Commissioner Ian Dyson SRO, National Enabling Programmes IMORCC

Similar documents
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Cyber Security Strategy

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

ALIENVAULT USM FOR AWS SOLUTION GUIDE

Security

Cyber Resilience. Think18. Felicity March IBM Corporation

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Manchester Metropolitan University Information Security Strategy

Detecting breach. There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017

KEDAYAM A KAAPAGAM MANAGED SECURITY SERVICES. Kaapagam Technologies Sdn. Bhd. ( T)

Staffordshire University

External Supplier Control Obligations. Cyber Security

Transformation in Technology Barbara Duck Chief Information Officer. Investor Day 2018

SRM Service Guide. Smart Security. Smart Compliance. Service Guide

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Crash course in Azure Active Directory

Fintech District. The First Testing Cyber Security Platform. In collaboration with CISCO. Cloud or On Premise Platform

Background FAST FACTS

Response to Wood Buffalo Wildfire KPMG Report. Alberta Municipal Affairs

The Role of the Data Protection Officer

Digital Health Cyber Security Centre

Perfect Balance of Public and Private Cloud

European Union Agency for Network and Information Security

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Northamptonshire 2020 Protecting you from harm.

Regulating Cyber: the UK s plans for the NIS Directive

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Cloud for Government: A Transformative Digital Tool to Better Serve Communities

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Securing Your Digital Transformation

Asda. Privacy and Electronic Communications Regulations audit report

Optimisation drives digital transformation

T-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

align security instill confidence

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Uptime and Proactive Support Services

FDA & Medical Device Cybersecurity

Case Study. Encode helps University of Aberdeen strengthen security and reduce false positives with advanced security intelligence platform

Cyber Security Program

Protecting information across government

THE IMPLICATIONS OF PERFORMANCE, SECURITY, AND RESOURCE CONSTRAINTS IN DIGITAL TRANSFORMATION

Global Response Centre (GRC) & CIRT Lite. Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009

Cognizant Cloud Security Solution

CYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response

Security-as-a-Service: The Future of Security Management

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Cybersecurity Considerations for GDPR

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

COMPANY BROCHURE. About Us. Kinnectiv, LLC. Consulting. Security. Innovation. +1(888)

Data Protection and GDPR

Cybersecurity for Service Providers

Senior Manager Information Technology (India) Duration of job

General Data Protection Regulation: Knowing your data. Title. Prepared by: Paul Barks, Managing Consultant

Building a Resilient Security Posture for Effective Breach Prevention

IoT & SCADA Cyber Security Services

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Cylance Axiom Alliances Program

CYBER INSURANCE: MANAGING THE RISK

Arthritis Research UK

Welcome John Harris, Director General

Cybersecurity for ALL

POSITION DESCRIPTION

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Networks

Cyber Security Beyond 2020

Reinvent Your 2013 Security Management Strategy

Commercial transformation, procurement and R&D

Evolve Your Security Operations Strategy To Account For Cloud

Bring Your Own Device (BYOD)

M&A Cyber Security Due Diligence

Implementation Strategy for Cybersecurity Workshop ITU 2016

How to Prepare a Response to Cyber Attack for a Multinational Company.

Todd Sander Vice President, Research e.republic Inc.

Ofqual. Ofqual Supporting a Cloud-First Programme. Client Testimonial

Serious and Organised Crime Strategy - Local delivery

Best Practices in Securing a Multicloud World

IN THE FRAME. Computacenter Public Sector Frameworks FRAMEWORK

SIEM: Five Requirements that Solve the Bigger Business Issues

Angela McKay Director, Government Security Policy and Strategy Microsoft

The Center for Internet Security

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

INTELLIGENCE DRIVEN GRC FOR SECURITY

THE ACCENTURE CYBER DEFENSE SOLUTION

Tom Haye Chief Officer Hampshire Special Constabulary

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

a publication of the health care compliance association MARCH 2018

Information Security Strategy

NEXT GENERATION SECURITY OPERATIONS CENTER

Transforming the UK police force through digital technology. Switch to a new way of working with BT

WA Govt Changing Cyber Security Landscape

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Cyber Resilience - Protecting your Business 1

Transcription:

Commissioner Ian Dyson SRO, National Enabling Programmes IMORCC 24 January 2018 National Enabling Programmes Chiefs Council. January 2018

The Sympathy Card

What are the major components that the NEP programme will deliver for UK policing? Productivity Services Identity Access Management National Management Centre Providing UK forces with a standardised cloud platform and access to collaboration and business tools - at a better price. Allows us to work at work like we work at home. Giving Police forces access to each other s systems and applications, enabling officers and staff to get the data they need, when they need it regardless of location. Providing a 24*7 cybersecurity service for all UK forces to detect, protect, monitor, and respond to cyber threats with the ability to share Threat Intelligence with other agencies. NEP Proposed Solution NEP Proposed Solution Azure Information Protection NEP Model Office Solution National Management Centre All of this will be underpinned by a common blueprint design that enables a common standard with common controls. Reaction to new threats can be responsive against these common designs rather than 48 evaluations against different installations.

