s a responsibility that we all share. This isn’t just an event; it’s where strategy meets action. Join us for an unforgettable day of insights, innovation, and impact. 👉 Secure your spot now: siberx.org/defendthenorth #wearecyber #defendthenorth #cybersecurity #westcoastdeadzone #cyberresilience
13 Comments -
John Menezes
This should not be happening! We need to create some national and provincial standards that everyone is required to follow especially governments and crown corporations. We have to take our heads out of the sand and address cybersecurity threats in a more proactive and modern approach. #cybersecurity #stratejm
3 Comments -
Alexander Rudolph
The Government of Canada released an Enterprise Cyber Security Strategy last month. Unfortunately, most media outlets overlooked or did not understand what enterprise cyber security means or is about. So, I decided to write an introduction to the first Canadian Enterprise Cyber Security Strategy. https://lnkd.in/gQ4nP7dc #Canada #defence #defenceindustrialbase #enterprise #cybersecurity #cyberdefence Canadian Cyber in Context #innovation #cyber #treasuryboard
8 Comments -
Hilary Carter
🇨🇦 If you're among the Canadian business leaders concerned about #cybersecurity as reported in a recent survey, cyber insurance is not a magic bullet, but only one part of a more comprehensive strategy. Engaging in OpenSSF, and implementing security best practices, is a proactive approach.
1 Comment -
John Menezes
🌐 Protecting Canada's Critical Infrastructure: New Cybersecurity Guidance from the CSE 🌐 Canada’s Communications Security Establishment (CSE) just released vital cybersecurity guidance to help critical infrastructure (CI) providers strengthen their defenses against evolving cyber threats. This new guidance offers an essential roadmap for CI organizations to navigate risks with greater resilience, offering frameworks and recommendations that address challenges specific to sectors like energy, finance, healthcare, and more. At Stratejm a Bell Canada company, safeguarding CI is a priority, and this guidance from CSE reinforces best practices we advocate in every cybersecurity engagement. With comprehensive recommendations on access management, network security, incident response, and system resilience, these insights are a crucial resource for any organization committed to protecting Canada’s infrastructure. 📌 Let's continue to fortify our security measures, foster cross-sector collaboration, and implement strong cyber defense frameworks. Together, we can build a more resilient digital Canada. #Cybersecurity #CriticalInfrastructure #Stratejm #CSE #Canada #teambell #bell https://lnkd.in/gufSNKqy
3 Comments -
Blair Attard-Frost
New legislation proposed for public sector AI in Ontario: "The proposed legislation includes introducing a definition of an “artificial intelligence system” that is in alignment with leading jurisdictions to create consistency in how AI is defined across the public sector and to support AI-related initiatives across the government. Ontario is proposing to establish accountability and transparency requirements for the Ontario government and public sector when using AI. For example, requiring these organizations to inform the public of when they are interacting with AI, or mandating that decisions made by AI always have a channel for human review — recognizing AI’s capacity for bias. The proposed legislation includes creating regulation-making authority to ensure responsible, risk-based AI use by select public sector organizations. This includes ensuring they are following Ontario’s Trustworthy AI Framework to protect people from unintentional harms and reduce liability and reputational risks that can arise from using AI technologies. These regulations would be developed through consultations with government and public sector stakeholders, Indigenous partners, and AI experts."
6 Comments -
Nadir Izrael
Today, Michael F., Juan Carlos B. and I are presenting at Operation Defend the North, a groundbreaking Canadian Cybersecurity Readiness Exercise hosted by siberX. We’ll discuss: • Detection of anomalies in the power grid monitoring system, leading to confirmation of a cyber breach. • Identification of roles and responsibilities. • Immediate investigation and response by security teams to contain and mitigate the breach. Don't miss out on this informative session. Learn more about it here: https://lnkd.in/gbej3cdf #DEFENDTHENORTH #Cybersecurity
-
Keith Lawson
While I agree that this is absolutely necessary and most definitely a step in the right direction the privacy and security concerns are mind boggling for healthcare systems integration at this scale. This will take careful planning with extensive advice from privacy and cybersecurity experts that do not have financial interest clouding their judgement. This can not be implemented the same way that internal systems integration is done today in healthcare. It will not be as simple as turning HL7 v2/3/FHIR on and opening the flood gates. I can't even start on the cloud risks here. Look at the recent Snowflake issues and imagine that on a national scale with the data being PHI of every Canadian citizen. Need I mention Change Healthcare? Please don't say AI. An exciting step in the right direction but if it's not built with privacy and security as a priority from the ground up we put the sensitive PHI of every single Canadian citizen at risk. Remember that "Streamline" and "secure" are often conflicting terms. #BillC72
-
Chris Yeo
I has been a hard summer so far for Cyber Security compromises. You should know what repercussions there will be to you and your downstream clients and upstream vendors. I am going to guess that when people heard of the 'IT issue' currently ongoing at Federated Co-operatives Limited, you wouldn't be thinking that your food supply would be impacted. Also, the comment about no customer data being lost, please understand if you are a Co-op member, they have information related to filing tax information for you. Of course, this is only the latest 'IT issue'. Do you think your org has done enough to keep your business moving during an issue like this? https://lnkd.in/g3tgUPDg
-
Yves Genest
This is a huge problem. Every risk assessment available indicates that this is a top risk. Yet the Government of Canada falls short according to this audit by the Office of the Auditor General of Canada / Bureau du vérificateur général du Canada https://lnkd.in/gsTCx6S5 #ITsecurity #it #cybercrime #itaudit #audit #performanceaudit
-
Rafael Roncancio Castillo
📄 Are you ready to navigate Alberta’s modernized access to information framework? Bill 34: Access to Information Act is transforming how public bodies handle requests for information, ensuring transparency while safeguarding sensitive data. Here’s what you need to know: • 🕵️ Enhanced Information Rights: Individuals have clearer and stronger rights to access records held by public bodies. • ⏳ Streamlined Processes: Simplified and efficient workflows for responding to access requests. • 🔒 Protection of Sensitive Information: Stricter exceptions to disclosure safeguard personal privacy and public safety. • 👥 Third-Party Considerations: Clear rules for notifying and involving third parties during access requests. • 💼 Accountability Measures: Independent oversight from the Information and Privacy Commissioner ensures compliance. ⚠️ Non-compliance is not an option. These updates reflect Alberta’s commitment to transparency and accountability in the digital age. ✅ Be prepared. Schedule a free consulting session with RSec Group to optimize your processes and ensure compliance with Alberta’s modernized access to information standards. 📩 Contact us @ https://rsecgroup.com/ #IBMpartners #IBMAmplify #RSec #IBM Freddy Alves Vaquero, Ian Wight, Pena, Nick Lisle, 🔐 Gabriel Murcia, Vivian Calderón Ballesteros, Lindsay Carreau, Paola Arbelaez, Rafael Bernabé Abad Figueroa, Pablo Luna, NATALIA DEL RIO, Johanna Ramirez, Claudia Patricia Rojas Medina, Eric Cranfield, Jamie Thrower, Elsa Patricia Pilonieta Matis, Jennifer Bila Casimiro, Alessandro F. B. Cardoso, Juan Diego Mesa Morales, Alejandra Guzmán, Mike L. Murphy, Monika Okorn
2 Comments -
Meta Techs
About May news 👌🏻 The Newfoundland Broadcasting Company, responsible for NTV and OZFM, disclosed a cyberattack and data breach. While on-air operations remain unaffected, the attackers, identified as the Play ransomware group, accessed company systems and threaten to release sensitive data online. The stolen information includes budget, payroll details, and client documents. A Cybersecurity analyst advises caution, urging the company not to pay the ransom unless absolutely necessary. Immediate steps should include bolstering cybersecurity measures, conducting a thorough investigation, and implementing robust data protection protocols to prevent future breaches. To know more steps to protect your business from ransomware click here 👇🏻 https://lnkd.in/ddd28KWs #cybersecurity #cloudsecurity #emailsecurity #cyberthreats #dubai #egypt #cybersecurityservice #cloudsecurity
-
BSides Edmonton
Interested in Threat Hunting and Cloud? In #BSidesEdmonton, we have another presentation from two security experts, Kai Iyer-Anoop Krishnan and Chi Phong Huynh both from EY Canada. Kai manages Applied Machine Learning Research and Security Engineering, holds multiple certifications and has extensive knowledge in various domains, including Web-App Development, Data Science, Incident Response, DevSecOps and Purple Teaming. Phong works on threat hunting, detection research for cloud environment, Azure Sentinel, AWS and develop Jupyter notebooks to support his daily incident response and investigation tasks in cloud and on-prem environment. Kai and Phong's session will explore the capabilities of Jupyter notebooks as a powerful tool to enhance threat hunting capabilities, especially across cloud platforms like Microsoft Azure and AWS. The focus is identifying common attack Tactics, Techniques, and Procedures (TTPs) utilized by threat actors, introducing detections mapped to the MITRE ATT&CK framework and threat hunting methodologies backed by unsupervised machine learning. To know more about the speakers and details, check out https://buff.ly/4aUna24! #cybersecurity #conference #speaker #announcement
-
Directpath Global Technologies Inc.
The recent report by Nova Scotia’s auditor general sheds light on significant cybersecurity gaps in the province's digital health system, raising concerns over data protection and governance. As reliance on digital networks grows, so does the urgency to implement robust standards that safeguard sensitive health information. Addressing these gaps is critical for building resilient, secure digital healthcare infrastructure. #Cybersecurity #HealthcareIT #DataProtection #NovaScotia #DGTI
-
Scott Birmingham
According to StatCan, Canadian businesses didn't increase their investments in information security in 2023. But- they paid MORE in recovery costs! Yikes. "The impact of cybercrime on Canadian businesses, 2023": https://buff.ly/3BUOUrI We're eager to see how 2024 went. Because truly, like that Fram Oil Filter commercial from the 70's, “an ounce of information security is worth a pound of financial loss.”
1 Comment -
Office of the Privacy Commissioner of Canada/Commissariat à la protection de la vie privée du Canada
The Communications Security Establishment reported last year that it blocks billions of cyber attempts against Government of Canada networks each day. #CyberMonth2024 #GC institutions must notify the OPC and TBS of all material #privacy breaches, which are breaches that could reasonably be expected to create a real risk of significant harm to an individual. In 2023-2024, the OPC received 321 reports of cyber incidents from the private sector, and only 37 from federal institutions. If your institution experiences a material #breach, don’t forget to report it. Our new secure online breach reporting form is making it easier to report: https://lnkd.in/dG5TS7cT
-
Canadian Defence Review
💡 #CyberDefence Update: Dave M. at Sapper Labs Group provides an overview of foreign interference threats in Canada. Learn how cyber-attacks and disinformation affect our democratic processes: https://loom.ly/HY3Hn1Q #CanadianDefenceReview #CDRmagazine #CanadianDefence #Defence
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Jamie Rees in Canada
-
Jamie Rees
Director of Group Strategy
-
Jamie Rees
Marina Management Professional
-
Jamie Rees
Web Designer
-
Jamie Rees
--
10 others named Jamie Rees in Canada are on LinkedIn
See others named Jamie Rees