Feb 2026 Dual Talk Event: Raising Cyber Awareness Through Electronic Word of Mouth | Securing Shadow AI
9 views
Skip to first unread message
Yuk Fai Chan
Jan 30, 2026, 11:11:41 PMJan 30
to Toronto Chapter
Hello OWASP Toronto!
We are pleased to announce our next chapter meetup. Join us on February 12 for an exciting event with talks by Dane Vanderkooi and Daniel Shechter.
As a reminder, this will be a hybrid event. Thank you once again to Security Compass for hosting us in person. Please find more details on our Eventbrite page!
Best,
Yuk Fai
**************************************************************************************
Date: February 12, 2026
Time: 6:30 PM ET
In person location: Security Compass, 325 Front Street West, Unit 103, Toronto, ON
Presentation #1: Raising Cybersecurity Awareness Through Electronic Word of Mouth: A Data-Driven Assessment
Awareness of the many cybersecurity threats, vulnerabilities, and solutions to mitigate these threats/vulnerabilities is instrumental in improving basic cybersecurity behaviours. A healthy body of knowledge has been devoted to exploring how to better increase awareness, in any given topic, among members of the general public which have explored the role of word of mouth (WOM) and electronic word of mouth (eWOM) in spreading awareness. In recent years, the rise of social media platforms as an alternative communication channel has created efforts to promote cybersecurity awareness online regarding the numerous cybersecurity threats. However, little research attention has been devoted to exploring eWOM communication on social media surrounding cybersecurity awareness. Moreover, no research to date has considered the impact of the COVID-19 pandemic on these eWOM discussions related to cybersecurity awareness. To address these literature gaps, this research collected 227, 270 relevant tweets surrounding cybersecurity awareness from 2018 to 2022 conducting an exploratory analysis of the corpus using social network analyses, topic modelling and semantic similarity analysis. The results found topics rose in prominence and then dissipated as newer topics emerged while information was found to spread incredibly far despite a high degree of community forming, suggesting the online discourse is very open and evolving over time. These findings illustrate the potential of social media as an effective tool for raising cybersecurity awareness. The impact of COVID-19 observed an increase in the reach of information in addition to new specific topics emerging in the discourse, but the effects appear to be temporary.
Speaker: Dane Vanderkooi
Dane Vanderkooi is a fifth-year Doctoral Candidate in management science at TorontoMet University who specializes in researching cybersecurity and digital privacy behaviours. He completed his bachelor's of commerce at Uottawa and holds a master's in management science degree from Ryerson University. Dane has published his research in academic journals, conferences and industry reports. Dane has also presented his research at various conferences including HC2P, SERENE-RISC, HCII, CyberToronto, ASAC and SocialMedia+Society, AMCIS, and ICIS. Dane is certified in cybersecurity (CC) from ISC2 and has practical experience working in the field of cybersecurity with private industry, non-for-profits, and the public sector including the Canadian Armed Forces, Public Health and Safety Canada, Justice Canada, Innovation Science and Economic Development (ISED), Bell, BMO, Desjardins, Ritchie Bros and Achev.
**************************************************************************************
Presentation #2: When AI Becomes Application Logic: Securing Shadow AI
AI is entering production faster than security teams can see it. From “simple” chatbot integrations to LLMs wired directly into business logic — and agents running entire application flows — organizations are accumulating Shadow AI: untracked, ungoverned, and often dangerously over-privileged.
This talk shows how AI quietly changes application behavior at runtime: expanding trust boundaries, introducing non-deterministic authorization paths, and creating blast radiuses that static inventories and policy checklists cannot capture.
Using real-world architectural patterns and runtime signals, we’ll demonstrate how security teams can identify where AI is actually used, what it can access, and how attackers abuse AI-driven logic to exploit new classes of vulnerabilities.
Attendees will leave with a practical framework for securing AI-powered applications — grounded in runtime behavior and evidence, not assumptions.
