How to Troubleshoot Apps for the Modern Connected Worker
Itir oct0714-network security-en
1. Shared Services Canada
Cyber and IT Security Framework
Presentation to the Information Technology Infrastructure
Roundtable
October 7, 2014
Benoît Long, Senior Assistant Deputy Minister, Transformation,
Service Strategy and Design, and Chair of the Architecture
Framework Advisory Committee
2. 2
• Integrated IT security
risk management
• Security through end-
to-end design
• Enhanced information
and system
protection
• Real-time detection of
security incidents
• Swift incident
response and
recovery
Current State End State Benefits
• One enterprise perimeter/border
defence services
• One enterprise standard secure
remote access solution
• One enterprise secret network to
enable collaboration
• Approximately 20,000 users
• Standardized enterprise SOC
with alternate site
• Coordinated proactive rapid
response and recovery
Cyber and IT Security:
Current-state and End-state Targets
• One enterprise device security
solution with data loss prevention
• 27 perimeter/border defence
services
• 22 different security remote access
solutions
• 32 isolated department-specific
secret networks
• 10,000 users
• Various maturity level Security
Operations Centres (SOC), some
with rudimentary services
• Reactive, slow and siloed response
to cyber threats
• 42-department device security
implementation with partial data
loss prevention services
• Enterprise robust IT security risk
management
• IT security integrated into the
design
• 42 department-specific IT security
risk-management approaches
• IT security as an “add-on”
CYBERSECURITYITSECURITYGCSECRET
IT
3. 3
Cyber and IT Security Framework
INFRASTRUCTURE
& DATA
• Aligned to Canada’s Cyber
Security Strategy (CCSS)
• Security and privacy built in as
part of end-to-end service
design
• Partnership with Treasury
Board Secretariat,
Communications Security
Establishment Canada and
Public Safety
Shared Services Canada is mandated to
protect the infrastructure and associated data-
in-transit, storage, and use.
OPERATE EVOLVE TRANSFORM
4. Cyber and IT Security Functions
4
PREVENTION
• Trusted infrastructure
products and services
through supply chain
integrity
• Cyber and IT security
(including privacy)
policies and standards
• Security awareness and
training
• Infrastructure protection
services
• Data protection services
• Identity, Credentials and
Access Management
services
• Secret infrastructure
services
• Business continuity and
emergency management
DETECTION
• Coordination of GC-
wide monitoring,
detection, identification,
prioritization and
reporting of IT security
incidents
• Automated, real-time
threat monitoring,
security information and
event management and
analysis
• Log analysis and
investigations
• Security and privacy
assessment
• Vulnerability
assessments
RESPONSE
• GC-wide coordination
and remediation of IT
security incidents
• Threat assessment and
situational reporting
• Coordination and
distribution of GC
product alerts, warnings
and advisories
• Forensics
• Software integrity
through security
configuration or
replacement
• Infrastructure integrity
through configuration or
replacement
RECOVERY
• Highly specialized IT
security incident
recovery services
• Mitigation advice and
guidance
• Vulnerability
remediation
• Post-incident analysis
SECURITY MANAGEMENT
Governance Innovation Engagement Risk Management
PREVENTION DETECTION RESPONSE RECOVERY
5. 5
Security Principles
Trusted equipment and services through supply chain integrity
Security and privacy by design to ensure that all aspects of security are
addressed as part of design, balancing service, security and savings
Gradual enhancement from a network-based security model to include
application and data-centric security – apply security controls as close to the
data as practical
Privileged access to data will be maintained and multi-tenancy will be built into
systems where sensitive data owned by one partner cannot be seen by
another partner or by unauthorized individuals.
Security breaches in one part of the infrastructure are quickly detected and
contained without spreading to other parts of the infrastructure.
Maintain and improve the security posture as part of moving to enterprise
services (i.e. don’t reduce security).
6. 6
Elaborate and define the functions as part of Shared Services Canada’s
enterprise services.
Develop a multi-year roadmap toward the implementation of the enterprise
services.
Develop associated organizational roles and responsibilities and a costing
framework.
Next Steps