UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Similar documents
Panel 1 National CSIRT Experience

Her Majesty the Queen in Right of Canada, Cat. No.: PS4-66/2014E-PDF ISBN:

National Cross Sector Forum Action Plan for Critical Infrastructure BUILDING A SAFE AND RESILIENT CANADA

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

PIPELINE SECURITY An Overview of TSA Programs

Responding to Cybercrime:

The Office of Infrastructure Protection

EU policy on Network and Information Security & Critical Information Infrastructures Protection

IT Security vs. Defensive Cyber Operations: The evolution of CAF Cyber

Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection

Response to Wood Buffalo Wildfire KPMG Report. Alberta Municipal Affairs

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

CYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response

European Union Agency for Network and Information Security

Office of Infrastructure Protection Overview

June 5, 2018 Independence, Ohio

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

The Office of Infrastructure Protection

Implementing Executive Order and Presidential Policy Directive 21

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

Security Director - VisionFund International

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

The Office of Infrastructure Protection

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

Global Security Advisor

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

National Policy and Guiding Principles

Action Plan for Canada s Cyber Security Strategy

Department of Homeland Security Updates

ENISA EU Threat Landscape

Emergency Management Response and Recovery. Mark Merritt, President September 2011

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

Department of Justice Policing and Victim Services BUSINESS PLAN

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Digital Health Cyber Security Centre

Slide 1. Slide 2. Slide 3. Public Safety Canada. Keep Canadians safe from a range of risks such as natural disasters, crime and terrorism.

DHS Cybersecurity: Services for State and Local Officials. February 2017

The Office of Infrastructure Protection

Overview of the Federal Interagency Operational Plans

Cyber Resilience. Think18. Felicity March IBM Corporation

THE WHITE HOUSE. Office of the Press Secretary. EMBARGOED UNTIL DELIVERY OF THE PRESIDENT'S February 12, 2013 STATE OF THE UNION ADDRESS

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

STRATEGIC PLAN. USF Emergency Management

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

Discussion on MS contribution to the WP2018

August Cyber Incident Management Framework for Canada

Bradford J. Willke. 19 September 2007

Cybersecurity for ALL

Donor Countries Security. Date

Public Safety Canada. Audit of the Business Continuity Planning Program

The Office of Infrastructure Protection

Statement for the Record

Corporate Security & Emergency Management Summary of Submitted 2015 Budget From Rates

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Cyber Security Strategy

Strategic and operational threat analysis at Europol's EC3

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

MASAS. Overview & Backgrounder Document. Consultation Package. CanOps

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Presidential Documents

G7 Bar Associations and Councils

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

Transportation Security Planning in British Columbia David Morhart, Deputy Solicitor General

ISAO SO Product Outline

Defending Our Digital Density.

Security and resilience in Information Society: the European approach

Cyber Security & Homeland Security:

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

POSITION DESCRIPTION

Cybersecurity, Trade, and Economic Development

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Commonwealth Cyber Declaration

Cyber Threat Landscape April 2013

CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017

CANARIE Mandate Renewal Proposal

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

The Australian Government s Approach to Critical Infrastructure Resilience

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

The Office of Infrastructure Protection

Member of the County or municipal emergency management organization

Protecting Canada s Nuclear Industry THE

Regional Resilience: Prerequisite for Defense Industry Base Resilience

Cyber Security: Threat and Prevention

ASEAN COOPERATION ON DISASTER MANAGEMENT. Disaster Management & Humanitarian Assistance Division, ASEAN Secretariat

Security and Privacy Governance Program Guidelines

HOSTED SECURITY SERVICES

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013

Strategic Security Analyst

Heavy Vehicle Cyber Security Bulletin

Industrial Control System Cyber Security

Transcription:

National and Cyber Security Branch Presentation for Gridseccon Quebec City, October 18-21 1

Public Safety Canada Departmental Structure 2

National and Cyber Security Branch National and Cyber Security Branch National Security Policy National Cyber Security National Security Operations Critical Infrastructure and Strategic Coordination National Security Policy CCIRC National Security Assessment and Analysis Critical Infrastructure Policy Intelligence Policy Policy and Issues Management National Security Operations Strategic Coordination and Partnerships 3

