Defence in Depth: What’s
Next?
Kent Schramm
Head, Cyber Security
Outline
Background
Defence
in Depth
Securing a network
Risk vs Reward
Predictive Intelligence
Education and awareness
Ontario Government




60,000 plus OPS employees
2,300 locations
27 ministries
IT


Corporate CIO, CTO, CPO
8 CIOs
Ontario GO-Net



94,000 emails accounts
Thousands of devices connected to
the network
Cyber Security Branch

24/7 Ops Centre, forensics, IAM, risk
management, security design,
compliance, penetration testing,
education & awareness, engagement
Defence In
Depth
AntiVirus
Industry
Standards
Security
Appliances
Operations
Centre
Cyber
Security
Penetration
Tests
Policies &
Directives
Compliance
Security
Architecture
TRAs
Patch
Mgmt
Collaboration
User
Education
How Cyber Security Is Viewed
How Cyber Security Should Be
Viewed


Business Enabler
Partner
Translate to the C-Suite



Need to stop being technical
Simplify things
And…
Securing a House
Deterrent
Architectural
Standards
Safety Practices
Emergency
Response
Access Control
Layers of Security
Securing a Network
IPS
Deterrent
IDS
Architectural
Standards
Safety Practices
Emergency
Response
Access Control
Layers of Security
Risk Vs Reward





Cyber security is a business risk and
must be treated just like any other
business risk
Risk must be managed and balanced
against potential rewards
C, I, A
Example 1
Example 2
Value of OPS Information Holdings
Information Type
Who
Cabinet confidence information
Organized crime
Budget Information
Nation states
Tax and health records
Hactivists
Police and Justice information
Organized crime
Natural Resources (Ring of Fire)
Others wanting to gain economic
advantage
Intellectual property
Others wanting to gain economic
advantage
Predictive Intelligence





Using intelligence to predict where
you will attacked next
Understand the threat
Threat = Capability + Intent
What is happening in your
environment
Example 1
Intelligence Sources




Log files
Collaboration
Subscription and vendor services
Others?
Education and Awareness

Double edged sword




End user
Frequency
Message
Medium
Messaging


Offer to brief business units
Cyber Security Awareness Month
Weekly Themes
Week 1
Week 2
Week 3
Week 4
Week 5
What is
Cyber
Security
Cyber
Security
Threats
Protections
and
Safeguards
Working
Together to
Keep us
Safe
Safety
Online at
Home
Parting Thought


The CISO is a catalyst for change.
We can enable business to meet
their objectives while maintaining
security
We are their partners
Questions/Discussion
CISOs know that to be truly secure, they
must adopt a defence in depth approach
to cyber security. But is this enough? This
presentation will describe the components
of defence in depth and then discuss what
steps the CISO should consider to take
their organization’s cyber security to the
next level. This includes partnering with
business units on risk management,
predictive intelligence and an aggressive
cyber security awareness program.
13/04/2015