Defence in Depth: What’s Next? Kent Schramm Head, Cyber Security Outline Background Defence in Depth Securing a network Risk vs Reward Predictive Intelligence Education and awareness Ontario Government 60,000 plus OPS employees 2,300 locations 27 ministries IT Corporate CIO, CTO, CPO 8 CIOs Ontario GO-Net 94,000 emails accounts Thousands of devices connected to the network Cyber Security Branch 24/7 Ops Centre, forensics, IAM, risk management, security design, compliance, penetration testing, education & awareness, engagement Defence In Depth AntiVirus Industry Standards Security Appliances Operations Centre Cyber Security Penetration Tests Policies & Directives Compliance Security Architecture TRAs Patch Mgmt Collaboration User Education How Cyber Security Is Viewed How Cyber Security Should Be Viewed Business Enabler Partner Translate to the C-Suite Need to stop being technical Simplify things And… Securing a House Deterrent Architectural Standards Safety Practices Emergency Response Access Control Layers of Security Securing a Network IPS Deterrent IDS Architectural Standards Safety Practices Emergency Response Access Control Layers of Security Risk Vs Reward Cyber security is a business risk and must be treated just like any other business risk Risk must be managed and balanced against potential rewards C, I, A Example 1 Example 2 Value of OPS Information Holdings Information Type Who Cabinet confidence information Organized crime Budget Information Nation states Tax and health records Hactivists Police and Justice information Organized crime Natural Resources (Ring of Fire) Others wanting to gain economic advantage Intellectual property Others wanting to gain economic advantage Predictive Intelligence Using intelligence to predict where you will attacked next Understand the threat Threat = Capability + Intent What is happening in your environment Example 1 Intelligence Sources Log files Collaboration Subscription and vendor services Others? Education and Awareness Double edged sword End user Frequency Message Medium Messaging Offer to brief business units Cyber Security Awareness Month Weekly Themes Week 1 Week 2 Week 3 Week 4 Week 5 What is Cyber Security Cyber Security Threats Protections and Safeguards Working Together to Keep us Safe Safety Online at Home Parting Thought The CISO is a catalyst for change. We can enable business to meet their objectives while maintaining security We are their partners Questions/Discussion CISOs know that to be truly secure, they must adopt a defence in depth approach to cyber security. But is this enough? This presentation will describe the components of defence in depth and then discuss what steps the CISO should consider to take their organization’s cyber security to the next level. This includes partnering with business units on risk management, predictive intelligence and an aggressive cyber security awareness program. 13/04/2015