National Cyber Security Directorate National Cyber Security Directorate Policy and Issues Management Canadian Cyber Incident Response Centre (CCIRC) Value of NCSD Policy for CI Owners Operators & the Private Sector Cyber issues communicated to CCIRC inform consideration of policies & programs Cyber issues socialized amongst other Government Departments & Agencies (i.e. Innovation, Science, Economic Development, Royal Canadian Mounted Police) Engagement with other levels of government (provincial, territorial, municipal) Liaise with international governments (UN Group of Government Experts on Cyber Security, Five Eyes, Interpol) 4

National Cyber Security Directorate Four (4) Themes of Consultation for Cyber Review: Evolution of the Cyber Threat Increasing Economic Significance of Cyber Security Expanding Frontiers of Cyber Security Canada s Way Forward on Cyber Security 5

National Cyber Security Directorate Cyber Security Cooperation Program Five-year $1.5 million initiative Support projects that will help improve cyber security of Canada's vital cyber systems Available to CI owners and operators, industrial and trade associations, academics and research organizations 6

National and Cyber Security Branch Senior Assistant Deputy Minister National Security Policy National Cyber Security National Security Operations Critical Infrastructure and Strategic Coordination National Security Policy CCIRC National Security Assessment and Analysis Critical Infrastructure Policy Intelligence Policy Policy and Issues Management National Security Operations Strategic Coordination and Partnerships 7

Canadian Cyber Incident Response Centre Canada s computer security incident response team Mandate to coordinate the national response to significant cyber incidents. Point of contact for owners and operators of critical infrastructure to report cyber incidents 8

Critical Infrastructure and Strategic Coordination Directorate Provide strategic advice to the Minister on CI related issues Develop, coordinate and implement CI policies Build partnerships Implement an all-hazards risk management approach 9

CCIRC and Federal Cyber Partners CSIS collects info, assesses threats, produces intelligence & advises government on activities that may constitute a threat to the security of Canada. CRTC administrative tribunal regulating telecoms. SSC provides and protects GC IT infrastructure. PS leads the Government s efforts to protect Canada s CI from hazards, including physical & cyber dimensions; responsible for cyber emergency management. RCMP primary federal organization with the mandate to investigate criminal offences related to cybercrime CSE provides foreign signals intelligence; advice & services to protect Government info & infrastructure; technical/operational assistance to law enforcement & security agencies. DND/CAF conducts operations within DND/CAF networks to detect, defeat and/or mitigate offensive & exploitive actions; collects intelligence on cyber threats to DND/CAF. 10

Mitigation vs. Investigation in Cyber Security Mitigative Role Investigative Role CCIRC Advice and support to prevent, mitigate, prepare for, respond to, and recover from cyber events RCMP Crimeware, violations of Criminal Code CSE-CTEC Similar role as above, different resources CSIS Cyber espionage, attribution RRAP Advice and support for critical infrastructure operators to increase cyber security resilience CRTC Code removal requests with uncooperative hosting providers, investigations to enforce compliance 11

Pillar 1 Pillar 2 UNCLASSIFIED Pillar 3 Canada s Cyber Security Strategy Since the release of Canada s Cyber Security Strategy in 2010, Public Safety Canada has been working to implement the three pillars: Secure Government systems Improved cyber incident response capabilities Partner to secure systems outside the Government of Canada Strengthening Information Sharing Working with international partnersimproving services offered Training and outreach Help Canadians to be secure online Improved public awareness 12

CCIRC s Operational Cycle What kind of data does CCIRC use? Where/who does it come from? Input What tools and resources do we use to process the information? What is the value of this process? How do the results influence the input? Impact Output Analysis How do we disseminate the results? Which products or services do we provide? 13

Information Sharing Need for increased information sharing Complex environment Sophisticated methodologies Economic Impact Security Impact - Internet of Things - Ransomware - Advanced Persistent Threat - Major data breaches - Threats to ICS/SCADA - Increased publicity for cyber threats 14

CCIRC s Information Sharing Strategy Victims CCIRC s Incident Handling Team Malicious Code Removal Requests Other national CSIRTs Automated Analysis Tools Victim notifications Open Source and Industry National Cyber Threat Notification System 15

Suite of Technical and Executive Products 16

CCIRC Community Portal 17

2015: Geek Week CCIRC held its second annual Geek Week from November 16 to 20 Participation more than doubled from last year s inaugural event. CCIRC gained the equivalent of sixty-five weeks of new data from this event. 18

National Strategy and Action Plan for Critical Infrastructure To provide support to CI owners and operators, Canada established a National Strategy for Critical Infrastructure (2010) and an Action Plan 2014-2017 with three pillars: 1. Build trusted and sustainable partnerships 2. Advance the timely sharing and protection of information 3. Implement an all-hazards risk management approach 19

CI Gateway The CI Gateway is an encrypted, password protected platform for the sharing of unclassified information. The Global CI Gateway has provided a digital venue for international partners to connect virtually and share information across multiple working groups. Information products include: risk management documents, best practices, lessons learned, meeting material, standards, and events calendar. Among the array of CI related material contained on the Gateway, you can find cyber-related reports produced by internal and external partners such as CCIRC, the ICT Sector, the Integrated Terrorism Assessment Centre and Canadian Securities Establishment. 20

Files: Regional Resilience Assessment Program Regional Resilience Assessment Program (RRAP) is a site assessment program that evaluates critical infrastructure against the full range of risks and threats, including cyber and terrorist attacks - Examines vulnerabilities and readiness posture of facilities - Offers recommendations and guidance to enhance resilience and address vulnerabilities - Provides owners and operators with practical guidance to target limited resources for maximum benefits in terms of resilience - May Include tabletop exercises to assess progress and practice response and recovery measures 21

Critical Infrastructure Resilience Tool On-site, survey-based tool that measures the resilience and protective posture of a facility. Academically rigorous methodology gives overall and category-specific scores. Final Report contains: - the scores, including peer comparison; - a review of each significant asset and area (SAA) - facility commendables and vulnerabilities - options for consideration Interactive dashboard allows the owner/operator to build scenarios showing how potential investments could result in increased resilience. 22

Critical Infrastructure Multimedia Tool A multiplatform software tool that generates an interactive visual guide of a critical infrastructure facility for the owner/operator. Incorporates various forms of information, including: - 360 geospherical videos and pictures - floor plans (including identification of SAAs) - important corporate documents - CCTV (IP based) - links to the web Serves training, exercise, and tactical emergency response functions if shared with first responders. 23

Canadian Cyber Resiliency Review On-site, survey-based tool that measures the cyber security posture of an organization. Academically rigorous methodology gives overall and indicator-specific scores across 10 domains. Final Report contains: - the scores, including peer comparison; - key standards and other resources; - options for consideration CEO Summary Report provides high level review of findings and organizational response. 24

Critical Infrastructure Working Groups Sector networks have been established for each of the ten sectors to facilitate collaboration among governments and owners/operators National Cross Sector Forum brings together national leaders from each of the critical infrastructure sectors to provide updates on initiatives, discuss emerging issues of interest and set priorities to foster CI resilience Multi-Sector Network brings together working level sector representation to discuss initiatives, conduct exercises, etc 25

ICS Workshops Three day events: - Workshop: Two day training and community building opportunity Assisting Canada's critical infrastructure owners and operators to better secure their most critical Industrial Control Systems (ICS) and information technology assets. - Training: One day of hands-on development of basic incident handler skills for industrial control systems security professionals. Last Workshop: March 2016 in Ottawa, ON - 150 participants Next workshop: Nov. 22-24 2016 in Calgary, AB 26

Fundamentals of Cyber Security for Canada s CI Community - Overview Launched at Multi-Sector Network meeting 23 June 2016 Provides action-oriented and adaptable guidance and mitigation measures on five fundamental aspects of cyber security: Raising Security Awareness Defining Roles and Responsibilities Developing Policies and Standards Establishing a Cyber Security Plan Budgeting for Cyber Security Works towards achieving a minimum baseline level of cyber security within the chain of Cyber Security in the CI community A starting point for Cyber Security - Not a definitive guide on all aspects of cyber security 27

Virtual Risk Analysis Cell (VRAC) Fort McMurray 28

CCIRC Contacts & CISCD Contacts CCIRC Canadian Cyber Incident Response Center cyber-incident@canada.ca www.publicsafety.gc.ca/ccirc CISCD Critical Infrastructure and Strategic Coordination Division PS.CIEngagements-EngagementsIE.SP@canada.ca www.publicsafety.gc.ca/ci 29

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback