Farooq Naiyer

Chief Information Security Officer, ORION

Farooq is the CISO of the largest research and education network in Canada, The CISO role at ORION has been born out of a collaborative initiative supported by ORION and Fourteen of their constituent Universities and fifteen Colleges in Ontario (Known as Ontario Cybersecurity Higher Education Consortium). The role provides this community with strategic security thought leadership, while bringing them tangible working programs and tools for compliance, risk management, a governance framework as well as delivery of broader shared security services.  

Farooq brings rich experience of more than 19 years in cybersecurity, privacy, technology compliance and assurance. 

Prior to joining ORION Farooq was part of the Cybersecurity and Privacy team at PwC in Canada where he led several cyber security engagements.  Prior to that Farooq had led IT Assurance teams for a leading retail giant in Canada. He has also held leadership roles in leading financial institutions in the Middle East and south Asia. And has prior had association Big 4 consulting firms in south Asia.

He has strong academic background with BSc (Hons) (Computer Sciences) and PGD in Security Leadership. He holds various leading certifications in the area of Information Security and IT assurance which include CISA, CDPSE CRISC, ISO 27001 Lead Auditor, COBIT, PCI – QSA (Quality Security Assessor), PCIP and have attended numerous international and local training with regards to Information Security Management and IT audit & Compliance.

In recognition of the IS initiatives undertaken as the CISO of DIB Bank he was awarded the CSO Compass Award in 2010. He was also awarded the Presidential Award by EC Council in 2019 for organising the first EC Council CISO forum in Canada and for leading the charge to make Certified CISO the standard in Canada.

My Sessions

You’ve Been Breached! Now What?

What are the key steps to effectively deal with a security breach? Join this session for a step-by-step guide to incident response. We discuss:

  • Surveying and containing an incident, how to carry out a post-incident review and short term remedial actions to enact
  • Gathering evidence, engaging with regulatory bodies, seeking counsel and notifying affected parties
  • Lessons learned and updating controls and processes
  • Catherine Chapman, Cyber Security Journalist and Founding Board Member, InfoSec Hoppers