Defence in Depth: What’s Next?

Kent SchrammHead, Cyber Security

Outline

BackgroundDefence in DepthSecuring a networkRisk vs RewardPredictive IntelligenceEducation and awareness

Ontario Government

60,000 plus OPS employees 2,300 locations 27 ministries IT

Corporate CIO, CTO, CPO 8 CIOs

Ontario GO-Net

94,000 emails accounts Thousands of devices connected to

the network Cyber Security Branch

24/7 Ops Centre, forensics, IAM, risk management, security design, compliance, penetration testing, education & awareness, engagement

Defence In Depth

CyberSecurity

SecurityArchitecture

TRAs

Policies &Directives

IndustryStandards

SecurityAppliances

Anti-Virus

PenetrationTests

OperationsCentre

Compliance

PatchMgmt

UserEducation

Collaboration

How Cyber Security Is Viewed

How Cyber Security Should Be Viewed

Business Enabler Partner

Translate to the C-Suite

Need to stop being technical Simplify things And…

Layers of Security

Securing a House

ArchitecturalStandards

Safety Practices

Access Control

Deterrent

EmergencyResponse

Layers of Security

Securing a Network

ArchitecturalStandards

Safety Practices

Access Control

Deterrent

EmergencyResponse

IDS

IPS

Risk Vs Reward

Cyber security is a business risk and must be treated just like any other business risk

Risk must be managed and balanced against potential rewards

C, I, A Example 1 Example 2

Value of OPS Information Holdings

Information Type Who

Cabinet confidence information Organized crime

Budget Information Nation states

Tax and health records Hactivists

Police and Justice information Organized crime

Natural Resources (Ring of Fire) Others wanting to gain economic advantage

Intellectual property Others wanting to gain economic advantage

Predictive Intelligence

Using intelligence to predict where you will attacked next

Understand the threat Threat = Capability + Intent

What is happening in your environment Example 1

Intelligence Sources

Log files Collaboration Subscription and vendor services Others?

Education and Awareness

Double edged sword End user

Frequency Message Medium

Messaging

Offer to brief business units Cyber Security Awareness Month

Weekly Themes

What is Cyber

Security

Cyber Security Threats

Protections and

Safeguards

Working Together to Keep us Safe

Safety Online at

Home

Parting Thought

The CISO is a catalyst for change. We can enable business to meet their objectives while maintaining security

We are their partners

Questions/Discussion

CISOs know that to be truly secure, they must adopt a defence in depth approach to cyber security. But is this enough?  This presentation will describe the components of defence in depth and then discuss what steps the CISO should consider to take their organization’s cyber security to the next level. This includes partnering with business units on risk management, predictive intelligence and an aggressive cyber security awareness program.

23-04-19