Speaker: Daniel Shechter
Daniel Shechter is the CEO and Co-Founder of Miggo, an Application Detection and Response platform. Shechter has an impressive background in both threat intelligence and within the security industry. Before founding Miggo he was leading cyber security teams in Israel's elite cyber intelligence division, Unit 8200. He later joined McKinsey, a strategy and management consulting company, where he provided guidance on acquisition, developing new business strategies and more. Shechter is an industry expert in security, incident detection and response, threat intelligence, and attack observability.
Awareness of the many cybersecurity threats, vulnerabilities, and solutions to mitigate these threats/vulnerabilities is instrumental in improving basic cybersecurity behaviours. A healthy body of knowledge has been devoted to exploring how to better increase awareness, in any given topic, among members of the general public which have explored the role of word of mouth (WOM) and electronic word of mouth (eWOM) in spreading awareness. In recent years, the rise of social media platforms as an alternative communication channel has created efforts to promote cybersecurity awareness online regarding the numerous cybersecurity threats. However, little research attention has been devoted to exploring eWOM communication on social media surrounding cybersecurity awareness. Moreover, no research to date has considered the impact of the COVID-19 pandemic on these eWOM discussions related to cybersecurity awareness. To address these literature gaps, this research collected 227, 270 relevant tweets surrounding cybersecurity awareness from 2018 to 2022 conducting an exploratory analysis of the corpus using social network analyses, topic modelling and semantic similarity analysis. The results found topics rose in prominence and then dissipated as newer topics emerged while information was found to spread incredibly far despite a high degree of community forming, suggesting the online discourse is very open and evolving over time. These findings illustrate the potential of social media as an effective tool for raising cybersecurity awareness. The impact of COVID-19 observed an increase in the reach of information in addition to new specific topics emerging in the discourse, but the effects appear to be temporary.
Speaker: Dane Vanderkooi
Dane Vanderkooi is a fifth-year Doctoral Candidate in management science at TorontoMet University who specializes in researching cybersecurity and digital privacy behaviours. He completed his bachelor's of commerce at Uottawa and holds a master's in management science degree from Ryerson University. Dane has published his research in academic journals, conferences and industry reports. Dane has also presented his research at various conferences including HC2P, SERENE-RISC, HCII, CyberToronto, ASAC and SocialMedia+Society, AMCIS, and ICIS. Dane is certified in cybersecurity (CC) from ISC2 and has practical experience working in the field of cybersecurity with private industry, non-for-profits, and the public sector including the Canadian Armed Forces, Public Health and Safety Canada, Justice Canada, Innovation Science and Economic Development (ISED), Bell, BMO, Desjardins, Ritchie Bros and Achev.
**************************************************************************************
Presentation #2: When AI Becomes Application Logic: Securing Shadow AI
AI is entering production faster than security teams can see it. From “simple” chatbot integrations to LLMs wired directly into business logic — and agents running entire application flows — organizations are accumulating Shadow AI: untracked, ungoverned, and often dangerously over-privileged.
This talk shows how AI quietly changes application behavior at runtime: expanding trust boundaries, introducing non-deterministic authorization paths, and creating blast radiuses that static inventories and policy checklists cannot capture.
Using real-world architectural patterns and runtime signals, we’ll demonstrate how security teams can identify where AI is actually used, what it can access, and how attackers abuse AI-driven logic to exploit new classes of vulnerabilities.
Attendees will leave with a practical framework for securing AI-powered applications — grounded in runtime behavior and evidence, not assumptions.
Speaker: Daniel Shechter
Daniel Shechter is the CEO and Co-Founder of Miggo, an Application Detection and Response platform. Shechter has an impressive background in both threat intelligence and within the security industry. Before founding Miggo he was leading cyber security teams in Israel's elite cyber intelligence division, Unit 8200. He later joined McKinsey, a strategy and management consulting company, where he provided guidance on acquisition, developing new business strategies and more. Shechter is an industry expert in security, incident detection and response, threat intelligence, and attack observability.
Yuk Fai Chan
OWASP Toronto Chapter
Reply all
Reply to author
Forward
0 new messages