Commissioner Ian Dyson SRO, National Enabling Programmes IMORCC

Transcription

1 Commissioner Ian Dyson SRO, National Enabling Programmes IMORCC 24 January 2018 National Enabling Programmes Chiefs Council. January 2018

2 The Sympathy Card

3

4 What are the major components that the NEP programme will deliver for UK policing? Productivity Services Identity Access Management National Management Centre Providing UK forces with a standardised cloud platform and access to collaboration and business tools - at a better price. Allows us to work at work like we work at home. Giving Police forces access to each other s systems and applications, enabling officers and staff to get the data they need, when they need it regardless of location. Providing a 24*7 cybersecurity service for all UK forces to detect, protect, monitor, and respond to cyber threats with the ability to share Threat Intelligence with other agencies. NEP Proposed Solution NEP Proposed Solution Azure Information Protection NEP Model Office Solution National Management Centre All of this will be underpinned by a common blueprint design that enables a common standard with common controls. Reaction to new threats can be responsive against these common designs rather than 48 evaluations against different installations.

5 In practical terms, what will the NEP enable? 1 Officers can instantly share information on vulnerable children with social services 2 Police can share major incident plans with fire and ambulance, and collaborate in real time 3 Staff will log in once to all their systems irrespective of building, increasing efficiency and effectiveness 4 Virtual teams can video conference from wherever they are 5 External partners can be given access to police systems and information simply and securely 6 Cloud technology and security allows staff to work anywhere securely, allowing for radically different estate usage. Casualty Bureau can be created easily using virtual phone lines for emergency coordination 7 Body worn video from the scene can be used in suspect interviews 8 Police can speak directly to communities via Skype 9 Easier and better compliance with the new Data Protection legislation 10 Cyber attacks on police networks will be more easily detected, defended and responded to 11 Reduction in reputational risk which may result from major cyber incidents

6 What are some of the key challenges facing us? 1 Need to make savings 2 Inefficient and costly, bureaucratic processes 3 Ageing, incompatible policing systems 4 Disparate systems and information silos 5 Deskbound officers and staff 6 Lack of visibility of officers in the community 7 Lack of ability to efficiently share information with partners 8 By 2021 Microsoft will no longer release new products for local (non Cloud) deployment

7 Direct Immediate Benefits of PS & IAM Applications Security and Access Reduction in individual force expenditure Forces will be able to reduce overall IT costs by implementing new applications. IT resources redeployed IT staff could redeployed to other value added activities and spend less time on maintenance and support. Increased economies of scale and negotiating power Forces will receive a discount under the NPTC Memorandum of Understanding (MOU) licencing and the licences can be scaled per user. Improved information security Forces will receive a number of capabilities to improve information security, manage access and allow them to share information internally and externally more securely. Investment Enabled Benefits of PS & IAM Mobility Access Collaboration and Communication Reduction in staff time spent travelling for meetings/briefings Forces will be able to reduce the time spent traveling to meetings as a result of an improvement in collaboration tools. Improved access to systems and information, both internally and externally Staff and officers will be able to access information which is most appropriate to their role, any time and any where. Improved internal collaboration and communication Staff and officers will be able to collaborate and communicate with their colleagues and team members more easily, while securing information and controlling access. Improved external collaboration and communication Forces will be able to collaborate and communicate more easily with third party and external organisations with the support of productivity and communication tools.

8 Security Benefits of the NMC Reduction in exposure to DP breach findings from the ICO, in large part due to reduced exposure to GDPR s article 32 There will be effective monitoring and a central team, centrally coordinated DLP, supported by accredited policy on handling sensitive data, incidence response planning, all of which will reduce the likelihood of data breaches or losses. Security Risk avoidance of catastrophic incident The forces will have a technically able and effectively staffed NMC team available 24/7, monitoring and responding to threats. Realtime collection, analysis and correlation of systems generated events from in scope systems across the UK police forces infrastructure such as servers, network components, firewalls, databases and selected applications. Improved response and resolution of threats or incidents NMC provides national and local remediation activities from NMC alerts that flow from the regional police force networks. Strategic feeds can be delivered to assist forces for fast response to potential cyber threats. Collaboration & Communication Benefits of the NMC Security Collaboration and Communication Improved information security risk management capability SRM accelerator and integrator support will improve information security capability. More protected information exchange with collaborative agencies Forces will be better able to monitor and control file sharing. This benefit is dependent on Productivity Services tools which will reduce the need to courier or post information and provide Data Loss Prevention tools. Increased awareness, intelligence and communication of Cyber threats amongst police forces The NMC will formalise communication and reporting of cyber threats. Sharing of knowledge and expertise in responding to cyber threats means that forces will be more aware of cyber threats and the risk that they pose.

9 What are the projected savings of the NEP deal? The negotiated NEP deal requires that we agree to sign-up 89,000 seats this year. This is only 40% of the total planned seats. Early indications show 14 million savings over the next 3 years for Kent & Essex. Findings from pilot forces * Average cost of a large organisation s worst security breach each year, according to a 2015 HM Government survey

10 What are the team doing next? 1 Ahead of the full platform launch in March 2018, assisting with business cases and preparing for delivery across our early adopter and pilot forces: - Kent & Essex - Thames Valley - Hampshire - West Yorkshire - Merseyside Engaging with the next wave of forces on their business case development and change readiness positions, working with your practitioners. Continuously reviewing opportunities for how the new applications/systems can be used to improve any force processes unique to local or regional level, and sharing learning. Impact assessing the delivery of NEP products to build improved support plans for your teams at implementation. 5 Reviewing resourcing implications on the NEP team in order to plan ahead the support needed to assist forces as they join.

11 National Enabling Programmes Chiefs Council. January 2018 Questions? Commissioner Ian Dyson SRO, National Enabling Programmes IMORCC