WA Govt Changing Cyber Security Landscape

Transcription

1 Office of the Government Chief Information Officer GOVERNMERNT OF WESTERN AUSTRALIA WA Govt Changing Cyber Security Landscape Andrew Cann GCIO 16 August 2017

2 Key Principles to harness and drive cultural change INNOVATE COLLABORATE TRANSFORM CULTURE Risk Management Sector-wide Co-operation Partnering & Engagement PEOPLE Online Service Delivery Business-ICT Integration Digital Skills PROCESS Solution Design Business Intelligence Agile Sourcing DATA Information Management Information Exchange Data Quality & Security SYSTEMS Digital Business Systems Interoperability System Design TECHNOLOGY Use of Technology Integrated Communications Scalable Infrastructure SIMPLIFY CONNECT INFORM

3

4 f IaaS PaaS SaaS A B C D E F G H I APP1 APP2 APP3

5 C I A?

6 OAG Information Systems Audit Report June 2017

7

8 Building a Cyber Security Culture

9 Building Culture Top Down Defined through Policy Communicated - broadly Measured meaningfully Start simple build complexity Focus on People and Process

10 People, Process & Technology Improve Capability Incorporate Processes ISO Implement Technology

11 OGCIO Progress Digital Security Policy ISO27001 Briefings to Minister Cyber Security Briefing to all Director Generals Establish Government Yammer Cyber Community IAISMG Cyber Security Reference Group Engaging with Commonwealth Cyber CRC Bid Joint Cyber Security Centre

12 Digital Security Policy First published 2016 Updated 2017 with additional requirements and guidance material. Increasing maturity incrementally

13 Policy Requirements Policy Requirement One: Implement an Information Security Management System Policy Requirement Two: Governance and Accountability - detail decision rights, roles, and accountability. Policy Requirement Three: Assess and Treat Security Risks Policy Requirement Four: Continuous Improvement Agencies must include formal mechanisms for continuous improvement.

14 WA Govt Incident Management Average Time to Detect a breach? - Average Time to Contain a breach? days 66 days Rapid Detection and Response = Lower Cost Ponemon Institute 2017 Cost of Data Breach Study

15 Incident Management Many government agencies have no incident management plans or agreed understanding of what s important no decision support mechanism. Aims? Goals? Principles?

16 Key Aims Of Incident Management Minimise detection time; Minimise response time; and Minimise impacts on Agencies and the public

17 Key Goals Of Incident Management Detection The sooner an incident is detected the less damage can be done; Containment Minimises damage by stopping the spread of harm; and Remediation Corrects issues and returns services to normal.

18 Key Principles During Incidents Protection of citizens is the highest priority Protection of assets has priority over service delivery; Service Delivery must be balanced against digital investigation;

19 WOG Incident Management Escalation

20 Created May members Threat feed Collaboration on issues Agency alerts Community of Practice

21 Identifying the Skills Gap ISACA 2 million cyber security professionals; Professionals? Under Grad/Post Grad? 5-10 years experience? Certifications galore? Full Time Role. 90% technical skills 10% business? Are not getting executive buy-in Frustrated the business just doesn t get it.

22 1:500 Fingerprint Expert X 8 Ballistics Expert X 3 Forensic Expert X 3 7 years training 1:50 Scenes of Crime Officer (SOCO) X Weeks Training WA Police X Months Training

23 Doesn t require expert level experience Improve Capability Incorporate Processes ISO Implement Technology

24 Cyber Support Officer Cyber Support Officers ? Certificate level training; Business Focus; Can liaise with users/boards; Advise projects; User Awareness Cyber First Aid. Not necessarily a full time role. Requires expert, real time support