In practical terms, what will the NEP enable? 1 Officers can instantly share information on vulnerable children with social services 2 Police can share major incident plans with fire and ambulance, and collaborate in real time 3 Staff will log in once to all their systems irrespective of building, increasing efficiency and effectiveness 4 Virtual teams can video conference from wherever they are 5 External partners can be given access to police systems and information simply and securely 6 Cloud technology and security allows staff to work anywhere securely, allowing for radically different estate usage. Casualty Bureau can be created easily using virtual phone lines for emergency coordination 7 Body worn video from the scene can be used in suspect interviews 8 Police can speak directly to communities via Skype 9 Easier and better compliance with the new Data Protection legislation 10 Cyber attacks on police networks will be more easily detected, defended and responded to 11 Reduction in reputational risk which may result from major cyber incidents

What are some of the key challenges facing us? 1 Need to make savings 2 Inefficient and costly, bureaucratic processes 3 Ageing, incompatible policing systems 4 Disparate systems and information silos 5 Deskbound officers and staff 6 Lack of visibility of officers in the community 7 Lack of ability to efficiently share information with partners 8 By 2021 Microsoft will no longer release new products for local (non Cloud) deployment

Direct Immediate Benefits of PS & IAM Applications Security and Access Reduction in individual force expenditure Forces will be able to reduce overall IT costs by implementing new applications. IT resources redeployed IT staff could redeployed to other value added activities and spend less time on maintenance and support. Increased economies of scale and negotiating power Forces will receive a discount under the NPTC Memorandum of Understanding (MOU) licencing and the licences can be scaled per user. Improved information security Forces will receive a number of capabilities to improve information security, manage access and allow them to share information internally and externally more securely. Investment Enabled Benefits of PS & IAM Mobility Access Collaboration and Communication Reduction in staff time spent travelling for meetings/briefings Forces will be able to reduce the time spent traveling to meetings as a result of an improvement in collaboration tools. Improved access to systems and information, both internally and externally Staff and officers will be able to access information which is most appropriate to their role, any time and any where. Improved internal collaboration and communication Staff and officers will be able to collaborate and communicate with their colleagues and team members more easily, while securing information and controlling access. Improved external collaboration and communication Forces will be able to collaborate and communicate more easily with third party and external organisations with the support of productivity and communication tools.

Security Benefits of the NMC Reduction in exposure to DP breach findings from the ICO, in large part due to reduced exposure to GDPR s article 32 There will be effective monitoring and a central team, centrally coordinated DLP, supported by accredited policy on handling sensitive data, incidence response planning, all of which will reduce the likelihood of data breaches or losses. Security Risk avoidance of catastrophic incident The forces will have a technically able and effectively staffed NMC team available 24/7, monitoring and responding to threats. Realtime collection, analysis and correlation of systems generated events from in scope systems across the UK police forces infrastructure such as servers, network components, firewalls, databases and selected applications. Improved response and resolution of threats or incidents NMC provides national and local remediation activities from NMC alerts that flow from the regional police force networks. Strategic feeds can be delivered to assist forces for fast response to potential cyber threats. Collaboration & Communication Benefits of the NMC Security Collaboration and Communication Improved information security risk management capability SRM accelerator and integrator support will improve information security capability. More protected information exchange with collaborative agencies Forces will be better able to monitor and control file sharing. This benefit is dependent on Productivity Services tools which will reduce the need to courier or post information and provide Data Loss Prevention tools. Increased awareness, intelligence and communication of Cyber threats amongst police forces The NMC will formalise communication and reporting of cyber threats. Sharing of knowledge and expertise in responding to cyber threats means that forces will be more aware of cyber threats and the risk that they pose.

What are the projected savings of the NEP deal? The negotiated NEP deal requires that we agree to sign-up 89,000 seats this year. This is only 40% of the total planned seats. Early indications show 14 million savings over the next 3 years for Kent & Essex. Findings from pilot forces * Average cost of a large organisation s worst security breach each year, according to a 2015 HM Government survey

What are the team doing next? 1 Ahead of the full platform launch in March 2018, assisting with business cases and preparing for delivery across our early adopter and pilot forces: - Kent & Essex - Thames Valley - Hampshire - West Yorkshire - Merseyside 2 3 4 Engaging with the next wave of forces on their business case development and change readiness positions, working with your practitioners. Continuously reviewing opportunities for how the new applications/systems can be used to improve any force processes unique to local or regional level, and sharing learning. Impact assessing the delivery of NEP products to build improved support plans for your teams at implementation. 5 Reviewing resourcing implications on the NEP team in order to plan ahead the support needed to assist forces as they join.

National Enabling Programmes Chiefs Council. January 2018 Questions? Commissioner Ian Dyson SRO, National Enabling Programmes IMORCC

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback